2. Methodology

2.1. The following sources of information have informed the preparation of this draft:

• An initial briefing from the project team.
• "All of Government Authentication Project" Power Point presentation given to the Office of the Privacy Commissioner by the project team.
• The two privacy impact assessment reports prepared by Pacific Privacy Consulting (referred to above), and the document entitled Authentication for e-government Review of Privacy Impact Assessment Recommendations
• Meetings with the Office of the Privacy Commissioner.
• IPP12 and the Shared Keys Implementation Report 27 September 2004
• Research of Issues for Māori relating to the Online Authentication Project, for State Services Commission 29 March 2004 Paua Interface Limited
• Authentication Programme Shared Logon Initial Implementation High Level Design (Jan 05)
• Shared Logon Infrastructure Request for Proposal
• Shared Logon Initial Implementation Application Architecture. SSC & Datacom April 2005
• Non-Intrusive Identity Management Dr. Stefan Brands McGill School of Computer Science & Credentica March 23, 2004
• Who Goes There?: Authentication Through the Lens of Privacy
  Computer Science and Telecommunications Board National Academies Press (2003)
• Liberty Alliance, and Microsoft Passport materials
• Privacy Impact Assessment Handbook Office of the Privacy Commissioner

Terms and Acronyms

2.2. There has not been consistent use of central terms over the life of the project, or even in that part of the project to which this report relates. The Government Logon System, is variously referred to as the Common Logon System, Shared Login System, the Common Login Site and other variants; Keys and key providers are referred to in some papers as authentication credentials and credential providers. Another workstream within SSC is underway to standardise terms, and develop a common glossary.

2.3. For the purposes of this report, the following terms and acronyms are used

GLS

Government Logon System, a shared all-of-government service for logon management. Comprised of the CLS and KP.

CLS

The Common Logon Site, a website that provides the Internet facing front end of the GLS to service users

Key

A means of service users confirming their identity to access online services that is available only to that user. It could be as simple as a user name and password, or could be a token, digital certificate, etc.

KP

Key Provider is a part of the GLS that provides keys to the user and provides for their on-going maintenance.

Key Serial Number (KSN)

The unique number assigned to a key by the key provider

Modified Key Serial Number (MKSN)

A unique, random number specific to the Service Agency generated by the GLS corresponding to the RKSN. It bears no resemblance to the KSN or RKSN, but is used by the Service Agency as the means of linking the key presented by the user at the GLS to the Service Agency's own user unique identifier.

Service Agency

A government department or agency which provides an online service or services, and uses the GLS as the means of confirming the identity of service users.

Service User

A member of the public who uses the online service or services that are provided by Service Agencies.

Session ID

A different unique number generated by the Service Agency, so that the returned authentication assertion from the GLS to the Service Agency is matched to the original user access attempt to the service.

Root Key Serial Number (RKSN)

The unique, random number associated with one or more KSNs that a Service User chooses to group together.

A Service User can choose to have one or more keys of the same or different strengths and group them together in one or more RKSNs. Each RKSN generates a unique MKSN specific to a Service Agency. The Service Agency links the MKSN with its user unique identifier created by an appropriate establishment of identity process.

As an illustration of this conceptually, consider a user choosing to use the system in the following way: