2 Cabinet paper authentication principles
- The Minister of State Services presented a Cabinet Paper to the Chair of the Cabinet Committee on Government Expenditure and Administration (EXG) on 16 April 2002. Cabinet confirmed the recommendations of the Committee on 22 April 2002.
- In considering the options for implementation, the following principles are proposed:
|
Implementation Principle |
Explanation |
|
User focus |
Ensuring the recommended solutions are as convenient, easy to use and non-intrusive as possible |
|
Enduring solution |
Providing a solution that is enduring yet sufficiently flexible to accommodate change and a wide range of current and future transactions |
|
Affordability and reliability |
Ensuring the recommended solutions are affordable and reliable for the public and government agencies |
|
Technology neutrality |
Ensuring a range of technology options is considered, and as far as possible avoiding 'vendor capture' |
|
Risk-based approach |
Providing an approach based on agreed trust levels that protects identity and personal information |
|
Legal compliance |
The solution must comply with relevant law, including privacy and human rights law |
|
Legal certainty |
Relationships between the parties should be governed in a way that provides legal certainty |
|
Non-repudiation |
The issue of non-repudiation must be considered for those transactions that require it, so that the risk of transacting parties later denying having participated in a transaction is minimised |
|
Functional equivalence |
Authentication requirements should be similar to those that apply to existing transactions except where the online nature of the transaction significantly changes the level of risk |
[ Previous ]
