1 of 23

1

Overview of the Pan-Canadian Trust Framework v2.0

(a.k.a. the “Beta” Version)

Consultation Deck

For Discussion Purposes Only

For discussion purposes only. Open Government - Canada License

2 of 23

Trust Framework Goals

  1. Simple and integrative framework that is easy to understand but can be applied in a complex enviroment
  2. Technology-agnostic to provide flexibility and logical precision in assessing the trustworthiness of digital identity solutions and providers
  3. Complement existing frameworks (security, privacy, service delivery, etc.)
  4. Provide clear links to applicable policy, regulation and legislation (by defining conformance criteria that can be easily mapped)
  5. Normalize (and standardize) key processes and capabilities to enable cross-sector collaboration and ecosystem development.

2

For discussion purposes only. Open Government - Canada License

3 of 23

3

All Federation Members

PTs, IRCC, etc.

Foundational Identity Versus Functional Identity

Functional Identity

Pan-Canadian Trust Framework

Foundational Identity

Public sector

Public and private sector

For discussion purposes only. Open Government - Canada License

4 of 23

PCTF Trusted Representations and Trusted Processes

  • Currently Identified for the PCTF:
    • 3 trusted respresentations
    • 24 atomic trusted processes
  • Extensible approach: other trusted processes can be added as required
  • Interoperable: the trusted processes can be mapped to Vectors of Trust (VoT)
  • The atomic trusted processes can be divided among 3 broad categories:
    • Identity Assurance
    • Credential Assurance
    • Notification and Consent
  • Various atomic trusted processes are often grouped together to form compound trusted processes

4

For discussion purposes only. Open Government - Canada License

5 of 23

5

Trusted Digital Representations

Trusted Digital Identity (Person)

Trusted Digital Identity (Organization)

Verified Relationship

For discussion purposes only. Open Government - Canada License

6 of 23

6

Trusted Digital Identity (Individual)

Identity Assurance (Verified Person)

Credential Assurance (Verified Login)

Notification and Consent (Confirmation and Binding)

Trusted Digtial Identity

Trusted Supporting Infrastructure (see detail on later slide)

For discussion purposes only. Open Government - Canada License

7 of 23

Trusted Process Model

A trusted process is an activity (or set of activities) that results in a state transition in an object that can be relied on by other trusted processes.

7

Trusted �Process

Object Input �State

Object Output �State

Conformance Criteria ensure process integrity

An output state that can be relied on as a ‘proof’ (or ‘verifiable claim’) by others

Formalizing (and standardizing) the trusted processes, the input states, the output states, and the conformance criteria, is the essence of defining the trust framework!

For discussion purposes only. Open Government - Canada License

8 of 23

8

Trusted Processes (Atomic)

Validate Authorization for Consent

Credential Issuance

Request Consent

Liveness and Fraud Detection

Formulate Notification Requirements

Identity-Credential Binding

Identity Linking

Identity Resolution

Identity Verification

Identity Establishment

Identity Validation

Identity Maintenance

Signature

Credential Authentication

Credential Recovery

Credential Revocation

Credential Maintenance

Authentication

Session Initiation

Authentication

Session Termination

Credential Suspension

Persist Consent

Consent Maintenance

Review Consent

Consent Notification

For discussion purposes only. Open Government - Canada License

9 of 23

9

Identity Assurance

Liveness and Fraud Detection

Not Checked

Liveness and Fraud Checked

Identity Verification

Unattributed Claims

Attributed Claims

Identity-Credential Binding

Unbound Credential

Bound Credential

Identity Establishment

No Authoritative Record

Authoritative Record

Identity Resolution

Non-Unique Identity Information

Unique Identity Information

Identity Validation

Unconfirmed Identity Information

Confirmed Identity Information

Identity Linking

Unlinked Identifier

Linked Identifier

Identity Maintenance

Non-Current Identity Information

Current Identity Information

Trusted Processes (Atomic)

Foundational Identity

Verified Person

Functional Identity

For discussion purposes only. Open Government - Canada License

10 of 23

10

Credential Assurance

Credential Revocation

Issued Credential

Revoked Credential

Credential Recovery

Inactive Credential

Issued Credential

Authentication Session Initiation

No Session

Authenticated Session

Credential Authentication

Issued Credential

Authenticated Credential

Credential Issuance

No Credential

Issued Credential

Credential Suspension

Issued Credential

Inactive Credential

Authentication Session Termination

Authenticated Session

No Session

Credential Maintenance

Inactive Credential

Issued Credential

Trusted Processes (Atomic)

Unknown Actor

Verified Login

(Authenticated User)

For discussion purposes only. Open Government - Canada License

11 of 23

11

Notification and Consent

Review Consent

Consent

Reviewed Consent

Persist Consent

One-Time Consent

Ongoing Consent

Consent Notification

No Notification

Notification Issued

Formulate Notification Requirements

No Notice

Notice Provided

Validate Authorization for Consent

Presumed Authorization

Validated Authorization

Request Consent

No Consent

Consent

Consent Maintenance

Consent

Updated Consent

Trusted Processes (Atomic)

No Permission

Permission

For discussion purposes only. Open Government - Canada License

12 of 23

12

A trusted digital Identity can be conceptualized as a set of trusted process outputs (or proofs) that are independent of conveyance method.

Depending on the ecosystem, some of these trusted processes may be carried out by multiple parties at different points in time .

Trusted Digital Identity�(a set of trusted process outputs)

Liveness and Fraud Checked

Attributed Claims

Bound Credential

Authoritative Record

Unique Identity Information

Confirmed Identity Information

Current Identity Information

Authenticated Credential

Issued Credential

Authenticated Session

Consent

Validated Authorization

Notice Provided

Ongoing Consent

Updated Consent

Reviewed Consent

Notification Issued

For discussion purposes only. Open Government - Canada License

13 of 23

13

No.

Trusted Process

LOA/Vector Requirement

Trusted Digital Identity Provider

Credential Service Provider

Relying Party

1

Identity Resolution

MADI

ESDC

2

Identity Establishment

3

MADI

ESDC

3

Identity Validation

3

MADI

4

Identity Verification

3

MADI

ESDC

5

Identity Maintenance

3

MADI

ESDC

6

Liveness and Fraud Detection

MADI

ESDC

7

Identity-Credential Binding

MADI

8

Identity Linking

ESDC

9

Credential Issuance

2

MADI

10

Credential Authentication

2

MADI

11

Credential Suspension

2

MADI

12

Credential Recovery

2

MADI

13

Credential Maintenance

2

MADI

14

Credential Revocation

2

MADI

15

Authentication Session Initiation

2

MADI

16

Authentication Session Termination

2

MADI

17

Validate Authorization for Consent

MADI

ESDC

18

Formulate Notification Requirements

MADI

ESDC

19

Request Consent

MADI

ESDC

20

Persist Consent

MADI

ESDC

21

Consent Maintenance

MADI

ESDC

22

Review Consent

MADI

ESDC

23

Consent Notification

MADI

ESDC

24

Signature

...

Trusted Processes can be carried out by multiple parties

(e.g., MyAlberta Digital Identity being consumed by ESDC)

For discussion purposes only. Open Government - Canada License

14 of 23

14

Compound Trusted Processes

Trusted Digital Identity Creation

Identity Creation

Identity Confirmation

Identity Registration

Linking

Notification and Consent

Binding

Credential Creation

Credential Authentication

Service Enrolment

Service Registration

For discussion purposes only. Open Government - Canada License

15 of 23

15

Example of a Compound Trusted Process: Identity Confirmation

Identity Confirmation

Identity Validation

Identity Maintenance

Liveness and Fraud Detection

Identity Verification

For discussion purposes only. Open Government - Canada License

16 of 23

16

Trusted Digital Identity Provider

Trusted Digital Identity Creation

Credential Creation

  • Credential Issuance

Identity Creation

  • Identity Resolution
  • Identity Establishment

In scope for the PCTF assessment process

Identity Proofing

Identity Registration

Notification and Consent

  • Validate Authorization for Consent
  • Formulate Notification Requirements
  • Request Consent
  • Persist Consent
  • Consent Maintenance
  • Review Consent
  • Consent Notification

Identity Confirmation

  • Identity Validation
  • Identity Maintenance
  • Liveness and Fraud Detection
  • Identity Verification

Trusted Supporting Infrastructure

Binding

  • Identity-Credential Binding

Credential Authentication

  • Credential Authentication
  • Credential Suspension
  • Credential Recovery
  • Credential Maintenance
  • Credential Revocation
  • Authentication Session Initiation
  • Authentication Session Termination

For discussion purposes only. Open Government - Canada License

17 of 23

17

Relying Party

Service Enrolment (without a Trusted Digital Identity)

Credential Creation

  • Credential Issuance

Identity Creation

  • Identity Resolution
  • Identity Establishment

Identity Proofing

Identity Registration

Notification and Consent

  • Validate Authorization for Consent
  • Formulate Notification Requirements
  • Request Consent
  • Persist Consent
  • Consent Maintenance
  • Review Consent
  • Consent Notification

Identity Confirmation

  • Identity Validation
  • Identity Maintenance
  • Liveness and Fraud Detection
  • Identity Verification

Trusted Supporting Infrastructure

Binding

  • Identity-Credential Binding

Credential Authentication

  • Credential Authentication
  • Credential Suspension
  • Credential Recovery
  • Credential Maintenance
  • Credential Revocation
  • Authentication Session Initiation
  • Authentication Session Termination

For discussion purposes only. Open Government - Canada License

18 of 23

18

Relying Party

Service Enrolment (with a Trusted Digital Identity)

Identity Creation

  • Identity Resolution
  • Identity Establishment

Identity Proofing

Service Registration

Notification and Consent

  • Validate Authorization for Consent
  • Formulate Notification Requirements
  • Request Consent
  • Persist Consent
  • Consent Maintenance
  • Review Consent
  • Consent Notification

Identity Confirmation

  • Identity Maintenance
  • Liveness and Fraud Detection
  • Identity Verification

Trusted Supporting Infrastructure

Linking

  • Identity Linking

For discussion purposes only. Open Government - Canada License

19 of 23

Trusted Processes and Conveyance

19

Trusted �Process

Input �State

Output �State

Trusted �Process

Input �State

Output �State

Party A

Party B

Traditional/Centralized Model

Trusted process outputs (i.e., proofs) are independent of conveyance model. The proofs (output states) can be conveyed using a traditional/centralized model (e.g., a trusted third party) or a decentralized model (e.g., a distributed ledger, a blockchain) – or both.

Trusted �Process

Input �State

Output �State

Party A

Distributed Ledger; Blockchain

Decentralized Model

Trusted �Process

Input �State

Output �State

Party B

Conveying a proof from one party to another party

Trusted Third Party

For discussion purposes only. Open Government - Canada License

20 of 23

20

Trusted Supporting Infrastructure

Digital Service Delivery

Privacy and Security

Audit and Logging

Federation Interoperability - Standards and Specifications

PCTF Endorsements

Service Authorization and Access

Auditing

Logging

Security Assessment and Authorization

Privacy Impact Assessment

Pan-Canadian Endorsement

Jurisdictional Endorsement

Technical (e.g., SAML, OIDC)

Business (e.g., PCIM Standards)

Communications

User Needs and Experience

Service Level Agreements

Resource Management

Access Control

Service Authorization

Relying Parties only

All Federation Members

For discussion purposes only. Open Government - Canada License

21 of 23

Vectors of Trust

  • A proposed IETF standard (RFC 8485, October 2018)
  • Currently consists of 4 components:
    • Identity Proofing (P): describes how likely it is that a given digital identity transaction corresponds to a particular, real-world identity subject
    • Primary Credential Usage (C): defines how strongly the primary credential can be verified by the TDIP
    • Primary Credential Management (M): conveys information about the expected lifecycle of the primary credential in use, including its binding, rotation, and revocation
    • Assertion Presentation (A): defines how well the TDI can be communicated across the network without information leaking to unintended parties and without spoofing

21

For discussion purposes only. Open Government - Canada License

22 of 23

22

Using an Associative Entity

Internal and External Many-to-Many Relationships

Entities and Relationships

Person

Organization

0:n

0:n

0:n

Person

Relationship

Organization

0:n

0:n

For discussion purposes only. Open Government - Canada License

23 of 23

23

Government of Canada Digital Standards

A Set of Guiding Principles

Design with users

Iterate and improve frequently

Work in the open by default

Use open standards and solutions

Address security and privacy risks

Build in accessibility from the start

Empower staff to deliver better services

Be good data stewards

Design ethical services

Collaborate widely