DG-BCTF Business Case - Government to Government non-PKI Federation

Owned by Former user (Deleted)
Last updated: Apr 28, 2015 by Former user (Deleted)
2 min read

Status: preliminary (Analysis based on the Austrian eGovernment Federation - other experiences very welcome)

Austrian eGovernment Federation

  • Parties form a closed federation with a homogenous jurisdiction (federal, state and local government and public social security)
  • Benefit of the established federation: Large number users, organizations and applications would not scale if authentication and authorization would not be delegated.
  • Business case in early stage: 
    1. Added cost and time effort to make the identity management of the new Citizen Registry web application reusable for other applications was small compared to the total project cost. Long-term benefit was favored over short-term savings.
    2. Competing centralized (non-federated) identity management by a federal service agency was more expensive and also failed due to inflexible design.
    3. More projects from the same agency that provided the initial project won most small and some large agencies to the system
    4. With each new project more organizations provided identities and deployment cost was reduced.
  • Business case in later stage: Larger agencies refused to use services outside the federation
  • The number of implementations of IdPs and SPs was reduced over the time

Business model for agencies using external applications

There are 2 quite distinct cases:

  1. Larger agencies with own IT-shop. They usually run an integrated provisioning system for their users and want to integrate internal and external applications. The number of security regulations should be kept low. They have a fast benefit from integrating their provisioning using the federation.
  2. Agencies with outsourced IT: They are initially neutral to whatever makes their systems work. If the number of applications rises, they realize that provisioning is much faster within a federation.

Business model for agencies providing external applications

Some organizations with a more centralized or coordinated IT-strategy submit their application development and purchasing to the standards required by the federation and have a single deployment and management schema. 

Organizations with more decentralized IT competences usually have more trouble to understand the benefits of a common approach. The cost to communicate, understand and implement federation concepts is frequently perceived higher than short-term project-specific benefits.

Business model for other parties

The Federal Chancellery is the (not for profit) federation operator and its operation is quite light-weight. Other than that there are no parties except product and service providers.