24.04.2008 16:30-17:30

2nd European Identity Conference
Business Case Study


<a Dr. Horst Walther, Kuppinger Cole

Universal CV – A Job Provider Circle of Trust based on HR-XML

The aim of the CV Universel project is to give to an applicant the ability to store and share his CV data information in a circle of trust of Job providers.
The CV is based on the Europass CV model, which is the European Commission proposal for a European standard cV and is supported by their Cedefop Agency (the European EURES system is compliant with this standard).

This project is supported by the french ‘Ethic and Recruiting’ association as well as Syntec Recruiting’ syndicate (association of more than 140 recruiting agencies in France).
The CV universel will use the HR-XML / EIfEL / Europortfolio proposal for a XML binding of this CV standard using HR-XML specifications supported by the industry.
To allow privacy data sharing of CV data this project will be based on the Liberty Alliance Web Service Framework including support of the draft proposal for a new Liberty Identity Service Interface Specifications for HR systems based on the HR-XML CV XML Binding.

This project will start its implementation phase in January 2008 and the pilot phase will start in March with three first job providers in the circle of trust:

  • La Poste
  • L’Oreal
  • Integra (SME)

So this is a potential of more than 100 000 users per year.

The implementation and pilot phase of this project will be managed by EIfEL.
All the components used to build this federation are already existing in opensource, they will be updated to support this new HR Identity Service Interface Specifications.

The aims of this presentations are to:
– Explain the choices related to standards, components and architecture and how it is profitable for both the end user and the Job providers partners.

  • Give the first results of the pilot phase.
  • Give more information about the cost and difficulties to adapt / include new providers in this kind of circle of trust.
  • Give some perspectives, especially at eGovernment level.

Diginotar: How to Launch a User centric E-Identity service – Are you Ready?

Organisations want to know the e-Identity of their users, but not be bothered with the management of all those e-Identities. These universal global needs have led to new techniques for User Centric e-Identity mechanisms resulting in a need for independent authentication services.

DigiNotar uses a SAML compliant Dutch open source standard providing an independent e-Identity Service. The Dutch government uses the same open source standard for millions of citizens that communicate with governmental web-applications. Organisations can “outsource” the e-Identity role to an independent and generic authentication service to enable quick online access to their e-businesses. DigiNotar e-Identities are cross-domain cross-application.

DigiNotar not only manages the systems but also provides a secure identification process to verify e-identities. By doing so, we take liabilities over from companies. On the other hand, we try to safeguard the privacy of the user. Users have the opportunity to access the applications anonymous.

Although the managed service is easy to setup and use, it is important that companies make a mind shift to start using a generic authentication service. Drs. de Bos will share his experience on e-Identity management by presenting examples from the financial, healthcare, legal and insurance sector. Different factors that influence success will be highlighted in the presentation:

  • Legal issues: what is the minimum level of identity control, who will identify users and which legal status will that e-Identity have;
  • Registration processes : what are their responsibilities of the organisations, their users and the independent authentication service provider;
  • Management of the Identity: a user-centric model makes it possible for organisations to invite users to register their personal authentication mechanism themselves. The user manages his own data;
  • Distribution of tokens: avoiding effort from the application provider that does not see it as it’s core and is not bothered with management of e-Identities.
  • One e-Identity for multiple applications: an open standard and interoperability between applications and solutions enables the usage of a single universal e-identity or even authentication mechanism for multiple applications;
  • Privacy: the ability to have anonymous authentication through an independent authentication provider.

The open structure of the technology makes it possible to extend the use to other e-Identity Providers. It is not a question more of technology, but the Trust Level of the e-Identity Provider.

Seraphinite AcceleratorOptimized by Seraphinite Accelerator
Turns on site high speed to be attractive for people and search engines.