Cabinet Office to publish PSN identity federation details
Identity federation will provide way that PSN services can 'identify' bona fide users
The Cabinet Office is shortly expected to publish details for tenderers for the Identity Services element of the Cloudstore III framework of how the framework will be used to procure the Public Sector Internal Identity Federation (PSIIF) service.
The service is expected to be a key component of the Public Services Network (PSN) in that it provides a way that services can 'identify' bona fide users.
The participants in PSIIF will comprise the Public Services Network Authority (PSNA), identity providers, service providers and attribute providers along with the Federation Hub service and the Policy store service. PSIIF will be administered and managed by the PSNA ensuring compliance with the Trust Framework that underpins the federation by all parties to the PSIIF.
According to the document published by the PSN Infrastructure Security & Cyber Defence team, PSNA currently intends to procure the Federation Hub and Policy Store services and to procure them from Cloudstore III. However, it says, this does not preclude others purchasing or selling federation hubs through other routes, nor does it preclude the use of solutions in the identity services section of Cloudstore III for other purposes. Additional services may be purchased by user organisations or service providers.
The team says that PSIIF will be implemented using the SAML 2.0 standard for exchanging identity assertion information to allow assertion of trusted identities across the security domains within the federation.
According to suppliers group Intellect, once the tendering process is complete, the PSN programme will review all offerings under the Identity Services category against the high level requirements published and move forward with the selection of a number of suppliers to provide some or all of the services required to support the PSIIF.