UNIFY Solutions and Axenic: Developing Identity and Access Management Frameworks and Patterns
The New Zealand government architecture team, within the Department of Internal Affairs needed to set a clear direction for agencies to adopt standard Identity and Access Management (IAMS) Frameworks for internal users, taking into account new demands for cloud and shared government services.
The emerging requirements associated with cloud and shared government services place greater demands and emphasis on IAMS. Identity is recognised as the core of the new information security model and the basis of managing authorisation and access to systems and services in the future.
In partnership with Axenic (providing information security, privacy and risk consulting), UNIFY led a team that analysed the range of use cases across all New Zealand government agencies.
As a result of this analysis we were able to develop a range of patterns and anti-patterns that are available for use by Government Agencies:
- Processes and infrastructure components to support the wide adoption of Public Cloud and government Common Capability; - The following key patterns were applicable to support adoption of AoG common capabilities, shared accommodation and public cloud services; - Active Directory Domain Replication; - Desktop SSO (Kerberos) Authentication Pattern; - Directory Virtualisation Pattern; - Federated Authentication Pattern; - Federated Trust with Push Provisioning Pattern; - Federated Trust with Pull Provisioning Pattern; - Inter-Agency Federated Trust Pattern; - Centralised Federation Router Pattern; and Preferred Provisioning and Federated Authentication Pattern
This unique piece of work produced outcomes that can now benefit all New Zealand government agencies and is an example of how UNIFY works in coordination with our partners such as Axenic to bring about such results.
Axenic was founded in 2009, with the idea was simple: provide high-quality information security and privacy advice to help and support clients to achieve their business goals and objectives.
Using recognised frameworks, standards and methodologies to deliver consistent, repeatable, traceable and defendable advice - rather than unspecified “best practice” or unsupported opinions. Delivered by experts with extensive real world experience across both the public and private sectors.
Learn more about Axenic.