A few days ago my fellow blogger Chase Jones outlined how access governance is the key to compliance and risk management. So, I wanted to take a look at a real life application and how it was being used. On the other side of the globe is Macau, which, along with Hong Kong, is a special administrative region (SAR) of the People's Republic of China. As the most densely populated region in the world, with a population density of 47,728 persons per square mile, you can image the headaches in the public administration offices there. On top of that I read on BBC News recently that Macau gambling revenue has propelled it past Las Vegas and made it the world's top casino market.
So, just what is the Macau SAR Government doing with Access Manager and why? "We believe that electronic governance development is a major component in public administration reform." said an official. They wanted to provide public services while increasing the effectiveness and efficiency. But, he also talked about increasing openness, transparency and participation; improving the quality of policy decision-making and promoting the social development and economic growth of the region.
They are dedicating a lot of resources in developing electronic governance and part of that effort was the development of public e-services. A lot of these require the user to have an account to enable login.
Personally, I fear part of the reason I'm a little thin on top is down to the stress of having to work with multiple access codes and processes for each e-service I deal with. I now wish I lived in Macau for they realized how inconvenient to users and how hard managing or memorizing so many different logins could be. Also, they openly admit, it had been a headache for the government agencies to manage user repositories and login accounts.
So they needed a solution that allowed users to have a single login that would enable them to use the e-services offered by all government agencies; but that also cut the workload of government agencies as far as user management is concerned. A single sign-on solution which supported major federation standards and offered extra security features such as 2-factor authentication. What they selected and implemented is delivery and providing user repository management for cross-agency projects, single sign-on for public e-services so that users only need to log in once and better security with 2-factor authentication.
In late 2009, the Macau SAR Government started the ePass project and they continue to work with government agencies and other organizations in Macau to widen the deployment. They, with a little help from us, are now able to provide even more easy to use e-services to their citizens and provide more secure authentication. It has been so succesful that it is winning awards, including the Asia Pacific Information and Communication Technology Alliance (APICTA) annual award program honoring outstanding Information and Communication Technology (ICT) organizations within the region - e-Pass took home Gold in the Macau ICT 2011.
Posted
Jul 18 2011, 10:00 AM
by
David Shephard
Filed under: single sign-on, IAM, Identity Management, e-services, 2-factor authentication, Macua, SAR, China, People's Republic of China, Identity and Access Management, APICTA, ePass, Access Governance