Nearly three years after the Victorian government announced project Rosetta - a unified identity management infrastructure - nine departments will join the Department of Justice in the next few months in using the system.
Department of Infrastructure deputy CIO and Rosetta program director, Geoff Beggs told an identity management conference in Sydney last week why such an ambitious "meta directory infrastructure" was needed.
"We had thousands of directory entries with multiple versions of the same person's address [and] many of us carry six or seven cards to let us into buildings," Beggs said. "These systems are separate and result in loss of productivity if any of the information changes, for example, when a person leaves. As it is now I can get into building I shouldn't have access to."
Rosetta's design goal is to provide a "simple, authoritative source" of a person's identity which will also be an infrastructure enabler where "other things" will be built on it.
The approach to connect various systems to a departmental meta directory was preferred over a super directory which would be "too hard". Systems like HR, finance, network operations, and e-mail are connected to the meta directory.
"A departmental meta directory houses the information and a central hub connects [those] systems," Beggs said. "We then pump a reduced subset of the information to the hub which is used for ID joining."
With the federated identity infrastructure Rosetta provides, if an employee joins one department the information is sent to the hub which verifies whether the person already has an identity elsewhere and if so an e-mail is sent to the two departments.
Also launched last week in Victoria was a state business master-key pilot program - similar to the federal government's business entry point - that allows a business to register a company profile and use that across agencies to avoid multiple logins. Rosetta also opens the possibility of creating a "citizen-focused" master key allowing single sign-on across departments.
"We have various e-government initiatives in Victoria [aimed at] putting people at the centre where they can deal with government in an easier way," Beggs said. "Rosetta has identity management at the software level, but we don't know if we will have an employee ID card."
Beggs also spoke of some lessons learnt during the development of Rosetta, such as provisioning and de-provisioning are "both quite important".
"When people leave it's also important to deny their login, because we have had employees come back months later and be able to login," he said. "This is difficult across multiple agencies [because] each attached system is only passed the information it needs. The concept of abstracting that information will make it better from a privacy perspective."
Rosetta will also handle contractors and because some employees want anonymity "we've designed the system to cope with that".
Beggs said because Rosetta is connecting large systems like health and education, it paves the way for a large vision of a state portal connecting "possibly up to 4.5 million" people.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.