AGIMO - Australian Government Information Management Office
- AGIMO - Overview
- AGIMO - Gatekeeper ad hoc advice (2009)
- AGIMO - Australian Government e-Authentication Framework for Individuals (AGAFI) (May - August 2006)
- AGIMO - Gatekeeper Public Key Infrastructure Framework (February 2006)
- AGIMO - Identity Management for Government Employees (IMAGE) Framework (January 2006)
AGIMO - Overview
Galexia continues to provide trusted strategic advice to the Australian Government and agencies on authentication, identity management and privacy issues.
Galexia sat on the GateKeeper Policy Committee and has provided input to the national Authentication working group.
AGIMO - Gatekeeper ad hoc advice (2009)
Galexia provided advice for the Standard Business Reporting (SBR) project. The SBR project promises an easier, faster and simpler business-to-government reporting mechanisms, but introduces a number of technical and privacy issues.
AGIMO - Australian Government e-Authentication Framework for Individuals (AGAFI) (May - August 2006)
Galexia completed work with the Department of Finance and Administration to conduct consultancy services for the Australian Government e-Authentication Framework for Individuals (AGAFI). The project involved the provision of strategic advice, and the provision of a Privacy Impact Assessment (PIA) and Privacy Management Strategy (PMS) documentation for publication.
Galexia also undertook investigation of technical approaches to protecting privacy in online transactions, known as Privacy Enhancing Technologies (PETs). This incorporated assessments of the potential for PETs to enhance the uptake of online services, including their effectiveness, their maturity as protocols, implementation issues such as barriers to implementation, interoperability between these protocols and usability.
In order to delineate and facilitate the large amount of work involved, the reports created by Galexia were associated with nine separate tasks:
- Task 1. PIA and PMS - Conduct a Privacy Impact Assessment and develop a Privacy Management Strategy
- Task 2: PETs - Investigate and report on technical approaches to protecting privacy in online transactions, known as Privacy Enhancing Technologies (PETs).
- Task 3: Website Authentication - Investigate and report on possible means to authenticate and assure the integrity of government websites to users.
- Task 4: Legal Liability - Investigate and report on the legal liability implications of government agencies relying on the evidence of identity and other identity management processes of other agencies and non government organisations
- Task 5: Governance - Investigate and report on best practice governance arrangements for the AGAF for Individuals
- Task 6: Technical Approaches - Investigate and report on technical approaches to authentication and protecting data shared by participating agencies
- Task 7: Options - Investigate and report on options for:
(a) Whole of government and multi-agency transactions, such as change of address/circumstances;
(b) Authentication portals for both individuals and businesses;
(c) Single/simplified sign on for multi agency and whole of government transactions; and
(d) Potential involvement of non government organisations (such as banks and financial institutions) as providers of identity credentials which could be relied on by government.
- Task 8: Economic Model - Rank options for implementation, detailing the rationale for ranking. Such rationale should include economic modelling that estimates the potential costs, savings, efficiencies and benefits.
The documents also looked to investigate and report on the legal liability implications of government agencies relying on the evidence of identity and other identity management processes of other agencies and non-government organisations such as banks and financial institutions. Galexia’s work incorporated the examination of best practice governance arrangements for the framework including an examination of current implementations in other national and international jurisdictions.
This project was an extension of previous Galexia work for AGIMO, and was a joint undertaking with Doll Martin Associates.
AGIMO - Gatekeeper Public Key Infrastructure Framework (February 2006)
Galexia completed a project with the Department of Finance and Administration to undertake consultancy services relating to the Gatekeeper Public Key Infrastructure (PKI) Framework.
The Gatekeeper Strategy governs the use of PKI in government for the authentication of external clients. The strategy provides a whole-of-government framework that delivers integrity, interoperability, authenticity and trust for agencies and their clients. The strategy is underpinned by a standards-based, technology-neutral accreditation program for issuers of digital certificates.
The Framework is aimed at making the application of PKI less complex and more affordable for businesses and government agencies. It better aligns the Gatekeeper Strategy with the way governments and businesses conduct their day-to-day activities. The Framework introduced new categories of digital certificates for Organisations and Individuals.
Galexia worked with the Australian Government Information Management Office (AGIMO), who works across government to maintain Australia's position as a leader in the productive application of information and communications technologies (ICT) to government administration, information and services.
The project included 17 deliverables:
- Output 1: Known Customer
- Output 1.1: Bronze Guidebook
- Output 1.2: Silver Guidebook
- Output 1.3: Bronze Certificate Profile template
- Output 2: Legal
- Output 2.1: Head Agreement
- Output 2.2: Community-of-Interest MOU
- Output 2.3: Template Service Agreement
- Output 2.4: Core Obligations Policy
- Output 3: Security
- Output 3.1: Pro Forma Threat Risk Assessment (TRA) template
- Output 3.2: Provider security requirements
- Output 4: Special Purpose Certificates
- Output 4.1: Hosted
- Output 4.2: Corporate Certificate
- Output 4.3: Digital Credentials
- Output 4.4: Special Purpose Certificates
- Output 5: Privacy
- Output 5.1: PIA - Privacy Impact Assessment
- Output 5.2: PMS - Privacy Management Strategy
- Output 5.3: PICs - Privacy Implementation Checklists
AGIMO - Identity Management for Government Employees (IMAGE) Framework (January 2006)
Galexia completed a project with AGIMO to conduct a Privacy Impact Assessment (PIA) and develop a Privacy Management Strategy (PMS) for the Identity Management for Government Employees (IMAGE) Framework. The framework provides infrastructure, protocols, policy and work practices that will allow government agencies to efficiently manage the identities of their employees and contractors. It aims to provide a consistent, transparent identity management system across the Australian Government, build trust across agencies and facilitate confidence in the associated identification credential. The framework operates in accordance with the Public Service Act (1999), the Australian Government Protective Security Manual and the Australian Government Authentication Framework (AGAF).