Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

New Brunswick conquers identity management with virtual directory

John Moore | Sept. 23, 2014
The Province of New Brunswick has made federated identity services a key component of its interagency identity management service, which provides the gateway to dozens of applications.

The Province of New Brunswick has made federated identity services a key component of its interagency identity management service, which provides the gateway to dozens of applications.

Service New Brunswick (SNB), a provincial-owned corporation, serves as the primary identity provider for government services in the province. SNB provides more than 200 services to the public on behalf of multiple government departments. The organization provides over-the-counter services at office locations, operates a call center and offers online services.

SNB uses Radiant Logic's RadiantOne, a federated identity technology, to pull together disparate directories into a single location for application authentication and authorization. Radiant Logic includes a meta, local and virtual directory within its federated identity offering. The company refers to the virtual directory component as VDS.

The federated identity service operates within a CA Technologies identity management environment, which includes SiteMinder, for single sign-on and identity access management, and CA Directory.

Today, VDS facilitates access to about 150 applications, including 25 to 30 major line-of-business applications and gBIZ, a framework that lets citizens conduct a range of government transactions online.

"It definitely became a much bigger piece of our identity management platform than we anticipated," says Nick Bishop, technical strategist with SNB.

Identity Management Effort Starts Small, Gains Steam

Initially, SNB deployed VDS to support the New Brunswick Department of Health. The department purchased an off-the-shelf application as the foundation for its Patient Access to Quality Care system. The system lets doctors and external service providers working with patients in rehabilitation centers view patient profiles and share case notes. Patients can access the system as well.

The application involved many different user communities and different directories, but it would only accept a single Lightweight Directory Access Protocol (LDAP) source and a single authorization group. The Department of Health came to SNB for advice and that's when the agency began looking for a virtual directory.

[ Related: Yahoo Attack Places Spotlight on Identity Management ]

Bishop said SNB evaluated four or five products and selected RadiantOne. The software stood out as a purpose-built federated identity service, which included a virtual directory, Bishop says. Other product offerings required configuring different options in order to serve as just a virtual directory; the virtual directory function "was a secondary use of the other products," he notes.

RadiantOne federated identity service integrated the identity information from the various directories, so the Patient Access to Quality Care application could leverage a single source of identity data. Other Department of Health applications have since signed on for use of RadiantOne.

From its foothold in the Department of Health, the federated identity service eventually took on an extended role within SNB and the province. While SNB was evaluating virtual directory technology, the province was in the midst of an identity management system overhaul. The new system brought with it a new way of authenticating apps.

 

1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.