Secure Service Design on G Cloud

Vine Solutions Service page:

Search Terms:

Secure Service Design”secure service design”&lot=cloud-support

Identity, Trust and Risk”identity trust risk”&lot=cloud-support

Meta Data Design”meta data design”&lot=cloud-support

Trusted Attributes”trusted attributes”+&lot=cloud-support

Trusted Transaction”trusted transaction”+&lot=cloud-support

We help you to deliver secure trusted cloud services: balancing Identity, Trust, Risk, and Trusted Attributes, delivering low friction user journeys, with user-centric data ownership and appropriate privacy for your user. We help with modelling data, meta-data and applying open standards to enable inter-organisational services and self-service outcomes. We plan, train and advise. We produce strategic architecture, profile standards and create Secure Service Designs.

What is Secure Service Design?

Without security and privacy there is no trust.
Without trust there are no safe transactions.
The purpose of a digital identity is to give the permission to act.

User Centric Secure Service Design

In our view, Secure Service Design involves:

Understanding your service needs and the risk profile of your service

Defining Identity Proofing and Identity Authentication capabilities (including HMG standards – GPG45 & 44)

Balancing risk and trust to ensure both minimum friction and business protection

Creating Identity and Trust architecture, ensuring the business service is designed in a secure Risk and Trust Framework

Securing and authenticating transactions (not just the user’s identity), applying dynamic authentication and transactional trust, seeing trust as a prerequisite for meaningful transactions, supporting counter-fraud capability

Architecting Trusted Attribute service design, modelling data and meta-data, ensuring that the service can obtain and effectively employ trusted data across service and organisational boundaries and providing context for counter-fraud capability

Respecting the customer’s Data Protection rights and applying privacy by design, and respectful appropriate consent management

Enabling access by persons on behalf of another – delegation of authorisation to trusted intermediaries and assistants

Applying and profiling open standards for Identity, Authentication and Authorisation and trust eco-system design (e.g. OAuth2, User Managed Access-UMA, Open ID Connect, JWT standards, Token protection, OWL/RDF/JSON-LD)

Ensuring that the whole end to end design has a coherent and configurable authorisation capability, across all components: browser, person, organisation, system, API, service.

For more information please visit the GCloud links above and download the service definition document from Service Definition on GC11.