Public Sector Internal Identity Federation


Public Sector Internal Identity Federation, or PSIIF, is an IT service developed by the British government.

Service


PSIIF is an identity federation service, to allow civil servants and other public-sector actors to authenticate against other public sector IT systems; potentially offering Single Sign On across multiple departments and agencies, and on the G-cloud. This allows better sharing of information and services.[1]

PSIIF offers several "levels of assurance" of identity:

Level of assuranceIdentity verificationCredentialsAccreditation
0NoneNot applicableNot applicable
1BPSS and photographic IDUser ID and passwordSelf-assessment
2BPSS and photographic IDUser ID and password; additional controls around the client deviceSelf-assessment
3BPSS and photographic IDStrong authentication, such as two-factorIndependent accreditation
4National ID schemeNot appropriate for PSIIF

Access to systems with higher-impact data would usually require higher levels of assurance. PSIIF is designed to support services handling OFFICIAL information, with business impact levels from IL1 to IL3.

PSIIF will use SAML2.[2]

Project


References


  1. "Public Sector Internal Identity Federation (PSIIF)". HM Government. Archived from the original on 14 October 2013. Retrieved 12 October 2013. CS1 maint: discouraged parameter (link)
  2. "Cabinet Office to publish PSN identity federation details". Kable. Retrieved 12 October 2013. CS1 maint: discouraged parameter (link)