Added Business Value
The Identity and Access Management (IAM) project of the Federal Public Services (FPS) Finances (Belgian Ministry of Finances) started in 2005. FPS Finances set up an IAM service for its ~30.000 internal users. Over the years, the IAM service has been successfully and progressively integrated to an increasing number of business applications.
In 2010, a second project was initiated to extend the internal users IAM service to external users (citizens or mandated users like accountants,…). The project has been called FedIAM. The purpose of the project is to authenticate and to authorize external users to access SPF Finances internal applications, the best known application being Tax-On-Web.
The Project & Paradigmo
Paradigmo has delivered the complete FedIAM project as subcontractor of Oracle, in a firm fixed-price agreement. The project started in September 2010 and was delivered in January 2012. It has been in production since March 2012. The project was led by a project manager of Oracle and delivered by 4 engineers of Paradigmo. The engineering effort has been estimated to ~1000 man/days.
Paradigmo currently participates in the ongoing operation and support of the IAM/FedIAM platform.
The main technical components covering the delivery of the project are:
- OpenSSO, the web access manager originally developed and supported by Sun Microsystems
- The Federal Authentication Service (FAS) of Fedict (now BOSA) that authenticates the external users and provides some authorization attributes
- The “Policy Manager”, an ABAC security policy authoring tool. It has been extended in the context of the FedIAM project in order to provision security policies to IAM and FedIAM environments concurrently
- The “Mandate” database. This is an authorization database that has been integrated to provide additional authorization information.