National e-Authentication Framework

Overview

The National e-Authentication Framework (NeAF) will assist agencies, jurisdictions and sectors in authenticating the identity of the other party to a desired level of assurance or confidence. The NeAF encompasses the electronic authentication (e‑authentication) of the identity of individuals and businesses dealing with the government, on one side of the transaction, as well as the authentication of government websites on the other side. The NeAF positions e‑authentication within the broader context of an agency’s approach to identity and risk management and provides guidance on developing the processes and technology required to provide the desired level of confidence. While the Framework supports an agency-specific model where each agency develops its own, separate, technology solution, it recognises and accommodates broader sectoral and whole of government e‑authentication initiatives. These are supported through the re-use of existing authentication credentials and consideration of a variety of identity management frameworks. The NeAF was endorsed by the Online and Communications Council in December 2008. National e-Authentication Framework Diagram. Text description below.

Text description of the National e-Authentication Framework

The National e-Authentication Framework comprises the Framework itself , management and executive summaries and a suite of 4 better practice guidelines: Volume 1 Identity e-Authentication, Volume 2 Website Authentication, Volume 3 e-Authentication Implementation Models and Volume 4 Strategy & Positioning. In addition the Framework provides the following supporting resources: schedules of recommended registration approaches and e-authentication mechanisms and management approaches, website authentication mechanisms, standards that underpin the Framework, an online e-authentication risk assessment tool and e-authentication schemes services and initiatives. The Framework documentation suite is available below:

National e-Authentication Framework Documentation

Executive Summary

Management Summary

Better Practice Guideline 1 Identity e-Authentication

Better Practice Guideline 2 Website Authentication

Better Practice Guideline 3 Implementation Models

Better Practice Guideline 4 Positioning and Strategy

Glossary

Australian Government e-Authentication Framework – better practice guide to authorisation and access management [PDF 1.7 MB] (Currently being revised) This better practice guide is a framework for agencies to use in addressing the authorisation and access management requirements for the provision of online services to Australian businesses.


Contact for information on this page: authentication@finance.gov.au