British Business Federation Authority

  • Introduction - British Business Federation Authority

    The BBFA (British Business Federation Authority) is a not-for-profit, self-regulating organisation to enable the implementation of federated trust across regulated UK companies and industries, based on strong authentication and authorisation policies, procedures and mechanisms, using industry investment. Its Steering Group comprises major companies from several regulated industry sectors.

    Under the Steering Group’s direction, the BBFA’s working groups and Policy Management Authorities (PMAs) are starting to leverage existing international best practice to produce policies, procedures and enable the implementation of services for federated trust. The PMAs include Government representation.

    Read more...

  • Riding the Identity Tsunami

    lipofwave thumb

    First the transistor then the computer then the Internet. Each of these has been a tsunami, having huge effect upon society and business, which no one really foresaw. The next tsunami is already upon us - federated identity management.

    Read more...

Operations

The following federation capabilities are under development for operation in 2012:

  1. UK PKI Bridge (compliant with ISO 29115 and other international standards)
  2. Secure Email Service leveraging PKI federation
The following federation capabilities are being planned for operation in 2013:
  1. UK IPV Service (based on the UK Identity Proofing & Verification Framework)
  2. UK Register of Legal Organisations (ROLO)
  3. UK Enrolment Service
  4. UK Secure Printer Service based on Pancras
  5. UK Audit & Accreditation Service, based on tScheme

 

Enabling Government Collaboration

A growing number of local and central government organisations have plans for federated identity & access management.  Led by the NHS and the police, many of these are working with BBFA on collaborative pilots and operational implementation for the secure sharing of sensitive information with industry and government partners both on and off PSN.  BBFA facilitates federation with other governments for international federation.

Enabling Industry Collaboration

The international aerospace and defence, and pharmaceutical supply chains have deployed PKI federation extensively to authenticate people, organisations and systems, and for secure email, ID-linked encryption, strong digital signature and physical access control. Their purpose is secure collaboration and the sharing of sensitive information. The benefits, in terms of re-use, reduced risks and costs, transpire into significant competitive advantage.  Other industries are beginning to follow suit.  These behaviours are beginning to flow into the consumer space, opening up new markets for trust such as Big Data.

Enabling Counter-Fraud

Europol report that ID Fraud is the top enabler for all aspects of crime across Europe.  UK's NFA indicate £73 bn of fraud this year, up 20%.  Pan-European fraud is estimated at €500 bn - the biggest contributor to the € crisis. The business cases for counter-fraud are considerable.   In initiatives such as PANCRAS, BBFA is working with others to reduce fraud dramatically, through the implementation of standards-based Identity Proofing & Verification for persons, organisations, devices and software.

Enabling Cyber Security

BBFA is working internationally with cyber security organisations to establish a baseline of preventative Security Controls, including federation, for any organisation sharing sensitive information and seeking to insure their risks - and also to enable the sharing of cyber Situational Awareness information across cyber security organisations for better, shared decision making.  A multinational Information Sharing Framework has been developed in 2012 and will be enhanced in 2013 to enable implementation - enabling businesses and governments to insure for risks more affordably and to demonstrate their trustworthiness.

Latest News:

News 2013.

  • 20 Mar.  BBFA-Intellect mutual update
  • 19 Mar. MNE7 Transition Meeting announced 28/29 May @Brussels 
  • 12 Mar.  Multinational CCSA Proof of Concept planning
  • 8 Mar. Cabinet Office host UK IPV WG Start Up meeting
  • 25 Apr.  ISO SC27 WG5 and ETSI meeting in France, including ISO 29003 and 29115 
  • 15 Apr. Informal BBFA discussions with NZ Gov
  • 8 Mar. Cabinet Office & industry meeting on UK IPV standard development
  • 5 Mar. MNE7-EU discussions @Brussels
  • 19-21 Feb.  MNE7 Cyber Transition Workshop to create a new multinational organisation to implement Collaborative Cyber Situational Awareness (CCSA)
  • 12 Feb.  BBFA Policy Management Authority progresses federation policies for the UK PKI Bridge
  • 12 Feb.  UK NAO announce NAO Report: UK Cyber Security Strategy Landscape Review
  • 7 Feb. EU announce the EU Cyber Security Strategy, a Directive and supporting documents.
  • 5 Feb. BBFA presents at ISSA Europe, focusing on cybersecurity, alongside ENISA, DG CONNECT, EUROPOL and others.

News Archive 2012.

News Archive 2010.

User Login