VeriFi : Identity and Access
VeriFi is the Identity and Access Management (IAM) system being developed as a part of the technology stack for an inclusive forest economy. The technology stack includes applications to digitally record the CFR claim filing process, create an inventory of Seasonal Forest Products in community owned forests, monitor and manage forests for sustainable resource extraction, and facilitate sale of SFP to industry partners.
VeriFi is the most critical component of the stack. VeriFi is essentially a framework of policies, processes, and technologies that will enable stakeholders to manage digital identities and control user access to critical information and resources. It has been designed to facilitate variable access of applications tailored to the specific needs of stakeholders. VeriFi is designed as a set of protocols that will assign rights and privileges to stakeholders for using the applications, allowing differential access to the technology ecosystem. The core objective of IAM systems is one digital identity per individual or item. Once that digital identity has been established, it will be maintained, modified, and monitored through the access life cycle of individual users or their devices.
For example, collectors of Seasonal Forest Products will collectively manage and monitor their forests for sustainable extraction of resources. Village communities will submit a management plan detailing the regulations of resource use, penalties for breaking rules, and a strategy for aggregation, value addition and market linkage for selected Seasonal Forest Products. At the same time, the Forest Department will be responsible for ensuring that the forests are sustainably managed. The ability of a user or user group to record new information, access recorded information or modify files depends on their role and responsibility in the initiative.
VeriFi ensures that the access levels of users in the community are different depending on their role in an inclusive forest economy. A user in the village community may be a collector of Seasonal Forest Products, employee of the enterprise, leader of the management committee or any combination of the three. Similarly, user access and restrictions will be different for individuals within the forest department. The forest guards, range officers and divisional forest officers can access, and record information limited to forest beats, forest ranges and forest divisions under their jurisdiction while the senior management of the Forest Department can access state level information.
VeriFi incorporates three major concepts: Identification, Authorization, and Authentication.
First, VeriFi will uniquely identify a user of the system or an application running in the system with a username or a process ID. This will determine if a user or user group can access an application, or an object in the application. Second, it will establish the authenticity of a user or application through a three-step verification process. VeriFi will use knowledge factors like a password or PIN, ownership factors like identity cards or security tokens, and inherence factors like biometrics or face recognition to prove that a user or an application is genuine. Finally, VeriFi will delegate permissions to a particular user or user group.
Authorization carries out the rest of an organization’s identity and access management processes once the user has been authenticated. Users are authorized to access information based on their roles and responsibilities in establishing and operating an inclusive forest economy. VeriFi makes it difficult for an outside party to potentially view, steal or manipulate sensitive information.
Why we need VeriFi?
- VeriFi adds an extra layer of security over the institution’s network enabling regulatory and privacy compliance.
- VeriFi improves the overall user experience with features like Single Sign-On or Multi-Factor Credentials.
- VeriFi helps in automating security systems that inherently allow users or user groups to increase overall productivity and operate more efficiently by decreasing the effort, time, and money.
- VeriFi prevents biases in data collection, unwanted dissemination of the data, and provides clarity of access rights to the different stakeholders involved.