Lockstep

[Skip Navigation]
  • Home
  • About Us
  • News
  • Services
  • Partners
  • Library
  • Contact Us
  • Babysteps
  • PKI
  • Privacy
  • Smartcards
  • eHealth
  • Identity & Authentication
  • Lockstep Technologies
  • Clients & Case Studies
  • Government submissions
  • Online Banking Review
  • Conference presentations
  • Selected Media Interviews
  • Return on Investment
  • Quotes
  • Links
  • Science generally
  • Downloads

Clients & Case Studies

See also detailed capability statements and resumes at about us.

Financial sector smartcard product strategy

In late 2006, Lockstep developed a detailed strategic product plan for smartcards, for a large financial sector consortium. The plan included detailed analysis of the market drivers in Australia, business opportunities for banks, the inter-play of government and private sector policies, the advent and importance of new forms of digital credentials, and the special influence of programmes such as the Human Services Access Card and smart driver licenses.

OASIS ID Trust Resources Pages

Lockstep was recently retained by the OASIS ID trust Steering Committee to research and compile a new set of web-based resources for identity and authentication; see ID trust resources and ID trust wiki. This project built on Lockstep's earlier refresh of the OASIS PKI Resources web pages, which entailed substantial new research into international authentication case studies, legal frameworks and policy, resulting in probably the most comprehensive collection of PKI materials on the Internet; see old PKI resources pages.

Australian Government Smartcard Framework

In late 2005, Stephen was engaged by the Australian Government Information Management Office (AGIMO) as Consulting Editor on the new Australian Government Smartcard Framework. He contributed new material on the business benefits of smartcards, the smartcard technology stack, interface specifications, and delivered recommendations on the adoption of important elements of FIPS 201. See http://www.agimo.gov.au/infrastructure/smart_cards. Lockstep was later subcontracted to assist the writing on the Smartcard Implementation Guide.

Australian Government Gatekeeper PKI Program

Through much of 2005, Stephen was retained by AGIMO as Principal Consultant to assist with the strategic review of the Gatekeeper government PKI regime, in which the primary objectives were to reduce the cost and complexity of Gatekeeper accreditation. Stephen's chief contributions included the introduction of the new "Relationship Certificate" concept to streamline registration, and the "Security Printer" regulatory model which improves flexibility and reduces implementation costs. Later in 2006, Stephen was a subject matter expert in the consulting consortium that implemented the new Gatekeeper Framework. He was specifically responsible for developing Guidelines for Relationship Certificates, template threat-risk assessments and certificate policies, and new digital credential specifications.

IIA Two Factor Authentication Scheme Architecture

Lockstep was engaged by the Internet Industry (IIA) Association in early 2005 to architect a proposed national 2FA scheme and develop the high level business model. The IIA has for several years championed the importance of Two Factor Authentication in future e-commerce. Starting with its Authentication Virtual Taskforce, and working through an extensive industry survey, the IIA has articulated a vision for an industry-driven and open scheme with broad application in retail Internet business and government service delivery. The IIA engaged Lockstep Consulting to scope out the envisaged scheme and develop a comprehensive blueprint, comprising strategic business model, operational model, recommendations regarding the SAML standard, and technical interface specifications.

Medicare Australia Health eSignature Authority

Through 2005-06, Lockstep was retained by Medicare Australia help to develop new "push" distribution models for digital certificates for health professionals. Stephen has applied the new community-of-interest and "Known Customer" methods, in settings such as customised ID smartcards for hospital employees enabling logical, physical and face-to-face authentication, and for the automatic distribution of trusted national credentials to healthcare professionals.

NSW Government Statistical ROI Model

Lockstep was commissioned in 2004 to update the NSW Government's "Return On Security Investment" guideline for managers, and to research and prototype a novel statistical model for studying the financial benefit of perimeter security. Using Monte Carlo techniques, Lockstep's model predicts the likely spread in the costs of security breaches both with and without security mitigations, given the inherent variability in (a) likelihood of incidents, and (b) impact of incidents. The model allows practitioners to inject variations in the underlying statistics of breaches, and to set parameters relating to cost and frequency of different grades of incident.

See Return On Security Investment (ROSI).

Our work in this area was pioneering, and has been cited internationally; see Lockstep ROI.

© 2008 Lockstep Consulting ABN 59 593 754 482
11 Minnesota Avenue Five Dock NSW 2046
Mobile: +61 (0) 414 488 851 Email Us
Terms and Conditions