Framework documents

The Trusted Digital identity Framework is currently made up of 19 policies. Additional policies will be added as required and we learn more about user needs.

Back to top

Overview and Glossary

The Overview and Glossary (PDF 1.1 MB)provides a high-level overview of the TDIF. It outlines the relationship between the documents included in the framework and defines the key terms(updated April 2019).

Back to top

Accreditation Process

The Accreditation Process (PDF 740KB) defines the requirements to be met by government agencies and organisations in order to achieve TDIF accreditation for their identity service (updated April 2019).

Back to top

Architecture Overview

The Architecture Overview (PDF 1.4 MB) provides an architecture overview that describe the functions of the TDIF participants and how they interact (released April 2019)

Back to top

Attribute Profile

The Attribute Profile (PDF 555KB)outlines which attributes are shared between identity providers and digital services. It also includes the rules for how attributes are shared and what technical specifications they must meet (updated April 2019).

Back to top

Attribute Provide Requirements

The Attribute Provider Requirements (PDF 296 KB) define requirements for Applicants who undergo TDIF accreditation as an Attribute Provider (released April 2019)

Back to top

Authentication Credential Requirements

The Authentication Credential Requirements (PDF 348 KB) set out the authentication and credential requirements that government agencies and organisations need to meet to be accredited as Credential Service Providers under the TDIF (updated September 2018).

Back to top

System Governance Interim Memorandum of Understanding

The System Governance Interim Memorandum of Understanding (PDF 372 KB) is an agreement between the Digital Transformation Agency, Australian Taxation Office and Department of Human Services that sets out the interim governance and administration arrangements in relation to the TDIF (released September 2018).

Back to top

Fraud Control Requirements

The Fraud Control Requirements (PDF 398 KB) set out the TDIF fraud control requirements that government agencies and organisations need to meet in order to be accredited under the TDIF (updated September 2018).

Back to top

Identity Proofing Requirements

The Identity Proofing Requirements (PDF 633 KB) set out the identity proofing requirements that government agencies and organisations need to meet to be accredited as Identity Service Providers under the TDIF (updated September 2018).

Back to top

OpenID Connect 1.0 Profile

The OpenID Connect 1.0 Profile (PDF 946 KB) provides the OpenID Connect 1.0 Profiles for interactions between:

  • a relying party and an identity exchange
  • an identity provider and an identity exchange

(updated April 2019)

Back to top

Privacy Requirements

The Privacy Requirements (PDF 345 KB) set out the TDIF privacy requirements that government agencies and organisations need to meet in order to be accredited under the TDIF. These requirements incorporate the Privacy Act 1988 and the Australian Privacy Principles, state-based privacy legislation and privacy best practice (updated April 2019).

Back to top

Protective Security Requirements

The Protective Security Requirements (PDF 277 KB) set out the TDIF protective security requirements that government agencies and organisations need to implement in order to be accredited under the TDIF (updated April 2019).

Back to top

Protective Security Reviews

The Protective Security Reviews (PDF 524 KB) outline the protective security reviews that will be performed on an identity service as part of the TDIF accreditation process (updated September 2018).

Back to top

Risk Management Requirements

The Risk Management Requirements (PDF 290 KB) set out the TDIF risk management requirements that government agencies and organisations need to meet in order to be accredited under the TDIF. This document also explains an approach to risk management that agencies and organisations can use to meet the requirements (updated April 2019).

Back to top

SAML 2.0 Profile

The SAML 2.0 Profile (PDF 540 KB) provides the SAML 2.0 Profile for interactions between:

  • a relying party and an identity exchange
  • an identity provider and an identity exchange

(updated April 2018)

Back to top

Service Operations Testing Requirements

The Service Operations Testing Requirements (PDF 269 KB) set out the TDIF operational testing requirements that government agencies and organisations need to meet in order to be accredited under the TDIF. These requirements include service design, service transition and service operations (released September 2018).

Back to top

Technical Integration Testing Requirements

The Technical Integration Testing Requirements (PDF 354 KB) set out the TDIF integration testing requirements that government agencies and organisations need to meet in order to be accredited under the TDIF. These requirements include the processes needed to run an effective technical integration testing program (released September 2018).

Back to top

Technical Requirements

The Technical Requirements (PDF 682 KB) serveas the key reference for the technical requirements and technical integration standards for Accredited Providers in the identity federation (released April 2019).

Back to top

User Experience Requirements

The User Experience Requirements (PDF 328KB) definethe usability and accessibility requirements that government agencies and organisations need to meet in order to be accredited under the TDIF. These requirements ensure that identity services are simple and easy to use (updated April 2019).

Back to top

Consultation

During the development of the framework we consulted with privacy advocates, industry experts and the public and received almost 2,000 comments. We’ve responded to this feedback and updated the framework.

There have been three rounds of consultation so far. These documents summarise the feedback received:

The next part of the framework was released for consultation in January 2019. It will create the rules and standards which will allow an individual to interact with government on behalf of a business. A further part of the framework is planned for consultation in 2019 which will allow individuals to interaction on behalf of other individuals.

The TDIF replaces the following policies and they no longer apply:

Back to top

Get in touch

If you have any questions you can get in touch with us at identity@dta.gov.au