Session 4: Addressing Safety and Security in Digital Public Infrastructure

Key Takeaways

• Safety and Security Measurement Requires New Frameworks: Current DPI measurement approaches inadequately capture security and resilience needs. Effectively addressing this challenge will require new frameworks that account for the full life cycle of public infrastructure.
• Governance Challenges Exceed Technical Solutions: Real-world implementation reveals that regulatory frameworks, institutional mandates, and cross-agency coordination present greater barriers than technical security controls.
• Operational Principles Must Bridge High-Level Values: Translating broadly agreed principles like “security by design” into measurable, operational frameworks remains a critical gap requiring evidence-based approaches and real-world case studies.
• Capacity Building Enables Informed Risk Decisions: Creating “intelligent customers” who can make informed security decisions is essential for sustainable DPI deployment, requiring frameworks that translate technical concepts into actionable governance choices.

Introduction

Digital public infrastructure operates at the intersection of technology and governance, creating unique security challenges that traditional enterprise frameworks struggle to address. While there is broad consensus around high-level security principles (privacy by design, transparency, accountability) the practical measurement of safety and security in DPI deployments remains underdeveloped. This gap becomes particularly acute as governments worldwide accelerate DPI implementations, often adapting enterprise security standards that were never designed for the multi-stakeholder, public infrastructure context.

The fourth session of IIPP’s Community of Practice on DPI Measurement, held on July 16, 2025, brought together global expertise to address this implementation challenge. Nick Coleman, drawing on his experience as a technology executive, chief security officer, and author of the UK’s National Cyber Security Review, facilitated a discussion that revealed both the limitations of current approaches and promising pathways forward.

The session highlighted how real-world implementation experiences drawn from community members’ first hand insights provide essential evidence for developing more sophisticated measurement frameworks that can guide secure DPI deployment at scale.

From Enterprise Security to DPI Safety and Security

Coleman’s presentation began by challenging the adequacy of established security frameworks for DPI contexts. While enterprise security has long relied on the confidentiality, integrity, and availability (CIA) triad, DPI implementations require a more expansive understanding of resilience that extends beyond system uptime to encompass entire ecosystems. “Resilience to me is the ecosystem that you need,” Coleman explained, highlighting dependencies of DPI implementations on the broad range of existing infrastructural and state capacity contexts.

Drawing on his experience developing security frameworks for the UK government, Coleman proposed a four-pillar approach specifically designed for DPI:

• governance
• risk management
• policy and operations
• monitoring maintenance and assurance This framework explicitly addresses the lifecycle nature of DPI implementations, from initial conception through design, deployment, and crucially, decommissioning, a consideration often absent from enterprise models. The approach recognizes that DPI operates across extended timescales and multiple institutional boundaries, requiring security measures that evolve with changing governance structures and technological dependencies.

Multi-Actor Models of Responsibility

Coleman’s assessment of the UNDP framework highlighted both its foundational value and its limitations for developing practical measurement approaches. While acknowledging the framework as “a helpful start,” he identified significant gaps in its current measurement indicators, noting that existing metrics “talk to certain things around ID, but don’t really talk to the wider safety and security issues” and fail to adequately address resilience considerations. This gap between principles and measurement represents a critical obstacle for governments seeking to implement evidence-based security governance.

Coleman emphasised how the framework’s identification of responsible authorities (governments, technology providers, users, and funders) reveals the inherent complexity of implementing security across distributed governance structures. “Who should be worried about safety and security? So in this version, it’s the government. But what should technology providers be associated with what they design?” Coleman asked, highlighting how the framework raises essential questions without providing definitive operational answers.

This stakeholder complexity becomes particularly challenging when considering the framework’s lifecycle approach, which spans conception, design, deployment, operation, and maintenance phases. Each stage involves different primary actors with varying security capabilities and responsibilities.

Coleman’s presentation revealed how this multi-party reality requires more sophisticated approaches to shared responsibility than traditional security frameworks accommodate, particularly when considering the long-term sustainability of security measures across evolving political and institutional contexts.

Community Insights

The session’s most valuable insights emerged from practitioners wrestling with real-world security implementation challenges highlighted by Coleman’s presentation.

Samyak Leekha, an IIC fellow working with India’s National Health Authority on the Ayushman Bharat Digital Mission, offered a compelling analogy for understanding DPI security complexity: “A large part of DPI is actually what is built on top of it, right? If it’s a road, if it’s a roadway, if that’s the analogy we want to draw, then it’s about the rules that the cars on that particular road are following.” His experience revealed how security requirements cascade through layered systems, with foundational DPI like Aadhaar requiring ISO 27001-level compliance while derived systems operate under less stringent web application security assessments.

Ritul Gaur from the Digital Impact Alliance highlighted the governance fragmentation that complicates security measurement: “DPI is still fragmented in terms of ID is very much like an ID bastion where most countries have home ministries running it, payments will be with the central banks, etc.” This fragmentation creates accountability gaps, particularly evident in India where “organizations that manage different DPI would be UIDAI, which is the ID authority, the payment authority, or the data sharing entity, they all have murky mandates.” Eric reinforced this governance dimension, emphasizing that effective DPI security “is not just a technical IT project. It’s also a governance problem. And it’s much more complex when you consider the structure of government and how difficult it is to implement and sign those laws and enforce them.”

The discussion revealed significant variation in security priorities across different global contexts. Matteo Rodriguez from the Global Solutions Initiative highlighted how “public trust and adoption is mostly a problem in European and Western countries, as opposed to global majority contexts where it’s less emphasized,” raising fundamental questions about how to “translate these technical and abstract indicators into something that the population understands and which can increase trust.” This observation challenged assumptions about universal security requirements and suggested the need for contextually-sensitive measurement approaches.

Questions about digital sovereignty from Rashi Khilnani illuminated another layer of complexity, as security frameworks must account for national requirements that may conflict with interoperability principles. Mundeo Morgan’s inquiry about balancing “national security versus accountability and transparency requirements” further highlighted the tension between protective measures and the openness that characterizes effective DPI. These exchanges revealed how security measurement cannot be divorced from broader questions of digital governance and national autonomy.

Collective Paths Forward

The session reinforced that developing effective security measurement for DPI requires moving beyond theoretical frameworks to evidence-based approaches grounded in real-world implementation experience. Coleman emphasised: “if you’re really going to understand how the system is governed and performed, you have to be able to do that research, but apply to specific projects with access to the projects and the stakeholders to see how it works in practice.”

The community discussion revealed that effective security measurement serves multiple purposes: demonstrating value to justify investments, identifying implementation barriers, creating incentives for better security practices, and enabling comparison between different approaches. Achieving these outcomes requires frameworks that can adapt to varying levels of institutional maturity and technical capacity while providing clear guidance for security governance decisions.

Join the Conversation

Get Involved: The Community of Practice continues to evolve based on member contributions and interests. To suggest topics for future sessions or share implementation experiences that could inform measurement framework development, please reach out through our feedback form.

Stay Connected: Subscribe to our DPI Map Newsletter to receive updates about upcoming sessions and research insights. 

Upcoming Sessions: The topic of the upcoming session to be held mid-August will be announced in the coming weeks. 

Session Recording: The full recording of this session is available on the IIPP YouTube Channel for those interested in exploring the complete discussion.

For questions about the Community of Practice or to discuss collaboration opportunities around DPI security measurement, contact our community manager Mitchel Pass at m.pass@ucl.ac.uk.