Workshop eID


Published on

Published in: Business
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Workshop eID

  1. 1. German-Spanish Workshop on eID March 3, 2010 eID Internet Identification – Introduction in 2010 – The German Approach Siemens IT Solutions and Services, Hubert Geml
  2. 2. The new national ID card …as of November 1st, 2010 ID Card <ul><li>3. Qualified digital signature (optional) </li></ul><ul><ul><li>Certificate can be loaded on the chip of an existing card </li></ul></ul><ul><ul><li>Not provided by government, but by the private sector (as per SigG) </li></ul></ul><ul><li>2. Electronic ID Function (optional) </li></ul><ul><ul><li>for eBusiness and eGovernment purposes, age verification etc </li></ul></ul><ul><ul><li>access on the basis of a formal authorization certificate only </li></ul></ul><ul><li>Traditional ID card features remain unchanged </li></ul><ul><li>ID-1 credit card format </li></ul><ul><li>Long lasting polycarbonate body </li></ul><ul><li>New security features built into the card </li></ul><ul><li>1. Biometrics </li></ul><ul><ul><li>Digital photograph (compulsory) accessible for entitled authorities only </li></ul></ul><ul><ul><li>Two fingerprints (upon request) accessible for entitled authorities only </li></ul></ul>Electronic Features Source: Federal Ministry of the Interior
  3. 3. Access with Pseudonym Altersverifikation Age Verification Services for Citizens Kiosk Systems, Info Terminals Digital Signature Barrier-Free Internet Services Access Control Online Registration Automatic Form Fill-Out The electronic ID card …is versatile Source: Federal Ministry of the Interior
  4. 4. 20.11.2008 Start of registration for application test 01.11.2010 Start of Roll out Early June 2009 Selection of 30 participants for centrally coordinated application test June 24, 2009 Publication of PAuswG October 2009 Draft of legal regulations February 2010 Bundesrat approves national ID card directive May 1, 2010 Start of application for authorization certificates Mid-2010 Test reports and rollout 18.12.2008 2nd/3rd reading in Bundestag (parliament) 13.02.2009 2nd passage in Bundesrat 1st Quarter 2010 Start of field test 01.10.2009 Start of centrally coordinated application test January 2010 Start of open application test > 80 participants Source: Federal Ministry of the Interior The new German national ID Card …is on schedule
  5. 5. eID Service …architecture at a glance <ul><li>Third party performs the following: </li></ul><ul><ul><li>Reading out the document </li></ul></ul><ul><ul><li>Handling of cryptographic material </li></ul></ul><ul><ul><li>Checking the blacklist </li></ul></ul><ul><li>Service provider receives authenticated data </li></ul><ul><li>Trust relationship between eID Service and service provider </li></ul>1 Request to service provider 2 Forwarded to eID Service 3 Authentication and read-out procedure 4 Return of data 5 Confirmation to citizen <ul><li>Easy integration of eID Service into existing applications of service providers via eID link (library, Java serverlet) </li></ul><ul><li>Interface uses SAML profile </li></ul><ul><li>Complies with technical guideline TR-03130 of BSI </li></ul>
  6. 6. Information about the service provider and its authorization certificate is displayed Authentication … .by means of the eID-Function
  7. 7. Siemens and its partners: a strong network ….for software development and services 5 4 3 2 Portal for downloading the Citizen Client and updates; support services for citizens (including FAQs, etc.) eID Service application test as per BMI specification Citizen Client operation as per BMI specification; maintenance and ongoing development services for three years Application test of Citizen Client as per BMI specification (incl. accessibility, user friendliness); iterative refinement during the application test 1 Complete architectural concept, project management eID Service Citizen Client, Admin. Client Portal Upgrade/Download Service
  8. 8. The Citizen/Admin Client …offers many different features Application Software for Citizens Signing e-mails digitally (advanced or qualified) and checking the signatures of incoming e-mails Online authentication with other e-cards (electronic healthcare card, signature cards from trust centers) Generating qualified signatures on digital documents; checking digitally signed documents for authenticity Administration (PIN and update management) E-mail encryption and decryption Online authentication with the new national ID card
  9. 9. The citizen …is guided through use of the Client
  10. 10. <ul><li>Reliable and easy-to-use identification mechanism for online and offline services </li></ul><ul><li>Respect for the right to self-determination – card holder decides which of the ID data will be transmitted to the service provider </li></ul><ul><li>Service providers have to prove the authenticity of their digital identity, via a digital certificate </li></ul><ul><li>Secure exchange of sensitive personal data via highly encrypted communication channel based on dual-factor authentication (ownership of the ID card and knowledge of the PIN) </li></ul><ul><li>Improved identification capabilities for police and border authorities; enhanced security </li></ul>The new German national ID card’s benefits … .for citizens Source: Federal Ministry of the Interior
  11. 11. <ul><li>Service providers can verify the identity of a person or customer </li></ul><ul><li>The authentication mechanism can be used for different applications in many areas </li></ul><ul><li>New services can be offered that were not possible before (for example, transactions requiring a signature of a person) </li></ul><ul><li>Integration effort is manageable – services and web applications can use a standardized interface in order to use the eID functionality </li></ul><ul><li>No roll-out process for service providers </li></ul><ul><li>High number of potential users – almost every citizen has to own a national ID card) </li></ul>The new German national ID card’s benefits … . for service providers Source: Federal Ministry of the Interior
  12. 12. Thank you for your attention Copyright © 2009 Siemens AG. All rights reserved. Hubert Geml Siemens AG Siemens IT Solutions and Services Public Sector Mobile: +49 (173) 9793804 e-Mail: [email_address] Internet:
  13. 13. Supported operating systems Windows 2000, Windows XP, Windows Vista , Windows 7 Debian 5.0 (Kernel Version 2.6.26) and higher Ubuntu 9.04 (Kernel Version 2.6.29) and higher MacOS 10.5 and higher OpenSuse 11.1 (Kernel Version 2.6.27) and higher Supported e-mail clients Microsoft Outlook as of Version 11 (Windows operating systems) Microsoft Outlook as of Version 6 (Windows operating systems) Mozilla Thunderbird as of Version 2 (Windows operating systems and Linux distributions) Mac OS X Mail as of Version 10.5 – 32/64-bit (Macintosh, Intel-based version) kontact kmail as of Version 1.8 (Linux distributions) Supported browsers Microsoft Internet Explorer as of Version 6 (Windows operating systems) Mozilla Firefox as of Version 3 (Windows operating systems and Linux distributions ) Safari as of Version 4 – 32/64-bit (Macintosh, Intel-based version) Supported card readers (as per TR-03119) Omnikey CardMan 3121, Omnikey CardMan Mobile 4040, Omnikey CardMan 4321 Omnikey CardMan 6121, Omnikey CardMan 6321, SCM SCR 331 SCM SDI010 – for ePA, SCMSCL010 – for ePA , SCM SCR 3340 ACR ACS30, Kobil tribank/tricap ReinerSCT cyberJack e-com, ReinerSCT cyberJack e-com plus     The Citizen Client …is open for different systems
  14. 14. Application test …participants in the centrally coordinated test Source: Federal Ministry of the Interior
  15. 15. <ul><li>Germany developed a technical middleware solution that took following aspects into account: </li></ul><ul><ul><li>support of arbitrary eCards without modifications of binary code </li></ul></ul><ul><ul><li>(CardInfo-Files) </li></ul></ul><ul><ul><li>easy integration of applications (“high-level” API) </li></ul></ul><ul><ul><li>platform independency and scalability </li></ul></ul><ul><ul><li>abstraction of different card terminal technologies </li></ul></ul><ul><ul><li>consideration of significant standards in the field of eCards </li></ul></ul><ul><ul><li>The so-called eCard-API middleware solution inherently provides the potential to be an international solution </li></ul></ul>Why other Countries can benefit from Germany‘s Solution (1) Source: Federal Ministry of the Interior
  16. 16. <ul><ul><li>Countries can deploy Germany’s technical solution as well </li></ul></ul><ul><ul><li> no new and complicated developments necessary </li></ul></ul><ul><ul><li>National security policies can be applied without creating barriers for international business activities </li></ul></ul><ul><ul><li>Citizens can use services of other countries by means of their own smartcard -> they can further trust their national smartcards </li></ul></ul><ul><ul><li>Service providers can support authentication procedures with electronic cards of foreign countries (only authorization certificate of the foreign country required) </li></ul></ul><ul><ul><li>International electronic identity system that is effective, sustainable and secure </li></ul></ul>Why other Countries can benefit from Germany‘s Solution (2) Source: Federal Ministry of the Interior