Information Society with Absolute Trust in the Services
Upcoming SlideShare
Loading in...5

Information Society with Absolute Trust in the Services



Personal data residing or in transit, across and between administration networks ...

Personal data residing or in transit, across and between administration networks
are the focus of extensive security efforts. Encryption should be deployed judiciously.
In this presentation, check how we safeguard information, processes and procedures
in three practical cases:
• Data-processing tools to fight social fraud (OASIS datawarehouse)
• Sign and deposit of notary acts (e-Depot platform)
• Identity Management at European-level (Services directive)



Total Views
Views on SlideShare
Embed Views



2 Embeds 5 4 1



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Information Society with Absolute Trust in the Services Information Society with Absolute Trust in the Services Presentation Transcript

  • Gov IT Summit 2009 – Antwerpen, 21 Septembre 2009 Information Society with Absolute Trust in the Services Luc Gathy page 1
  • What citizens expect ? Factors encouraging the use of e-ID The assurance that the law on data protection is complied with The guarantee that the data is not sold on or re-used A label or logo proving that the service is secure An individual file of my data and transactions so that I know what information about me is held Obtaining a receipt after providing information Information on the information system Information on how the data I have provided is used Testimonies of people who have used the system. page 2
  • What citizens expect ? Factors encouraging the use of e-Services If my privacy is completely respected If I can choose which personal data I want to provide If the service is free If the service saves me time If it is very easy to register If my friends have strongly recommended it to me Who should offer these services A government organization (federal, local), A company, a specialist service provider A non-profit organization page 3
  • To summarize ... Active and responsible relation is expected with Public Services Simplification and rapidity as issuing conditions to the usage of e- Services to organize “my” everiday life Transparency Methods of conserving and consulting data Conditions for storing this data Controls in place, also for subcontractors involved in processing the personal data Consistency intra- and between platforms (codes, signs and products) No extra cost page 4
  • e-Depot :Overview Notary 1 2 3 4 5 e-Notariat interface Consult Monitor the Write deed Deposit digital Update e-Gov authentic status of and extracts deed sources sources deposits e-Gov interface Moni- National Bis Company Justice teur register register register files Belge (*) Dep. Social Inneres security Dep. Economy Department Justice (*) Belgian Official Gazette Clerk Citizen page 5
  • e-Depot: Partnership & SOA infrastructure Tracebility through “Certificates chain” and “Timestamping” (XAdES standards) Social Server KSZ security NationalServer RRN register Server Server L AM n rtio üS (3) se as Logs Notaris 4 Notary 4 eID Real Server Server r Card certificaat certificaat Nat N 4 1 Nat Nr eID 2 Nat Nr eID Notaris Notary KFBN Server FRNB Server Federal Server FSB service bus (FSB) Server 6 5/7 Notaris Notary FOD/Justitie Dep. Justice FOD/Economie Dep. Economy Server Server Server Server page 6
  • e-Depot: New workflow Find physical(s) person(s) FPHP by National number Dep. RRN Inneres Notary Notariaat Find foreign natural person(s) Social KSZ security Creation / Update of data FMOP Find a moral person (company’s / enterprise’s) FOD Dep. FRNB Portal economy Economie Deed preparation PRSU Deed processing Federal service bus (FSB) Creation of a new enterprise Dep. FOD ( New Enterprise number created ) economy Economie KFBN FSB -NOT - Deposition of deeds Dep. FOD e-Depot Justice ( Submission of files, Justitie (web) number & date of deposit returned ) services Activation of the enterprise FOD Dep. Economie economy Publication in the “Moniteur” Dep. FOD Dep. Justice Justitie BS Justice ( Date of publication) FPHP = Manage phy sical person details FMOP = Manage mo ral person details Forward of the final status to Moniteur the network Dep. FOD Belge PRSU = Process sub mittal of an electronic notary deed Justice Justitie page 7
  • e-Depot: A best practice We meet the “Trust” requirements: « Authentic digital Act Signed Electronically » Recognition: & page 8
  • OASIS: Overview Registre national DMFA Dimona Chômage Chantiers (ONEM) (Construction) Travail- Employ- leurs eurs Comptes & recouvrements Actions sur les «Sources authentiques» Vue «Employeur » Déclarations Vue «Travailleur » Fichier Dettes TVA TVA Clients-fournisseurs page 9
  • OASIS: Outputs page 10
  • OASIS: Outputs 9 page 11
  • OASIS: Outputs page 12
  • OASIS: Recognition “Crime such as fraud cause loss of revenue and require human resources to trace and handle them. Electronic systems for fraud detection can increase the detection rate by automatically carrying out checks and controls. The Belgian Anti-Fraud Datawarehouse project has developed a model whereby the need for precious resources in terms of both time and personnel has been cut and which has enabled more focused investigations leading to an increased apprehension rate. This example also illustrates as possible solution to tackle issues related to security and trust, a major concern for both front and back office users and for clients.” Ecrit par Christine Leitner (Head of eEurope Awards Project Management Secretariat and Senior Lecturer, EIPA Maastricht) dans la revue “Eipascope” numéro 2004/1 page 40. More details: page 13
  • OASIS: What about « Big Brother » syndrome ? « Commission for the protection of privacy » special autorisation: Délibération n° 01/06 du 6 mars 2001 relative à une demande du Ministère des Affaires sociales, de la Santé publique et de l'Environnement pour la création et la gestion d'une banque de données OASIS, en vue de la lutte contre la fraude sociale dans les secteurs de la construction, de la construction métallique, de l'électricité et des parcs et jardins. Délibération n° 05/001 du 18 janvier 2005 relative à la création et gestion de la banque de données OASIS en vue de la lutte contre la fraude sociale - Extension de l'autorisation comprise dans la délibération n° 01/06 du 6 mars 2001. Encryption of the personal data For the detection process ... With limited opportunities to retrieve the original version In the investigation process page 14
  • Positioning of Belgium Reliability of our Civil Register (Parent database) Contains the “founding documents” upon which identification security is to be based A unique identification system Not multiple unified or partitioned Traceability of all transactions performed, e.g. by Civil servants Example: “Mondossier” or “MyFile” e-ID as an electronic identification system guaranteed by the State A “Service-oriented” State in construction For the Individual/Citizen: State’s back office own structure hidden (“Citizen Centric”), facilitation for learning, promoting the service, accessibility and responsiveness (face-to-face and electronic) For government bodies: Migrate from paper-based to electronic culture, prioritization of the need for transparency, maintain “Social cohesion”, cross-functional shared framework (for the fluidity of the processing), Circle of Trust, legal validity of paperless procedures. page 15
  • Positioning of Belgium Protection of individual’s privacy and personal data Principle of “end goals” (bind to mandates) and “proportionality” (Example: Driving licence = 18 or over  No need to know the age or date of birth) Five Trusted party commissions for privacy protection, compartmentalized by domain; Public-sector administration/Interior ministry Finance Health Social matters Justice Introduction or mixed access to commercial and non-commercial services carried out with great precision. ... And ensuring the public’s interests ! page 16
  • Services Directive: Overview Abolish restrictive legislation and practices hindering service providers Set up Point of Single Contact Applicants must be able to: – Find rules and formalities they need to comply with – Complete applications electronically (submit application forms, supporting documents, fee payment) Autorités Compétentes « Interlocuteur Prestataire Prestataire unique » établi de services Guichet Unique Prestataire non établi Administration co-operation improved with counterparts in other EU countries page 17
  • Services Directive: Issues Recognition of electronic documents across Member States (MS) borders, requires: Common set - or at least understanding – of signature and document formats (structured and unstructured) Necessary information for validation of e-Docs Signature format for (qualified) electronic signature should be defined Date of public registers has to be accessible (read only) to authorities of MS, involves questions: How to identify a requesting authority?  eID LSP STORK How to search for and find a certain record in accordance with national data protection rules? How to retrieve and validate it? page 18
  • Services Directive: Issues (continue) Point of Single Contact Authentication Service Federal Authentication Service + Federated Identity and CA Access Management (FIAM) CA FAS CA + Trust relationship IdP CA PsC IdP SSO IdP SP IdP SP SP SP SP SP IdP: Identity provider SSO: Single-sign-on SP: Service provider CA: Certification authority page 19
  • Services Directive: Issues (continue) e-Delivery service MS A Additional issues e-Procedure e-Doc safe MS B page 20
  • Services Directive: Issues (continue) National e-delivery systems have to become interoperable: How can a sending authority find the appropriate messaging service? How to interface with it? How to identify individual recipients and their addresses? How to get confirmation of delivery and receipt? Data safes can make online transactions during an official procedure more efficient, comfortable and user friendly, but: How to access an e-Document safe of MS A across borders during an electronic transaction in MS B? How to retrieve a particular document? How to authorise public authorities for asynchronous access to data safes? Is there a need for a standard document inventory to find equivalent in other MS? page 21
  • Services Directive: Issues (continue) Cross border payment of administrative fees: Service providers should be able to use their local payment system (e.g. credit card and online banking) with foreign public administrations Common service directory needed: Description of service interface as well as of process models Service orientation independently of a particular national portal Allowing integration (partial or complete) in others MS ! page 22
  • Conclusion Authority Trust Traceability Transparency = Four “untouchable” fundamental components !  Included in our future work to avoid… page 23
  • Q&A page 24