Thodoris Bais, profile picture
Uploaded byThodoris Bais
PPTX, PDF64 views

Securing eHealth and eGovernment with Java - Java2Days 2019

The document discusses securing eHealth and eGovernment systems with electronic signatures in Java. It covers topics like eHealth and eGovernment use cases in Germany and the Netherlands, requirements for secure transmission, electronic signature types and certificates, the Digital Signature Services (DSS) framework, and PDF security issues. The presentation aims to demonstrate how to create and validate digital signatures using Java libraries to enable secure eHealth and eGovernment applications and document exchange.

Embed presentation

Download to read offline
@wernerkeil @thodorisbais Securing eHealth and eGovernment with Java
Werner Keil Thodoris Bais Maintenance Lead JSR-385 Expert Group Member JSR-385 Let’s meet @thodorisbais@wernerkeil
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Agenda 1. eHealth and eGovernment 2. Signatures and Certificates 3. DSS Framework 4. PDF Insecurity 5. Demo 6. Links / Q&A
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais eGovernment in DE ExternalInternal
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais eHealth in DE Long distance communication Health Data Patient Monitoring
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais eGovernment in NL
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais eHealth in NL 80% Access to medical records 75% Health monitoring
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais eHealth in NL – How to achieve these goals
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Benefits of eHealth Insight into own health Time saving
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Requirements for Secure Transmission Integrity Identity Authenticity
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Authenticity of Author and Data • Assignment of data to the signer • Protection against denial by signatory • Protection of data against manipulation • On the transmission path • Through the receiver
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Risks & Solutions
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Electronic Signatures
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Functionality The electronic signature is a cryptographic method that uses two asymmetric keys • Private key • Public key
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Process
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Process
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Types The signature law distinguishes three (or four) types of signatures: • Simple Electronic Signature (SES) • Advanced Electronic Signature(AdES) • Qualified Electronic Signature (QES) • Qualified Electronic Signature with Provider Accreditation
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Types
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Advanced Electronic Signature Electronic signatures, where: • The owner can be uniquely identified and assigned to the signature • The signature is generated by means which owner can keep under their sole control • It is capable of identifying if accompanying data has changed after the message was signed • The signature can be invalidated in the event of such change
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Scope of Application An advanced electronic signature holder can also be a company, service, app, etc. The advanced electronic signature can therefore be used to sign documents if there are no legal formalities (personal certificates) With the advanced electronic signature, mass signatures are possible, for example to ensure the integrity of documents in the area of electronic invoicing or archiving (functional certificates)
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Qualified Electronic Signature An advanced electronic signature based on a secure signature creation device and a qualified certificate valid at the time of creation. Qualified Certificates • Serial Number • Reference to Qualified Certificate • Name of the owner (natural person) • Signature verification • Period of validity • Certification Service • Usage restrictions
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Qualified Electronic Signature with Accreditation Provision of the PKI by a trust center that has undergone the voluntary accreditation process. Certificate providers prove compliance with the provisions of the Act and the SigV before commencing operations Accreditation as a quality label provides proof of the comprehensively tested safety.
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Certificates
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Certificates The assignment of the electronic signature to the owner is carried out by means of certificates A certificate is an electronic certificate linking the public signature verification key to the name of the holder (natural or legal person)
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Formats There are four main types of signatures: • XAdES (XML Document) • CAdES (Common binaries of different kinds) • PAdES (PDF Document) • Associated Signature Containers (ASiC)
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Packaging Depending on the signature format, different packaging of the signature and the document are possible: • Enveloped • Enveloping • Detached • Internally Detached
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Creation and Validation
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Validation • TOTAL_PASSED • TOTAL_FAILED • INDETERMINATE
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Multinational Document Flow
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais DSS Framework
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais DSS Framework DSS (Digital Signature Services) is an open-source software library for electronic signature creation and validation. DSS supports the creation and verification of interoperable and secure electronic signatures in line with European legislation. Three main features can be distinguished within the framework: • Creation of a Digital Signature • Extension of a Digital Signature • Validation of a Digital Signature
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais DSS Framework – Features • Formats of the signed documents: XML, PDF, DOC, TXT, ZIP,…​ • Packaging structures: enveloping, enveloped, detached and internally-detached • Forms signatures: XAdES, CAdES, PAdES and ASiC-S/ASiC-E • Profiles associated to each form of the digital signature • Trust management • Revocation data handling (OCSP and CRL sources) • Certificate chain building • Signature validation and validation policy • Validation of the signing certificate
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais PDF Insecurity https://www.pdf-insecurity.org/index.html
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais PDF Insecurity
Demo Time @thodorisbais@wernerkeil
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Links CEF Digital Home: https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eSignature eGov EU Twitter Account: @eGov_EU CEF DSS: https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/DSS DSS Framework on GitHub: https://github.com/esig/dss Bouncy Castle for Java: https://www.bouncycastle.org/java.html Apache Sanctuario: https://santuario.apache.org/ Apache PDFBox: https://pdfbox.apache.org/
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais @wernerkeil @thodorisbais
© 2017-2019 Creative Arts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais

More Related Content

PPTX
Securing eHealth and eGovernment with Java - AllTheTalksOnline 2020
byThodoris Bais
 
PDF
DS-Entrust-SSL-Document-Signing-APR16-WEB2
byLucas Gritziotis
 
PDF
Guide for understanding digital signature
bydeannachandler02
 
PPT
E Signature Presentation
bybrettlieberman
 
PPTX
Seminar presentation on digital signature ppt
byRavi Ranjan
 
PPTX
Creation & Verification of Digital Signature using Adobe Acrobat
byPalash Mehar
 
PDF
IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...
byIRJET Journal
 
PPTX
Digital signature certificate
byAshvini Soni
 
Securing eHealth and eGovernment with Java - AllTheTalksOnline 2020
byThodoris Bais
 
DS-Entrust-SSL-Document-Signing-APR16-WEB2
byLucas Gritziotis
 
Guide for understanding digital signature
bydeannachandler02
 
E Signature Presentation
bybrettlieberman
 
Seminar presentation on digital signature ppt
byRavi Ranjan
 
Creation & Verification of Digital Signature using Adobe Acrobat
byPalash Mehar
 
IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...
byIRJET Journal
 
Digital signature certificate
byAshvini Soni
 

What's hot

PDF
Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...
byRohan Nyayadhish
 
PPTX
Difference between eSignature, digital signature and digital footprint
byDeftPDF
 
PPT
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
byNicholas Davis
 
PPTX
Securing eHealth, eGovernment and eBanking with Java - DWX '21
byWerner Keil
 
PPT
Pki the key to securing sensitive communications
byNicholas Davis
 
PPT
Document security & firewall
bySanjay Singh
 
PPT
Pki Digital Id Itmc University Wisconsin
byNicholas Davis
 
PPTX
An Expert Panel on Safe Credentials
byEvernym
 
PDF
Meet Evernym's SSI Platform
byEvernym
 
PPTX
Digital certificates and information security
byDevam Shah
 
PPT
Digital Signature
bynayakslideshare
 
PPTX
What is an Electronic Signature - Leigh Barker Tangible Assets
byLeigh Barker MWC Group | Portfolio Finance
 
PPTX
Digital signature and certificate authority
byKrutiShah114
 
PPTX
Enhancing Learner Mobility with SSI & Portable Digital Credentials
byEvernym
 
PDF
Study, analysis and formulation of a new method for integrity protection of d...
byijsrd.com
 
PDF
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
byGokul Alex
 
PDF
Personal Object Technology
byRobert Berger
 
PPTX
Digital signature
byJanani S
 
PPTX
Digital Certificates and Secure Web Access
bybluntm64
 
PPTX
Digital signturue
bySanjeevsharma620
 
Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...
byRohan Nyayadhish
 
Difference between eSignature, digital signature and digital footprint
byDeftPDF
 
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
byNicholas Davis
 
Securing eHealth, eGovernment and eBanking with Java - DWX '21
byWerner Keil
 
Pki the key to securing sensitive communications
byNicholas Davis
 
Document security & firewall
bySanjay Singh
 
Pki Digital Id Itmc University Wisconsin
byNicholas Davis
 
An Expert Panel on Safe Credentials
byEvernym
 
Meet Evernym's SSI Platform
byEvernym
 
Digital certificates and information security
byDevam Shah
 
Digital Signature
bynayakslideshare
 
What is an Electronic Signature - Leigh Barker Tangible Assets
byLeigh Barker MWC Group | Portfolio Finance
 
Digital signature and certificate authority
byKrutiShah114
 
Enhancing Learner Mobility with SSI & Portable Digital Credentials
byEvernym
 
Study, analysis and formulation of a new method for integrity protection of d...
byijsrd.com
 
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
byGokul Alex
 
Personal Object Technology
byRobert Berger
 
Digital signature
byJanani S
 
Digital Certificates and Secure Web Access
bybluntm64
 
Digital signturue
bySanjeevsharma620
 

Similar to Securing eHealth and eGovernment with Java - Java2Days 2019

PPTX
Securing eHealth, eGovernment and eBanking with Java - IT-Tage 2020 Conference
byThodoris Bais
 
PPTX
Securing eHealth, eGovernment and eBanking with Java - JCON Conference
byThodoris Bais
 
PPTX
Pragmatic view on Electronic Signature directive 1999 93
byPawel Krawczyk
 
PDF
About E-Signatures from #1 Rated EchoSign.com
byJason Lemkin
 
PDF
Contribution of DSC in e-Governance .docx (1).pdf
byXtratrust Digisign Pvt ltd
 
PDF
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
byMarket Engel SAS
 
PDF
Esignature api-report1
bySubhodip Datta
 
PDF
proposal on assessment of qualified signature creation devices compliant with...
byAndrea Caccia
 
PDF
PkBox as simple and secure cloud electronic signature creation and validation...
byGiuseppe Damiano
 
DOCX
Digital signature
bygajerachetan
 
PDF
How do you secure an electronic signature?
byXeniT Solutions nv
 
PPTX
Digital signature
byYash Karanke
 
PDF
Utilizing PKI to Reduce Risk & Cost
byChin Wan Lim
 
PDF
The Ultimate Guide to Digital Signatures
byTania Fuchs
 
PDF
The ultimate guide to digital signatures
byCoSign by ARX
 
PPT
Security via Java
byBahaa Zaid
 
PPTX
Digital signatures
byatuljaybhaye
 
PPTX
My DocSafe white paper 1
bydanielstachowiak
 
PDF
Why eSignatures are Imperative for Data Security.pdf
byDrysign By Exela
 
PPTX
Digital signature & eSign overview
byRishi Pathak
 
Securing eHealth, eGovernment and eBanking with Java - IT-Tage 2020 Conference
byThodoris Bais
 
Securing eHealth, eGovernment and eBanking with Java - JCON Conference
byThodoris Bais
 
Pragmatic view on Electronic Signature directive 1999 93
byPawel Krawczyk
 
About E-Signatures from #1 Rated EchoSign.com
byJason Lemkin
 
Contribution of DSC in e-Governance .docx (1).pdf
byXtratrust Digisign Pvt ltd
 
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
byMarket Engel SAS
 
Esignature api-report1
bySubhodip Datta
 
proposal on assessment of qualified signature creation devices compliant with...
byAndrea Caccia
 
PkBox as simple and secure cloud electronic signature creation and validation...
byGiuseppe Damiano
 
Digital signature
bygajerachetan
 
How do you secure an electronic signature?
byXeniT Solutions nv
 
Digital signature
byYash Karanke
 
Utilizing PKI to Reduce Risk & Cost
byChin Wan Lim
 
The Ultimate Guide to Digital Signatures
byTania Fuchs
 
The ultimate guide to digital signatures
byCoSign by ARX
 
Security via Java
byBahaa Zaid
 
Digital signatures
byatuljaybhaye
 
My DocSafe white paper 1
bydanielstachowiak
 
Why eSignatures are Imperative for Data Security.pdf
byDrysign By Exela
 
Digital signature & eSign overview
byRishi Pathak
 

More from Thodoris Bais

PPTX
EclipseCon 2021 NoSQL Endgame
byThodoris Bais
 
PDF
You Graduated Now What ECE UoWM 2021
byThodoris Bais
 
PPTX
NoSQL Endgame LWJUG 2021
byThodoris Bais
 
PDF
Be the Leader of Your Own Career Global Summit for Java Devs 21
byThodoris Bais
 
PDF
How to grow an amazing community - JavaLand 2021
byThodoris Bais
 
PPTX
NoSQL Endgame DevoxxUA Conference 2020
byThodoris Bais
 
PDF
Be the Leader of Your Own Career JCON Conference 2020
byThodoris Bais
 
PPTX
NoSQL Endgame JCON Conference 2020
byThodoris Bais
 
PPTX
NoSQL Endgame Percona Live Online 2020
byThodoris Bais
 
PPTX
Utrecht JUG meetup September 2020
byThodoris Bais
 
PPTX
How JSR 385 could have Saved the Mars Climate Orbiter Java Global Summit 2020
byThodoris Bais
 
PDF
Developer Career: Own it - SouJava April 2020
byThodoris Bais
 
PDF
How to pitch an innovative idea in a corporate environment
byThodoris Bais
 
PPTX
Utrecht JUG meetup February 2020
byThodoris Bais
 
PDF
Developer Career: Own it - Adorsys 2020
byThodoris Bais
 
PDF
How JSR 385 could have Saved the Mars Climate Orbiter Adorsys 2020
byThodoris Bais
 
PPTX
Utrecht JUG Meetup January 2020
byThodoris Bais
 
PDF
Developer Career: Own it - Java2Days 2019
byThodoris Bais
 
PPTX
Utrecht JUG meetup December 2019 Speaker Incubator
byThodoris Bais
 
PDF
How JSR 385 could have Saved the Mars Climate Orbiter DevoxxUA 2019
byThodoris Bais
 
EclipseCon 2021 NoSQL Endgame
byThodoris Bais
 
You Graduated Now What ECE UoWM 2021
byThodoris Bais
 
NoSQL Endgame LWJUG 2021
byThodoris Bais
 
Be the Leader of Your Own Career Global Summit for Java Devs 21
byThodoris Bais
 
How to grow an amazing community - JavaLand 2021
byThodoris Bais
 
NoSQL Endgame DevoxxUA Conference 2020
byThodoris Bais
 
Be the Leader of Your Own Career JCON Conference 2020
byThodoris Bais
 
NoSQL Endgame JCON Conference 2020
byThodoris Bais
 
NoSQL Endgame Percona Live Online 2020
byThodoris Bais
 
Utrecht JUG meetup September 2020
byThodoris Bais
 
How JSR 385 could have Saved the Mars Climate Orbiter Java Global Summit 2020
byThodoris Bais
 
Developer Career: Own it - SouJava April 2020
byThodoris Bais
 
How to pitch an innovative idea in a corporate environment
byThodoris Bais
 
Utrecht JUG meetup February 2020
byThodoris Bais
 
Developer Career: Own it - Adorsys 2020
byThodoris Bais
 
How JSR 385 could have Saved the Mars Climate Orbiter Adorsys 2020
byThodoris Bais
 
Utrecht JUG Meetup January 2020
byThodoris Bais
 
Developer Career: Own it - Java2Days 2019
byThodoris Bais
 
Utrecht JUG meetup December 2019 Speaker Incubator
byThodoris Bais
 
How JSR 385 could have Saved the Mars Climate Orbiter DevoxxUA 2019
byThodoris Bais
 

Recently uploaded

PDF
LogiNext Media Kit & Company Overview 2025
byswatishahz9031
 
PDF
LogiNext Media Kit & Company Overview 2025
bypriyajoshi2929
 
PDF
Why I Volunteer at FOSDEM and You Should Too
byImma Valls Bernaus
 
PDF
Accelerating Data Validation with QuerySurge AI
byRTTS
 
PDF
2026 Safety Roadmap: Systems, Skills, and Scale for EHS Leaders
byTECH EHS Solution
 
PPTX
Edison MuleSoft Meetup : Vibe Coding | MuleSoft Meetups
bySravan Lingam
 
PDF
Image and video processing: From Mars to Hollywood with a stop at the hospita...
byHarinath Palavalli
 
PDF
20260201 [FOSDEM] gomodjail - library sandboxing for Go modules.pdf
byAkihiro Suda
 
PPTX
HackYourBrain_JFokusConference_03022026.pptx
bySimonedeGijt
 
PDF
Figma systems development services
bydavidjohansen1597
 
PDF
On Demand Grocery Delivery App Development.pdf
byV3CUBE TECHNOLABS
 
PDF
AI-native development: from Prompt to Platform
byMaxim Salnikov
 
PDF
LogiNext Media Kit & Company Overview 2025
bynidhisharmaq7184
 
PDF
Monitoring your MySQL Server's Health Trends
byIgor Donchovski
 
PDF
SLIDE PROPARTNER SUMMIT 2025 - ITALY.pdf
bygiuo
 
PDF
LogiNext Media Kit & Company Overview 2025
bysanikaroy72
 
PDF
LogiNext Media Kit & Company Overview 2025
bydhrutipatelk5617
 
PDF
Introducing MySQL HeatWave Migration Assistant
byAlexander Hitrov
 
PDF
Phone Tracker App for Family (2026)_ The Safe, Legit Way to Protect Loved One...
byMia Taylor
 
PPTX
Applicius Technologies: Full Service Overview for Branding, SEO, Web & App De...
byappliciustech
 
LogiNext Media Kit & Company Overview 2025
byswatishahz9031
 
LogiNext Media Kit & Company Overview 2025
bypriyajoshi2929
 
Why I Volunteer at FOSDEM and You Should Too
byImma Valls Bernaus
 
Accelerating Data Validation with QuerySurge AI
byRTTS
 
2026 Safety Roadmap: Systems, Skills, and Scale for EHS Leaders
byTECH EHS Solution
 
Edison MuleSoft Meetup : Vibe Coding | MuleSoft Meetups
bySravan Lingam
 
Image and video processing: From Mars to Hollywood with a stop at the hospita...
byHarinath Palavalli
 
20260201 [FOSDEM] gomodjail - library sandboxing for Go modules.pdf
byAkihiro Suda
 
HackYourBrain_JFokusConference_03022026.pptx
bySimonedeGijt
 
Figma systems development services
bydavidjohansen1597
 
On Demand Grocery Delivery App Development.pdf
byV3CUBE TECHNOLABS
 
AI-native development: from Prompt to Platform
byMaxim Salnikov
 
LogiNext Media Kit & Company Overview 2025
bynidhisharmaq7184
 
Monitoring your MySQL Server's Health Trends
byIgor Donchovski
 
SLIDE PROPARTNER SUMMIT 2025 - ITALY.pdf
bygiuo
 
LogiNext Media Kit & Company Overview 2025
bysanikaroy72
 
LogiNext Media Kit & Company Overview 2025
bydhrutipatelk5617
 
Introducing MySQL HeatWave Migration Assistant
byAlexander Hitrov
 
Phone Tracker App for Family (2026)_ The Safe, Legit Way to Protect Loved One...
byMia Taylor
 
Applicius Technologies: Full Service Overview for Branding, SEO, Web & App De...
byappliciustech
 

Securing eHealth and eGovernment with Java - Java2Days 2019

  • 1.
  • 2.
    Werner Keil ThodorisBais Maintenance Lead JSR-385 Expert Group Member JSR-385 Let’s meet @thodorisbais@wernerkeil
  • 3.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Agenda 1. eHealth and eGovernment 2. Signatures and Certificates 3. DSS Framework 4. PDF Insecurity 5. Demo 6. Links / Q&A
  • 4.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais eGovernment in DE ExternalInternal
  • 5.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais eHealth in DE Long distance communication Health Data Patient Monitoring
  • 6.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais eGovernment in NL
  • 7.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais eHealth in NL 80% Access to medical records 75% Health monitoring
  • 8.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais eHealth in NL – How to achieve these goals
  • 9.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Benefits of eHealth Insight into own health Time saving
  • 10.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Requirements for Secure Transmission Integrity Identity Authenticity
  • 11.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Authenticity of Author and Data • Assignment of data to the signer • Protection against denial by signatory • Protection of data against manipulation • On the transmission path • Through the receiver
  • 12.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Risks & Solutions
  • 13.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Electronic Signatures
  • 14.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Functionality The electronic signature is a cryptographic method that uses two asymmetric keys • Private key • Public key
  • 15.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Process
  • 16.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Process
  • 17.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Types The signature law distinguishes three (or four) types of signatures: • Simple Electronic Signature (SES) • Advanced Electronic Signature(AdES) • Qualified Electronic Signature (QES) • Qualified Electronic Signature with Provider Accreditation
  • 18.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Types
  • 19.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Advanced Electronic Signature Electronic signatures, where: • The owner can be uniquely identified and assigned to the signature • The signature is generated by means which owner can keep under their sole control • It is capable of identifying if accompanying data has changed after the message was signed • The signature can be invalidated in the event of such change
  • 20.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Scope of Application An advanced electronic signature holder can also be a company, service, app, etc. The advanced electronic signature can therefore be used to sign documents if there are no legal formalities (personal certificates) With the advanced electronic signature, mass signatures are possible, for example to ensure the integrity of documents in the area of electronic invoicing or archiving (functional certificates)
  • 21.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Qualified Electronic Signature An advanced electronic signature based on a secure signature creation device and a qualified certificate valid at the time of creation. Qualified Certificates • Serial Number • Reference to Qualified Certificate • Name of the owner (natural person) • Signature verification • Period of validity • Certification Service • Usage restrictions
  • 22.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Qualified Electronic Signature with Accreditation Provision of the PKI by a trust center that has undergone the voluntary accreditation process. Certificate providers prove compliance with the provisions of the Act and the SigV before commencing operations Accreditation as a quality label provides proof of the comprehensively tested safety.
  • 23.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Certificates
  • 24.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Certificates The assignment of the electronic signature to the owner is carried out by means of certificates A certificate is an electronic certificate linking the public signature verification key to the name of the holder (natural or legal person)
  • 25.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Formats There are four main types of signatures: • XAdES (XML Document) • CAdES (Common binaries of different kinds) • PAdES (PDF Document) • Associated Signature Containers (ASiC)
  • 26.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Packaging Depending on the signature format, different packaging of the signature and the document are possible: • Enveloped • Enveloping • Detached • Internally Detached
  • 27.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Creation and Validation
  • 28.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Signature Validation • TOTAL_PASSED • TOTAL_FAILED • INDETERMINATE
  • 29.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Multinational Document Flow
  • 30.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais DSS Framework
  • 31.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais DSS Framework DSS (Digital Signature Services) is an open-source software library for electronic signature creation and validation. DSS supports the creation and verification of interoperable and secure electronic signatures in line with European legislation. Three main features can be distinguished within the framework: • Creation of a Digital Signature • Extension of a Digital Signature • Validation of a Digital Signature
  • 32.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais DSS Framework – Features • Formats of the signed documents: XML, PDF, DOC, TXT, ZIP,…​ • Packaging structures: enveloping, enveloped, detached and internally-detached • Forms signatures: XAdES, CAdES, PAdES and ASiC-S/ASiC-E • Profiles associated to each form of the digital signature • Trust management • Revocation data handling (OCSP and CRL sources) • Certificate chain building • Signature validation and validation policy • Validation of the signing certificate
  • 33.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais PDF Insecurity https://www.pdf-insecurity.org/index.html
  • 34.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais PDF Insecurity
  • 35.
  • 36.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais Links CEF Digital Home: https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eSignature eGov EU Twitter Account: @eGov_EU CEF DSS: https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/DSS DSS Framework on GitHub: https://github.com/esig/dss Bouncy Castle for Java: https://www.bouncycastle.org/java.html Apache Sanctuario: https://santuario.apache.org/ Apache PDFBox: https://pdfbox.apache.org/
  • 37.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais @wernerkeil @thodorisbais
  • 38.
    © 2017-2019 CreativeArts & Technologies and others. All rights reserved.#Java2Days #eHealth #eGov #eSignature #Java @wernerkeil @thodorisbais

Editor's Notes

  • #5 E-government is the opening up and adaptation of the public sector through information and communication technologies. One distinguishes between: Internal E-Government - Use of IT within the public sector without any contact with the citizen, such as electronic medical records, exchange between public authorities, healthcare providers, pharmacies, etc. External E-Government - Web site and services for citizens, patients, customers, companies, ...
  • #6 Currently, Germany is still at an early stage of the application of e-health or M-Health. There are, however, already some advantages and possibilities to see how both are used or can be used soon. For example for: Communication over long distances, regardless of location. Especially in rural areas, or where there is a shortage of doctors Computer-based procedures for the collection, transmission and evaluation of health data. The monitoring of patients, for example, the chronically ill, or voluntary self-monitoring (Quantified Self)
  • #7 eIDAS: accessing Dutch government services online The introduction of the Electronic Identification and Trust Services Regulation (eIDAS) means EU citizens from other member states can access Dutch government services online. What government services can I access in the Netherlands? You can use your login details for any approved European electronic identification scheme to access all the same services as Dutch people can using their DigiD. If, for example, you are a German national working in the Netherlands, you can log in using your ‘Neuer Personalausweis’ to: see how much pension you have built up through the Social Insurance Bank (SVB); submit your tax return to the Tax and Customs Administration; check your pension payments to your pension provider; object to the assessment of the value of your property under the Valuation of Immovable Property Act (WOZ); BSN ?
  • #8 The government is encouraging the healthcare sector to expand telehealth (eHealth) services. Below the goals set by the Dutch government: Access to medical records At least 80% of chronically ill people should have access to their own medical records by 2019, and at least 40% of other members of the population. Health monitoring By 2019 75% of chronically ill people and vulnerable elderly people should be able to monitor certain aspects of their own health and share the data with their health provider. This would include things like blood pressure and cholesterol levels. Online contact with care provider People receiving care and support at home should be able to communicate with their care provider 24 hours a day via a screen, if they wish.
  • #9 Support for innovators via online platform Healthcare innovators wishing to make a new digital application can go to zorgvoorinnoveren.nl (in Dutch), where they will find support to help them develop their idea swiftly and effectively into a working application. The site also has tips on getting funding. Making digital data sharing easier The government is consulting with healthcare administrators on standards that should facilitate digital data sharing. They are also talking to suppliers of IT systems. Sharing eHealth knowhow The government is bringing healthcare innovators and other parties together. It has established a startup network, for example, which includes healthcare providers, patients and lawyers. The network allows them to share knowledge and help startups and innovations advance to the next stage. Personal digital healthcare environment Some healthcare providers and IT suppliers already offer patients the opportunity to draw up and manage a personal health record (PHR). But safely combining and sharing personal health information is a complex matter, and is currently possible to only a limited extent. Various parties in the healthcare sector are therefore collaborating on a programme to give people more control over their own health.
  • #10 Time savings Telehealth can save time. For example, patients can schedule their own appointment with their care provider online. And they do not even need to leave their home if they can arrange an online consultation (by video link, for example). Insight into own health A personal digital healthcare environment gives people more insight into their health. If they wish, they can share all or part of their data with a healthcare provider or informal carer, so that they do not have to repeatedly relate their entire medical history. This allows the healthcare provider to work more effectively, determine the right treatment more quickly, and avoid mistakes. Patients gain more control over their own health thanks to a greater understanding of their health situation. Lower administrative burden Doctors have less paperwork and can share information securely and easily with colleagues.
  • #11 Integrity Messages should not be able to be falsified unnoticed Identity A message should be clearly assigned to the sender Authenticity The identity of the sender should be verifiable Confidentiality Messages should not be read by unauthorized persons
  • #13 E-communication entails risks Who is my counterpart? Who is reading? Has anyone changed something? Solutions: E-Signature & Encryption Unauthorised third parties cannot read an encrypted message Electronically signed documents can not be changed unnoticed, neither during transmission nor through the receiver -Sender can not deny text (e.g., binding offer)
  • #15 The private key to be kept secret is used to encrypt the hash value of the document (= "Compressed text consisting of a sequence of binary values) The public key can only be used for decryption and matches only one private key. It can be publicly retrieved and is often sent with the message
  • #16 Public key matches only one private key
  • #29 TOTAL-PASSED response indicates that the signature has passed verification and it complies with the signature validation policy TOTAL_FAILED response indicates that either the signature format is incorrect or that the digital signature value fails the verification. INDETERMINATE validation response indicates that the format and digital signature verifications have not failed but there is an insufficient information to determine if the electronic signature is valid.
  • #36 Generally and following ETSI standard, the validation process of an electronic signature must provide one of these three following statuses: TOTAL-FAILED, TOTAL-PASSED or INDETERMINATE. TOTAL-PASSED response indicates that the signature has passed verification and it complies with the signature validation policy. TOTAL_FAILED response indicates that either the signature format is incorrect or that the digital signature value fails the verification. INDETERMINATE validation response indicates that the format and digital signature verifications have not failed but there is an insufficient information to determine if the electronic signature is valid.