The document discusses electronic identification (eID) in Austria, including:
- The Austrian citizen card concept combines electronic signature, unique electronic identity, and representation data.
- A valid legal basis is provided by the E-Government Act, which mandates electronic IDs from various sectors that are linked to a citizen's identity.
- Identity is comprised of a citizen's unique "sourcePIN" cryptographically bound to their public key certificate from an accredited certification services provider.
- Citizen cards have been issued on physical cards like health insurance cards as well as digitally through mobile phone signatures.
The Belgian Federal Government has implemented an electronic identity (eID) project to provide Belgian citizens with an electronic identity card. This eID card allows citizens to authenticate themselves digitally and apply digital signatures. The eID project timeline began in 1999 and saw full national rollout by 2009. Over 8.6 million eID cards have been issued. The eID functions as an e-government building block and has expanded to include Kids-ID and Foreigner-ID cards. Identity and access management (IAM) is also discussed as relevant to eGovernment for ensuring security, transparency, autonomy, and governance. Fedict provides an IAM offering and the presentation discusses IAM evolution and EU cross-border interoperability pilots.
This document discusses a new model for federated identity management that was presented at a conference. It outlines some of the challenges with the old model of closed identity systems and lack of standards. A new opportunity exists to create a unified approach for identity assurance across organizations using a federated model. This would reduce costs and improve security, collaboration and compliance. It describes some implementation decisions around participant scope, determining business value, legal and technical architecture considerations for a successful federated identity system using a trust bridge and third party assurance.
Al-Khouri, A.M. (2011) 'The Development of a Federal Digital Identity', BIT's 1st Annual International Congress of u-World 2011, October 23-25, 2011, Dalian World EXPO Center (DWEC), China.
The document discusses eGovernance in Austria. It notes that Austria has 13 federal ministries and over 2,000 municipalities. Cooperation between different levels of government is crucial for eGovernance as over 70% of administration is not at the federal level. Key aspects of Austria's eGovernance approach include a federal Chief Information Officer, an eGovernment act establishing a legal basis, and initiatives like the Electronic File System and citizen card to facilitate online interactions. Constant coordination and focus on factors like interoperability, security and citizen centricity have supported Austria's highly developed eGovernance systems.
1) The document discusses identity management concepts including digital identities, attributes, and how individuals have different identities for different purposes.
2) It outlines a vision for citizen-friendly identity management where individuals control the flow of their personal information across domains.
3) The document examines identity management stakeholders, functions, services, and evolution including user-centric and federated identities that match service-centric identities.
Nordic Egovernment Conference - Eva EkenbergJulieCarlslund
Sweden has over 4 million citizens using e-identification through private sector issuers like banks to access over 250 million public e-services annually. A new Swedish E-Identification Board coordinates the transition to a common e-ID infrastructure using identity tokens and a central signing service to simplify integration and regulation of e-IDs across public and private sectors. The architecture introduces the Board as the contracting authority over common functions while private issuers and service providers agree to adopt and use the infrastructure.
Public Key Infrastructure (PKI) allows for trusted electronic business by establishing trust through the generation and distribution of public keys and certificates. A PKI consists of components that work together to publish, manage, and use public keys seamlessly. It provides capabilities for authentication, authorization, confidentiality, integrity, non-repudiation, and audit controls through the use of public key cryptography and digital signatures. The PKI market has grown significantly since the late 1990s as PKI enables new e-business processes and transactions. Common cryptographic algorithms used in PKI include symmetric algorithms like DES and public key algorithms like RSA.
e-CODEX is a 50-month project involving 27 European countries and organizations to develop electronic cross-border legal procedures. It has 7 work packages and 3 pilot projects testing electronic services for civil claims, mutual legal assistance, and business register interconnection. The project aims to establish frameworks for electronic identities, signatures, and document exchange. Related projects like STORK 2.0 and e-SENS also aim to facilitate cross-border digital services and identities in Europe. For more information, see the listed websites and contact details.
The Belgian Federal Government has implemented an electronic identity (eID) project to provide Belgian citizens with an electronic identity card. This eID card allows citizens to authenticate themselves digitally and apply digital signatures. The eID project timeline began in 1999 and saw full national rollout by 2009. Over 8.6 million eID cards have been issued. The eID functions as an e-government building block and has expanded to include Kids-ID and Foreigner-ID cards. Identity and access management (IAM) is also discussed as relevant to eGovernment for ensuring security, transparency, autonomy, and governance. Fedict provides an IAM offering and the presentation discusses IAM evolution and EU cross-border interoperability pilots.
This document discusses a new model for federated identity management that was presented at a conference. It outlines some of the challenges with the old model of closed identity systems and lack of standards. A new opportunity exists to create a unified approach for identity assurance across organizations using a federated model. This would reduce costs and improve security, collaboration and compliance. It describes some implementation decisions around participant scope, determining business value, legal and technical architecture considerations for a successful federated identity system using a trust bridge and third party assurance.
Al-Khouri, A.M. (2011) 'The Development of a Federal Digital Identity', BIT's 1st Annual International Congress of u-World 2011, October 23-25, 2011, Dalian World EXPO Center (DWEC), China.
The document discusses eGovernance in Austria. It notes that Austria has 13 federal ministries and over 2,000 municipalities. Cooperation between different levels of government is crucial for eGovernance as over 70% of administration is not at the federal level. Key aspects of Austria's eGovernance approach include a federal Chief Information Officer, an eGovernment act establishing a legal basis, and initiatives like the Electronic File System and citizen card to facilitate online interactions. Constant coordination and focus on factors like interoperability, security and citizen centricity have supported Austria's highly developed eGovernance systems.
1) The document discusses identity management concepts including digital identities, attributes, and how individuals have different identities for different purposes.
2) It outlines a vision for citizen-friendly identity management where individuals control the flow of their personal information across domains.
3) The document examines identity management stakeholders, functions, services, and evolution including user-centric and federated identities that match service-centric identities.
Nordic Egovernment Conference - Eva EkenbergJulieCarlslund
Sweden has over 4 million citizens using e-identification through private sector issuers like banks to access over 250 million public e-services annually. A new Swedish E-Identification Board coordinates the transition to a common e-ID infrastructure using identity tokens and a central signing service to simplify integration and regulation of e-IDs across public and private sectors. The architecture introduces the Board as the contracting authority over common functions while private issuers and service providers agree to adopt and use the infrastructure.
Public Key Infrastructure (PKI) allows for trusted electronic business by establishing trust through the generation and distribution of public keys and certificates. A PKI consists of components that work together to publish, manage, and use public keys seamlessly. It provides capabilities for authentication, authorization, confidentiality, integrity, non-repudiation, and audit controls through the use of public key cryptography and digital signatures. The PKI market has grown significantly since the late 1990s as PKI enables new e-business processes and transactions. Common cryptographic algorithms used in PKI include symmetric algorithms like DES and public key algorithms like RSA.
e-CODEX is a 50-month project involving 27 European countries and organizations to develop electronic cross-border legal procedures. It has 7 work packages and 3 pilot projects testing electronic services for civil claims, mutual legal assistance, and business register interconnection. The project aims to establish frameworks for electronic identities, signatures, and document exchange. Related projects like STORK 2.0 and e-SENS also aim to facilitate cross-border digital services and identities in Europe. For more information, see the listed websites and contact details.
This document provides an overview of Higgins, an open source identity framework being developed at the Eclipse Foundation. It summarizes the key components of Higgins 1.0 which was released in February 2008 including Identity Selectors, Identity Providers, Relying Party websites, and Identity Services. It then outlines the planned developments for Higgins 1.1 scheduled for June 2009, which includes a new AIR-based Identity Selector, enhancements to the Identity Attribute Service including access control and new context providers, support for relationship and additional card types, and integrating the selector as an OpenID service. The document concludes by discussing potential future directions for Higgins beyond version 1.1 such as mobile and ID-WSF support.
SG, SignGATE, is the first accredited Certification Authority (CA) in South Korea and has issued over 1,000,000 digital certificates and providing PKI-based authentication services for government officials and private sector since 1999.
SG established National PKI in Panama, Philippines and provided PKI consulting in many countries such as Costa Rica, Cameroon, Indonesia, Mongolia, etc.
SmartCard Forum 2010 - Secured Access for enterpriseOKsystem
Gemalto presented an overview of their identity and access management (IAM) solutions for enterprises. Their solutions include smart cards, tokens, readers, drivers, applications and authentication servers. Smart cards securely store digital certificates, user PINs, one-time passwords and encryption keys. Gemalto has several smart card families including .NET, TPC and IAS cards that provide different features like PKI, OTP authentication and certification levels. Their solutions help enable strong multi-factor authentication for secure access to enterprise networks, applications, data and facilities. Gemalto also discussed their management systems and middleware to integrate their solutions.
SmartCard Forum 2008 - Securing digital identityOKsystem
This document discusses securing digital identity and provides an overview of Oberthur Technologies' smart card-based solutions. Smart cards can securely store private keys and digital certificates, and perform cryptographic operations to authenticate users during online transactions. Oberthur offers smart cards, readers, and client software that implement public key infrastructure and provide different levels of assurance for digital identity depending on the form factors and credentials used.
ePortfolios can function as a digital identity by providing an answer to "Who is this?" and "Who am I?" through presenting one's educational and professional biography and competencies. While ePortfolios could improve opportunities for both employers and employees through a more efficient matching of supply and demand and standardized profiles, they also carry potential social issues like new forms of vulnerability and exclusion, and classification, standardization, and labeling that could enable discrimination. Any digital identity technology has implications beyond access, authentication, and privacy, and into broader social and ethical dimensions that should be considered in the design and use of ePortfolios.
This document discusses an identity attribute registry called Greenlist that would allow for public but anonymized e-payment addresses. It would be run by accredited entities and eliminate intermediaries to enhance security. Greenlist provides benefits like increased privacy and security for consumers and merchants, faster access to cash, and new revenue sources for banks by monetizing their know-your-customer investments and improving payment networks. The solution addresses issues from regulations around identity verification and aims to keep banks central to customers' financial lives in the digital world.
The document provides an overview of electronic payment systems in Korea, including:
1. The BOK-Wire system is Korea's large-value payment system and real-time gross settlement system owned and operated by the Bank of Korea. It facilitates domestic and foreign currency transfers between financial institutions.
2. BOK-Wire's main functions include domestic and foreign currency transfers, net settlement of retail payments, BOK loans, government bond issuance and redemption, and government treasury transfers.
3. BOK-Wire employs measures to manage intraday liquidity such as queuing arrangements, designated settlement times, advance funds transfer arrangements, and intraday overdrafts.
Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10Hai Nguyen
1. South Korea has 5 accredited certificate authorities that issue digital certificates to around 20 million users for applications like internet banking, online stock trading, e-commerce, and e-government services.
2. The PKI landscape in South Korea consists of a national PKI (NPKI) established in 1999 and a government PKI (GPKI) established in 2001. The two systems were later cross-certified to ensure interoperability.
3. Over time, the Korean PKI system saw upgrades to technologies, expansion of mandatory certificate usage in certain industries, introduction of fees for individual certificates, and division of certificate markets between certificate authorities (CAs).
Smart Cards & Devices Forum 2012 - Mobile ID usnadňuje život jak uživatelům, ...OKsystem
Mobile ID allows users to access online services and authenticate transactions using their mobile phone instead of passwords. It works by storing digital signatures on the SIM card that are used to authenticate the user. When a service requires authentication, the user confirms by entering a PIN on their phone. This signature is then verified by a trusted third party. Mobile ID provides strong authentication through a separate channel from the data, protecting against phishing. It allows users to access multiple services using the same authentication method on their mobile device.
Multi purpose ID : A Digital Identity to 134 Crore IndiansRishabh Garg
Multipurpose ID is a combination of a Techno Smart Card carrying a twenty-digit universal identification number to record all purposeful information of an individual and a touch screen Smart Cell Phone for electronic surveillance. Both the units can work separately or together. Such a unique system would replace all possible documents procured by an individual during his life time.
Apart from saving human resources, time, money and administrative complexities, the stack of files and papers in offices would also be reduced to fractional level. No Xerox, no documentation, no verification and no long queues for day-to-day pursuits. Just go for one click and the entire details of an individual would be available, that too fully genuine.
The Nation would have a red letter day as the change will shape billion lives and bring respite to administrative machinery and public that has crumpled under the red tapism.
Techno Smart Card : Digital ID for Every IndianRishabh Garg
Digital ID with Electronic Surveillance System is a combination of Multipurpose ID Card, carrying a twenty-digit unique identification number to record the entire life time data of a citizen, and a Smart Mobile Phone for Electronic Surveillance. Both the units can work separately or together. Such a unique Techno-Smart Device would replace all possible documents - Birth Certificates, Aadhar, Passport, Driving License, PAN, Insurance, Bank Account Numbers ................
Thus, the present innovation would make the life of every individual on Earth free from redundant documentation and would serve as a rescue from practice of forged identity, deception and corruption.
This document provides a summary of Pierluigi Sartori and Informatica Trentina Spa. It includes information about Pierluigi Sartori's background and experience. It then discusses Informatica Trentina's mission to modernize Trentino's public administration through information and communication technologies. The document outlines some of Informatica Trentina's main services, including desktop management, data center services, and training. It also discusses identity management and the risk of "zombie accounts", which are inactive user accounts that are not properly disabled after an employee leaves an organization. The document describes Informatica Trentina's processes for managing different types of user accounts and ensuring accounts are revoked appropriately when no longer needed.
International Webinar - Global ID Through BlockchainRishabh Garg
This document discusses Rishabh Garg presenting on global identity through blockchain at an international webinar. It provides background on Garg's work developing a digital identity system in India. It outlines issues with India's current identity instruments and Aadhaar system, such as privacy and security concerns. The document proposes implementing a self-sovereign identity system using blockchain technology, where individuals control their own private keys and digital identities. Blockchain could provide a decentralized and secure way to digitally verify identities and transactions without privacy violations.
This is a presentation from the MyData Online 2020 Conference that covers the history and evolution of digital identity from the first computers in World War 2 to Enterprise Identity and Access Management and emerging new Self-Sovereign Identity Technology.
Ireland - The location of choice for International Payments firmsMartina Naughton
This document discusses Ireland as a location for international payments firms. It highlights Ireland's strong portfolio of financial services firms, leadership in software and ICT, and convergence of financial technology. Ireland has over 800 software firms, 24,000 employees in the sector, and 8 of the top 10 ICT companies have operations there. Financial regulation supports the payments market. Several large payments firms have partnerships and operations in Ireland, taking advantage of the business environment and government support through agencies like IDA Ireland.
Comodo is a leading digital security company that was founded in 2001. It has over 2 million digital certificates issued and is the 2nd largest SSL certificate authority with over 25% of the market share. Comodo offers a complete portfolio of internet security and authentication solutions for businesses, online merchants, and consumers.
Al-Khouri, A.M. (2010) 'Trends and Development in Government Sector: Building e-Government Backbone', e-Government Conference, December 21, 2010, Dubai, United Arab Emirates.
This document discusses bringing your own device (BYOD) security and Cidway's solutions. It addresses:
- BYOD as a reality for many companies as personal devices enter the workplace
- Different corporate strategies for BYOD ranging from not allowing to having agreed policies
- Key questions around BYOD like who pays for data/devices, compliance, security, applications access
- Cidway's mobile authentication application that allows authentication without intruding on devices
- A mobile launcher application that protects access to corporate data, not the device itself
- Potential issues with requiring employees to purchase their own devices for work (BYOD 2.0)
Al-Khouri, A.M. (2008) 'Challenges in the Management of Strategic Government Projects: The Case of the UAE National ID Program', e-Identity and Access Asia 2008, July 8-9, Singapore.
The document discusses the European Cloud Computing Strategy. It defines cloud computing and outlines the key challenges including security, interoperability, privacy, and legal issues. It summarizes the European cloud computing market and notes the need for an EU-wide strategy. The strategy focuses on developing a legal framework, addressing technical and commercial barriers, and supporting ongoing research projects related to cloud computing.
Korea has made significant progress in developing its e-government systems over the past few decades. It established foundational laws and projects in the 1990s and 2000s to build administrative computer networks and promote informatization. Key achievements include consolidating administrative procedures, establishing common platforms, and advancing internal processes and integrated public services. Korea now provides seamless online services and is recognized as a global leader in e-government development. However, challenges remain such as further developing seamless and converged services. The government aims to complete this transition through tasks focused on usage, convergence and citizen-centered services.
This document provides an overview of Higgins, an open source identity framework being developed at the Eclipse Foundation. It summarizes the key components of Higgins 1.0 which was released in February 2008 including Identity Selectors, Identity Providers, Relying Party websites, and Identity Services. It then outlines the planned developments for Higgins 1.1 scheduled for June 2009, which includes a new AIR-based Identity Selector, enhancements to the Identity Attribute Service including access control and new context providers, support for relationship and additional card types, and integrating the selector as an OpenID service. The document concludes by discussing potential future directions for Higgins beyond version 1.1 such as mobile and ID-WSF support.
SG, SignGATE, is the first accredited Certification Authority (CA) in South Korea and has issued over 1,000,000 digital certificates and providing PKI-based authentication services for government officials and private sector since 1999.
SG established National PKI in Panama, Philippines and provided PKI consulting in many countries such as Costa Rica, Cameroon, Indonesia, Mongolia, etc.
SmartCard Forum 2010 - Secured Access for enterpriseOKsystem
Gemalto presented an overview of their identity and access management (IAM) solutions for enterprises. Their solutions include smart cards, tokens, readers, drivers, applications and authentication servers. Smart cards securely store digital certificates, user PINs, one-time passwords and encryption keys. Gemalto has several smart card families including .NET, TPC and IAS cards that provide different features like PKI, OTP authentication and certification levels. Their solutions help enable strong multi-factor authentication for secure access to enterprise networks, applications, data and facilities. Gemalto also discussed their management systems and middleware to integrate their solutions.
SmartCard Forum 2008 - Securing digital identityOKsystem
This document discusses securing digital identity and provides an overview of Oberthur Technologies' smart card-based solutions. Smart cards can securely store private keys and digital certificates, and perform cryptographic operations to authenticate users during online transactions. Oberthur offers smart cards, readers, and client software that implement public key infrastructure and provide different levels of assurance for digital identity depending on the form factors and credentials used.
ePortfolios can function as a digital identity by providing an answer to "Who is this?" and "Who am I?" through presenting one's educational and professional biography and competencies. While ePortfolios could improve opportunities for both employers and employees through a more efficient matching of supply and demand and standardized profiles, they also carry potential social issues like new forms of vulnerability and exclusion, and classification, standardization, and labeling that could enable discrimination. Any digital identity technology has implications beyond access, authentication, and privacy, and into broader social and ethical dimensions that should be considered in the design and use of ePortfolios.
This document discusses an identity attribute registry called Greenlist that would allow for public but anonymized e-payment addresses. It would be run by accredited entities and eliminate intermediaries to enhance security. Greenlist provides benefits like increased privacy and security for consumers and merchants, faster access to cash, and new revenue sources for banks by monetizing their know-your-customer investments and improving payment networks. The solution addresses issues from regulations around identity verification and aims to keep banks central to customers' financial lives in the digital world.
The document provides an overview of electronic payment systems in Korea, including:
1. The BOK-Wire system is Korea's large-value payment system and real-time gross settlement system owned and operated by the Bank of Korea. It facilitates domestic and foreign currency transfers between financial institutions.
2. BOK-Wire's main functions include domestic and foreign currency transfers, net settlement of retail payments, BOK loans, government bond issuance and redemption, and government treasury transfers.
3. BOK-Wire employs measures to manage intraday liquidity such as queuing arrangements, designated settlement times, advance funds transfer arrangements, and intraday overdrafts.
Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10Hai Nguyen
1. South Korea has 5 accredited certificate authorities that issue digital certificates to around 20 million users for applications like internet banking, online stock trading, e-commerce, and e-government services.
2. The PKI landscape in South Korea consists of a national PKI (NPKI) established in 1999 and a government PKI (GPKI) established in 2001. The two systems were later cross-certified to ensure interoperability.
3. Over time, the Korean PKI system saw upgrades to technologies, expansion of mandatory certificate usage in certain industries, introduction of fees for individual certificates, and division of certificate markets between certificate authorities (CAs).
Smart Cards & Devices Forum 2012 - Mobile ID usnadňuje život jak uživatelům, ...OKsystem
Mobile ID allows users to access online services and authenticate transactions using their mobile phone instead of passwords. It works by storing digital signatures on the SIM card that are used to authenticate the user. When a service requires authentication, the user confirms by entering a PIN on their phone. This signature is then verified by a trusted third party. Mobile ID provides strong authentication through a separate channel from the data, protecting against phishing. It allows users to access multiple services using the same authentication method on their mobile device.
Multi purpose ID : A Digital Identity to 134 Crore IndiansRishabh Garg
Multipurpose ID is a combination of a Techno Smart Card carrying a twenty-digit universal identification number to record all purposeful information of an individual and a touch screen Smart Cell Phone for electronic surveillance. Both the units can work separately or together. Such a unique system would replace all possible documents procured by an individual during his life time.
Apart from saving human resources, time, money and administrative complexities, the stack of files and papers in offices would also be reduced to fractional level. No Xerox, no documentation, no verification and no long queues for day-to-day pursuits. Just go for one click and the entire details of an individual would be available, that too fully genuine.
The Nation would have a red letter day as the change will shape billion lives and bring respite to administrative machinery and public that has crumpled under the red tapism.
Techno Smart Card : Digital ID for Every IndianRishabh Garg
Digital ID with Electronic Surveillance System is a combination of Multipurpose ID Card, carrying a twenty-digit unique identification number to record the entire life time data of a citizen, and a Smart Mobile Phone for Electronic Surveillance. Both the units can work separately or together. Such a unique Techno-Smart Device would replace all possible documents - Birth Certificates, Aadhar, Passport, Driving License, PAN, Insurance, Bank Account Numbers ................
Thus, the present innovation would make the life of every individual on Earth free from redundant documentation and would serve as a rescue from practice of forged identity, deception and corruption.
This document provides a summary of Pierluigi Sartori and Informatica Trentina Spa. It includes information about Pierluigi Sartori's background and experience. It then discusses Informatica Trentina's mission to modernize Trentino's public administration through information and communication technologies. The document outlines some of Informatica Trentina's main services, including desktop management, data center services, and training. It also discusses identity management and the risk of "zombie accounts", which are inactive user accounts that are not properly disabled after an employee leaves an organization. The document describes Informatica Trentina's processes for managing different types of user accounts and ensuring accounts are revoked appropriately when no longer needed.
International Webinar - Global ID Through BlockchainRishabh Garg
This document discusses Rishabh Garg presenting on global identity through blockchain at an international webinar. It provides background on Garg's work developing a digital identity system in India. It outlines issues with India's current identity instruments and Aadhaar system, such as privacy and security concerns. The document proposes implementing a self-sovereign identity system using blockchain technology, where individuals control their own private keys and digital identities. Blockchain could provide a decentralized and secure way to digitally verify identities and transactions without privacy violations.
This is a presentation from the MyData Online 2020 Conference that covers the history and evolution of digital identity from the first computers in World War 2 to Enterprise Identity and Access Management and emerging new Self-Sovereign Identity Technology.
Ireland - The location of choice for International Payments firmsMartina Naughton
This document discusses Ireland as a location for international payments firms. It highlights Ireland's strong portfolio of financial services firms, leadership in software and ICT, and convergence of financial technology. Ireland has over 800 software firms, 24,000 employees in the sector, and 8 of the top 10 ICT companies have operations there. Financial regulation supports the payments market. Several large payments firms have partnerships and operations in Ireland, taking advantage of the business environment and government support through agencies like IDA Ireland.
Comodo is a leading digital security company that was founded in 2001. It has over 2 million digital certificates issued and is the 2nd largest SSL certificate authority with over 25% of the market share. Comodo offers a complete portfolio of internet security and authentication solutions for businesses, online merchants, and consumers.
Al-Khouri, A.M. (2010) 'Trends and Development in Government Sector: Building e-Government Backbone', e-Government Conference, December 21, 2010, Dubai, United Arab Emirates.
This document discusses bringing your own device (BYOD) security and Cidway's solutions. It addresses:
- BYOD as a reality for many companies as personal devices enter the workplace
- Different corporate strategies for BYOD ranging from not allowing to having agreed policies
- Key questions around BYOD like who pays for data/devices, compliance, security, applications access
- Cidway's mobile authentication application that allows authentication without intruding on devices
- A mobile launcher application that protects access to corporate data, not the device itself
- Potential issues with requiring employees to purchase their own devices for work (BYOD 2.0)
Al-Khouri, A.M. (2008) 'Challenges in the Management of Strategic Government Projects: The Case of the UAE National ID Program', e-Identity and Access Asia 2008, July 8-9, Singapore.
The document discusses the European Cloud Computing Strategy. It defines cloud computing and outlines the key challenges including security, interoperability, privacy, and legal issues. It summarizes the European cloud computing market and notes the need for an EU-wide strategy. The strategy focuses on developing a legal framework, addressing technical and commercial barriers, and supporting ongoing research projects related to cloud computing.
Korea has made significant progress in developing its e-government systems over the past few decades. It established foundational laws and projects in the 1990s and 2000s to build administrative computer networks and promote informatization. Key achievements include consolidating administrative procedures, establishing common platforms, and advancing internal processes and integrated public services. Korea now provides seamless online services and is recognized as a global leader in e-government development. However, challenges remain such as further developing seamless and converged services. The government aims to complete this transition through tasks focused on usage, convergence and citizen-centered services.
The document discusses eGovernance in Oman. It provides an overview of Oman's digital transformation strategy and approach to eGovernance. The strategy has 6 pillars, and initially focused on national infrastructure, governance & standards, and promotion & awareness. The approach to eGovernance involves defining standards/processes, governance frameworks, policies, and enforcing national laws/regulations across 4 key areas: structure, frameworks, policies, and laws.
The document discusses Georgia's G3 governmental gateway project. It outlines several goals of the project including establishing electronic messaging between government agencies, developing information technology and security policies, and promoting efficiency and transparency in governance through the use of IT systems. It then provides examples of IT systems already in use by various government agencies and ministries in Georgia and benefits those systems provide such as increased access, reduced costs, and improved services for citizens. Potential challenges for e-governance initiatives are also mentioned such as limited budgets, lack of standards and security, and shortage of qualified personnel.
The document describes a tutorial on electronic governance for sustainable development and collaborative policy development. It discusses the need for open government and inclusive policy making to address complex global challenges. It then introduces the OCOPOMO project, which aims to support stakeholder participation in policy formulation through an integrated ICT platform and methods to develop evidence-based scenarios and conceptual policy models. Finally, it outlines the integrated policy process in OCOPOMO involving domain experts, stakeholders, and policy analysts.
This document discusses cyber identity and e-government structures in Argentina. It notes that technology accounts for 15% of e-government, while processes, people, and culture each account for 25%. It then outlines several digital inclusion initiatives in Argentina including the distribution of netbooks to schools and the expansion of wireless networks. The document emphasizes the importance of cyber identity and discusses the use of biometrics, passwords, and digital signatures for trusted online identities. Finally, it provides an overview of Argentina's national cyber security agency and its role in protecting critical infrastructures.
Colombia has made significant progress in developing its online government system over the past decade. It now ranks highly in international rankings of e-government. The government's strategy is coordinated through the Online Government Program and aims to improve efficiency, transparency, and citizen participation through expanded online services. Key achievements include establishing an integrated access point portal for government services, implementing an e-procurement system, and providing over 700 online transactions and services across all local governments. The strategy focuses on continuing to expand online information, interactions, transactions, and democratic participation to build an increasingly digital government.
This document provides an overview of electronic governance for sustainable development (EGOV4SD). It discusses how governments face pressures to be more responsive, efficient, and deliver public value. New technologies like web 2.0, cloud computing, and mobile services are transforming governments' use of technology and interactions with citizens. EGOV4SD aims to advance social, environmental, economic and transitional sustainability goals through open government and policy development that utilizes these new technologies.
Estonia has achieved high levels of internet penetration and digital government services. Through initiatives like Tiger Leap and programs offering computer training, Estonia developed an e-government infrastructure connecting databases across levels of government through the X-Road system. This allows citizens to access most government services online. Estonia's success is attributed to the political commitment to ICT development, allocating around 1% of the budget annually from 1994-2004. Estonia prioritized digital transformation with consensus across society and active government leadership through project-based approaches.
This document discusses some of the key legal issues related to cloud computing. It identifies three main categories of issues: data privacy and security, contracts and liability, and compliance. Under data privacy and security, it discusses issues around data location, cross-border data transfers, and ensuring appropriate security measures. For contracts and liability, it outlines various risks that should be addressed in service contracts such as data backups, disaster recovery, and security breach handling. The compliance section notes some national rules regarding public records, access to information, and public procurement requirements.
The document discusses strategies for increasing internet access and reducing poverty through digital inclusion in Colombia. It outlines Colombia's plan to multiply internet connections by 4 times by 2014 to reach more households and businesses. The plan is governed by principles of public-private partnership and reducing barriers to expand infrastructure and access. The specific goals are to increase online government services, transition to paperless systems, and link all public entities to an electronic contracting system to improve transparency and civic participation.
The document discusses interoperability in the framework of the Digital Agenda for Europe. It outlines several key initiatives and strategies to enhance interoperability across governments in Europe, including the European Interoperability Strategy, the European Interoperability Framework, and cross-border authentication projects like STORK and ECAS. The goal is to create more open, flexible and seamless eGovernment services through increased cooperation and aligned standards between member states.
The document discusses Moldova's plan to implement an e-governance technology platform called M-Cloud based on cloud computing. M-Cloud will provide common services to government agencies through a private government cloud (G-Cloud) using modern, cost-efficient technologies. The platform aims to reduce costs while increasing flexibility, mobility and focus on innovation for IT staff and government organizations through a service-oriented architecture hosted in the cloud.
This document discusses cloud computing and defines key concepts such as infrastructure as a service, platform as a service, and software as a service. It outlines opportunities and risks of cloud computing related to legal, structural, economic and technical aspects. The document also discusses how electronic identification and security will be impacted by cloud computing and proposes possible approaches for Austria, including defining suitability criteria for cloud services and standards for cloud providers.
The document discusses several key questions regarding eGovernment frameworks:
1) Whether eGovernment policy should be the driving force or develop in response to technological developments.
2) The optimal organizational setup for coordinating eGovernment initiatives, whether through a strong centralized unit or decentralized approach.
3) The different models for coordinating implementation and policymaking, ranging from fully decentralized to fully centralized.
The document then outlines some of the factors that can drive successful eGovernment development, including stable coordination structures, leadership, legal/fiscal frameworks, and interoperable technical architectures.
The document summarizes key topics from the ICEGOV 2011 Conference on the management and coordination of e-government. It discusses evolving roles of government in providing services to citizens, consumers, and taxpayers. It outlines an agenda covering vision/strategy, public sector change management, and performance management. It emphasizes that e-government requires strong leadership, commitment to change, and a focus on users. Key challenges include balancing openness with stakeholder interests and providing more for less.
The document discusses data center consolidation and cloud computing in government information and communications technology, noting that data center consolidation through adopting cloud computing can help reduce costs and improve effectiveness and efficiency by consolidating infrastructure and applications. It provides an overview of data center consolidation efforts, introduces cloud computing and traditional vs cloud models, and discusses challenges to consolidation like resistance to change and ensuring business continuity and disaster recovery.
This document discusses the major activities and functions of central banks. It explains that central banks historically served as bankers to governments and had control over money supply through printing currency. Their modern functions include conducting monetary policy to stabilize economic growth and inflation through interest rate adjustments and money supply management. The primary reason for establishing central banks is to ensure control over a country's currency and monetary system. The document also outlines the objectives, design considerations, and fundamental tools of central banks like the European Central Bank.
The document discusses Belgium's e-government system and its reliance on interoperability and electronic IDs (eIDs). It outlines how eIDs allow Belgian citizens to access a variety of e-applications from healthcare to home banking. The system provides efficiency, speed, transparency and lower costs for both citizens and the government. It also describes ongoing developments to make services hardware-agnostic and standardize modules, process flows and identity management across different levels of government.
The document discusses whether eGovernment can work in the cloud. It provides examples from Digital Austria and discusses opportunities and risks of cloud computing legally, structurally, economically and technically. It also discusses using eID in the cloud and potential requirements for Austria, such as piloting projects, developing cloud-ready applications, and ensuring quality eID in the cloud. The document concludes that cloud computing promises cost reductions for eGovernment but also poses legal, technical and organizational challenges regarding citizens' personal data.
SmartCard Forum 2011 - Evolution of authentication marketOKsystem
The document discusses strong authentication solutions from Gemalto for enterprises. It describes Gemalto's secure personal devices that are used by billions of individuals worldwide, including SIM cards, credit cards, and e-passports. It then discusses the evolution of the authentication market towards mobility and cloud computing. The document promotes Gemalto's Protiva strong authentication service, which provides a flexible authentication solution that can be deployed both on-premise or as a hosted cloud service. It describes features such as user on-boarding, device fulfillment, and easy billing models.
FIDO, Strong Authentication and elD in GermanyFIDO Alliance
Bernd Kowalksi of the Federal Office for Information Security discusses government objectives in strong ID and authentication, and derived identity and authenticity approach, while answering the questions, "Why did BSI join the FIDO Alliance?" and "What is the market perspective?"
The document discusses user authentication technologies used by the US federal government. It outlines policies like HSPD-12 that mandate authentication standards and describes NIST standards for different assurance levels. PKI and one-time passwords are the primary technologies, with PKI providing additional security capabilities. Level 3 assurance is a common target level. Symantec provides both PKI and OTP cloud services to help government agencies meet requirements.
Authentication means in electronic environmentsStevenSegaert
Authentication refers to verifying the identity of users in electronic environments. Effective authentication relies on at least two factors such as something the user has (e.g. ID card), knows (e.g. password), or is (e.g. biometrics). Common authentication technologies include passwords, one-time passwords, smart cards, and mobile-ID, but each has challenges regarding security, scalability, and user adoption. The STORK project aims to establish a European eID interoperability platform to allow citizens to authenticate across borders using their national eID systems.
The document provides an overview of the UAE National ID Card Project. The key points are:
1) The project aims to develop a modern population register and identity management system to provide secure identification services and a unified ID card for UAE citizens and residents.
2) It will build an integrated population database, interface with other government systems, and provide identification and verification services to entities like ministries and banks.
3) The project launched its pilot phase in 2005 and began mass enrollment later that year. It is expected to register the entire population over three years. Challenges include the project's large scale and recruiting over 1,500 employees.
The document discusses identity and trust in both public and private digital systems. It notes that Estonia has a national electronic identity card system that citizens can use to access government and commercial services online. In contrast, the UK uses private companies for identity verification, limiting users to a small number of government websites. The document argues that the UK would benefit from a more integrated national identity system to improve online access and services, as seen in other countries. It also discusses upcoming EU regulations on cross-border digital identity and the need for trust frameworks in identity management systems, especially regarding cloud services.
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingOKsystem
This document discusses securing cloud computing and identity management. It summarizes that there are three models of cloud computing: Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). It also discusses that identity management is key to success in the cloud and addresses challenges around balancing security and convenience. The document introduces Protiva Confirm as a solution that can bring adaptable trust to cloud services by providing strong authentication, single sign-on, and other advanced security services while also providing convenience.
ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...Cyber Security Alliance
When we think about authentication and more specifically about strong authentication mechanisms based on cryptographic primitives, we first think about techniques generating non-repudiable identity proofs. It seems like the more “secure” an authentication scheme is, the less control the Subject have over its privacy using it. Facing the Security vs Privacy debate, we might be tempted to intuitively (but wrongly) assume that those concepts are diametrically opposed.
In this talk, the presenter will introduce some concepts and associated techniques which
could be leveraged to provide secure authentication without sacrificing privacy. This talk
will first highlight the privacy side effects associated with the classical authentication
schemes based on X.509 certificates before having a closer look at selective disclosure,
ZKIP, Digital Credential and their implementations in the real world.
Application Security Forum 2011
27.10.2011 - Yverdon-les-Bains (Switzerland)
Speaker: Simon Blanchet
Holger Haljand from EMT AS / TeliaSonera Estonia gave a presentation on Estonia's experience with electronic, digital and mobile identification. Estonia has implemented ID cards, mobile ID using SIM cards, and digital signatures to enable widespread e-government, e-banking, e-voting and other online services. Mobile ID offers a simple, convenient authentication method without needing readers or software. Lessons from Estonia show that usability and a strong ecosystem of online services are key to high adoption of mobile ID. The future of identification lies in mobile solutions that can be used across more devices and countries.
This document discusses digital identity and its importance in a digital society. It summarizes Belgium's digital ID system, itsme, which allows citizens to securely access both private and public online services through a single digital identity. The system provides identification, authentication, electronic signing and confirmation services. Itsme differentiates itself through its high level of security and extensive service scope. It has seen growing adoption rates since 2017, and the document outlines its deployment and ecosystem partnerships across various industries.
The document discusses using the SIM card for secure authentication on the internet. It notes growing demand for authentication of online banking, corporate systems, and government services. The SIM card provides a secure, standardized platform that over 4 billion users always carry. It could enable mobile operators to become internet security providers by leveraging the SIM card for authentication through technologies like one-time passwords and wireless PKI. A demonstration showed how the SIM could support authentication through OpenID for social networks, banking, and other online services.
Mobile broadband is fueling changes in consumer behavior and demand for data. As mobile apps and cloud services rise in popularity, consumers require higher network speeds and bandwidth. This shift is accompanied by public policy concerns around data security, privacy, and safety as Internet usage grows and data is shared across borders in the cloud. Mobile technology is transforming communications, entertainment, work, and social interaction, but managing these changes while protecting users will be an ongoing challenge.
The document discusses the Trust in Digital Life (TDL) consortium, which aims to stimulate research and development of trustworthy information and communication technology (ICT) solutions. TDL has over 20 members from industry, academia, and government working to set a research agenda. The consortium's goals are to establish an inspiring and self-sustaining community to advance knowledge and collaborative projects, develop an innovative research agenda, enable public funding for related projects, and increase awareness through demonstrations. TDL will measure progress using key performance indicators like adoption rates of e-services and survey scores on consumer trust.
This document discusses different types of electronic credentials for authentication and secure identification. It describes software-based credentials like certificates, assertions, and hardware-based credentials like hardware security modules, smart cards, and smart tokens. It compares software standards like OpenID and SAML, and analyzes vulnerabilities in OpenID like various attacks that are possible due to lack of encryption of messages and integrity protection of only one message. Hardware-based credentials like smart cards and their use of cryptographic challenge-response protocols for authentication are also covered.
The document provides technical details about Belgian electronic identity (eID) cards, including:
- Visual details of information contained on the front and back of the cards.
- Security mechanisms like printing, images, and engraving used on the cards.
- An overview of the technology used in the cards, including on-board key generation and JavaCard.
- A timeline of the Belgian eID project from 1999-2009 and the nationwide rollout of the cards.
E-Signature Webcast for Financial Services Legal Counsel (Slides)eSignLive by VASCO
Slides from the October 20, 2011 Silanis Webcast "E-Signature Webcast for Financial Services Legal Counsel"
http://www.silanis.com/resource-center/webcasts/2011/e-signature-webcast-for-financial-services-legal-counsel.html
During the Smart Cities project Intercommunale Leiedal has been working on personalized online information, in close cooperation with the city of Kortrijk. Web services and an underlying contact database make it possible citizens get personalised information and services from local government. This should create more transparency and better services, and should provide more comfort for citizens, while local government gains insight in the demands and interests of citizens.
https://labs.ericsson.com/apis?api_category=199
Ericsson Labs' presentation at Over the Air 2011.
Examples of how to establish a trusted identity, how to do mash-ups of multiple data feeds and how to secure peer-to-peer communication.
Walmart Business+ and Spark Good for Nonprofits.pdfTechSoup
"Learn about all the ways Walmart supports nonprofit organizations.
You will hear from Liz Willett, the Head of Nonprofits, and hear about what Walmart is doing to help nonprofits, including Walmart Business and Spark Good. Walmart Business+ is a new offer for nonprofits that offers discounts and also streamlines nonprofits order and expense tracking, saving time and money.
The webinar may also give some examples on how nonprofits can best leverage Walmart Business+.
The event will cover the following::
Walmart Business + (https://business.walmart.com/plus) is a new shopping experience for nonprofits, schools, and local business customers that connects an exclusive online shopping experience to stores. Benefits include free delivery and shipping, a 'Spend Analytics” feature, special discounts, deals and tax-exempt shopping.
Special TechSoup offer for a free 180 days membership, and up to $150 in discounts on eligible orders.
Spark Good (walmart.com/sparkgood) is a charitable platform that enables nonprofits to receive donations directly from customers and associates.
Answers about how you can do more with Walmart!"
Strategies for Effective Upskilling is a presentation by Chinwendu Peace in a Your Skill Boost Masterclass organisation by the Excellence Foundation for South Sudan on 08th and 09th June 2024 from 1 PM to 3 PM on each day.
This presentation includes basic of PCOS their pathology and treatment and also Ayurveda correlation of PCOS and Ayurvedic line of treatment mentioned in classics.
How to Build a Module in Odoo 17 Using the Scaffold MethodCeline George
Odoo provides an option for creating a module by using a single line command. By using this command the user can make a whole structure of a module. It is very easy for a beginner to make a module. There is no need to make each file manually. This slide will show how to create a module using the scaffold method.
Chapter wise All Notes of First year Basic Civil Engineering.pptxDenish Jangid
Chapter wise All Notes of First year Basic Civil Engineering
Syllabus
Chapter-1
Introduction to objective, scope and outcome the subject
Chapter 2
Introduction: Scope and Specialization of Civil Engineering, Role of civil Engineer in Society, Impact of infrastructural development on economy of country.
Chapter 3
Surveying: Object Principles & Types of Surveying; Site Plans, Plans & Maps; Scales & Unit of different Measurements.
Linear Measurements: Instruments used. Linear Measurement by Tape, Ranging out Survey Lines and overcoming Obstructions; Measurements on sloping ground; Tape corrections, conventional symbols. Angular Measurements: Instruments used; Introduction to Compass Surveying, Bearings and Longitude & Latitude of a Line, Introduction to total station.
Levelling: Instrument used Object of levelling, Methods of levelling in brief, and Contour maps.
Chapter 4
Buildings: Selection of site for Buildings, Layout of Building Plan, Types of buildings, Plinth area, carpet area, floor space index, Introduction to building byelaws, concept of sun light & ventilation. Components of Buildings & their functions, Basic concept of R.C.C., Introduction to types of foundation
Chapter 5
Transportation: Introduction to Transportation Engineering; Traffic and Road Safety: Types and Characteristics of Various Modes of Transportation; Various Road Traffic Signs, Causes of Accidents and Road Safety Measures.
Chapter 6
Environmental Engineering: Environmental Pollution, Environmental Acts and Regulations, Functional Concepts of Ecology, Basics of Species, Biodiversity, Ecosystem, Hydrological Cycle; Chemical Cycles: Carbon, Nitrogen & Phosphorus; Energy Flow in Ecosystems.
Water Pollution: Water Quality standards, Introduction to Treatment & Disposal of Waste Water. Reuse and Saving of Water, Rain Water Harvesting. Solid Waste Management: Classification of Solid Waste, Collection, Transportation and Disposal of Solid. Recycling of Solid Waste: Energy Recovery, Sanitary Landfill, On-Site Sanitation. Air & Noise Pollution: Primary and Secondary air pollutants, Harmful effects of Air Pollution, Control of Air Pollution. . Noise Pollution Harmful Effects of noise pollution, control of noise pollution, Global warming & Climate Change, Ozone depletion, Greenhouse effect
Text Books:
1. Palancharmy, Basic Civil Engineering, McGraw Hill publishers.
2. Satheesh Gopi, Basic Civil Engineering, Pearson Publishers.
3. Ketki Rangwala Dalal, Essentials of Civil Engineering, Charotar Publishing House.
4. BCP, Surveying volume 1
How to Fix the Import Error in the Odoo 17Celine George
An import error occurs when a program fails to import a module or library, disrupting its execution. In languages like Python, this issue arises when the specified module cannot be found or accessed, hindering the program's functionality. Resolving import errors is crucial for maintaining smooth software operation and uninterrupted development processes.
Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...Diana Rendina
Librarians are leading the way in creating future-ready citizens – now we need to update our spaces to match. In this session, attendees will get inspiration for transforming their library spaces. You’ll learn how to survey students and patrons, create a focus group, and use design thinking to brainstorm ideas for your space. We’ll discuss budget friendly ways to change your space as well as how to find funding. No matter where you’re at, you’ll find ideas for reimagining your space in this session.
How to Setup Warehouse & Location in Odoo 17 InventoryCeline George
In this slide, we'll explore how to set up warehouses and locations in Odoo 17 Inventory. This will help us manage our stock effectively, track inventory levels, and streamline warehouse operations.
বাংলাদেশের অর্থনৈতিক সমীক্ষা ২০২৪ [Bangladesh Economic Review 2024 Bangla.pdf] কম্পিউটার , ট্যাব ও স্মার্ট ফোন ভার্সন সহ সম্পূর্ণ বাংলা ই-বুক বা pdf বই " সুচিপত্র ...বুকমার্ক মেনু 🔖 ও হাইপার লিংক মেনু 📝👆 যুক্ত ..
আমাদের সবার জন্য খুব খুব গুরুত্বপূর্ণ একটি বই ..বিসিএস, ব্যাংক, ইউনিভার্সিটি ভর্তি ও যে কোন প্রতিযোগিতা মূলক পরীক্ষার জন্য এর খুব ইম্পরট্যান্ট একটি বিষয় ...তাছাড়া বাংলাদেশের সাম্প্রতিক যে কোন ডাটা বা তথ্য এই বইতে পাবেন ...
তাই একজন নাগরিক হিসাবে এই তথ্য গুলো আপনার জানা প্রয়োজন ...।
বিসিএস ও ব্যাংক এর লিখিত পরীক্ষা ...+এছাড়া মাধ্যমিক ও উচ্চমাধ্যমিকের স্টুডেন্টদের জন্য অনেক কাজে আসবে ...
it describes the bony anatomy including the femoral head , acetabulum, labrum . also discusses the capsule , ligaments . muscle that act on the hip joint and the range of motion are outlined. factors affecting hip joint stability and weight transmission through the joint are summarized.
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Dr. Vinod Kumar Kanvaria
Exploiting Artificial Intelligence for Empowering Researchers and Faculty,
International FDP on Fundamentals of Research in Social Sciences
at Integral University, Lucknow, 06.06.2024
By Dr. Vinod Kumar Kanvaria
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Tutorial 3 peter kustor
1. Kopfzeile
eID and interoperability
- The Austrian Experience
Peter Kustor
27th September 2011
peter.kustor@bka.gv.at
Table of contents
Citizen Card Concept
eID-innovation: Mobile Phone Signature
eID interoperability in Austria
STORK and lessons learned
Future Challenges
eID and interoperability | 27.9.2011 2|
Fußzeile Seite 1 29.09.2011
2. Kopfzeile
Citizen Card - Major Milestones
November 2000: Austrian Cabinet Council decision
– … to employ chip-card technology to improve
citizen’s access to public services; to supplement
the planned health insurance card with electronic
signatures
February 2003: 1st Citizen Card
– Austrian Computer Society membership card
March 2004: E-Government Act
– Legal basis of the Identity Management System
2005 - 2010
– Several private-sector and public-sector
borne Citizen Card initiatives
eID and interoperability | 27.9.2011 3|
A valid legal basis – the main ingredient
E-Government Act
sector
citizen identity-
mandates source PIN specific
card link
eID
standard-
source PIN supplement official
document
REGISTER REGISTER signature
REGISTER
eID and interoperability | 27.9.2011 4|
Fußzeile Seite 2 29.09.2011
3. Kopfzeile
Citizen card (concept)
The Austrian citizen card is
a concept, not a specific
technology
The Citizen Card combines Identity-Link
– electronic signature/
declaration of intent
Authentication
– Unique electronic identity
Identification
– data on representation,
mandates
Representation
eID and interoperability | 27.9.2011 5|
Online Identity = CSP + public register
Trust Center: public sector registries
Certification Service Provider
(CSP)
Supplementary
CSP Register
CSP CRR
…
A-Trust BMI
Electronic Identity
eID and interoperability | 27.9.2011 6|
Fußzeile Seite 3 29.09.2011
4. Kopfzeile
eID Austria : Overview
LEGAL QUALIFIED
SIGNATUR
+ IDENTIT
Y
E LINK
any private sector Identity = source
PUBLIC PRIVATE CA for qualified pin cryptographically
signatures bound to certificate
only on
DATA PROTECTION openly available the card
in a directory (HSM)
SECTOR SECTOR SECTOR SECTOR
one way mapping into sectors
eID and interoperability | 27.9.2011 7|
Identity Link
XML data structure stored in the
Card or in the hardware secure module
that holds: ...
<saml:SubjectConfirmationData>
– personal data: name, date of <pr:Person xsi:type="pr:Physical
<pr:Identification>
birth source
<pr:Value>123456789012</pr:V
<pr:Type>http://reference.e-g
</pr:Identification>
– unique ID “sourcePIN” PIN <pr:Name>
<pr:GivenName>Herbert</pr:Given
– public keys of the <pr:FamilyName>Leitold</pr:Fami
</pr:Name>
certificates ...
<saml:Attribute
signed by the AttributeName="CitizenPublicKey"
... <dsig:RSAKeyValue>
authority <dsig:Modulus>snW8OLCQ49qNefems
eID and interoperability | 27.9.2011 8|
Fußzeile Seite 4 29.09.2011
5. Kopfzeile
Electronic identity of natural persons
Base
Central Residents Register Supplementary Register
Number (CRRegNo) Number for non-residents Registers
Source PIN
ssPIN ssPIN ssPIN ssPIN
education Soc. Sec. taxation …
eID and interoperability | 27.9.2011 9|
ssPIN: Generation
irreversible Source PIN
derivation
ssPIN a ssPIN b
e.g. constructing &
e.g. taxes & duties
living
Conversion impossible!
eID and interoperability | 27.9.2011 10 |
Fußzeile Seite 5 29.09.2011
6. Kopfzeile
Citizen Cards
Cards:
•Health insurance cards: 100 % coverage,
activation free of charge for citizens
• official’s service card
• Certification service provider signature cards
• student service cards, etc.
Mobile phone signatures:
• Start 2009
• free of charge for citizens
eID and interoperability | 27.9.2011 11 |
eID citizen card function
Access to e-gov:
• eForms Access to e-business:
• eHealth • eBanking
Within • eDelivery • eBilling
• eDocument-Safe • eProcurement
administration:
• eUniversity • CyberDoc
• eSignature
• eVoting • Archivium
• eRegisters
• eDelivery
• eFile System
eID and interoperability | 27.9.2011 12 |
Fußzeile Seite 6 29.09.2011
7. Kopfzeile
Server Side – Open Source Programme
Basic modules for integration into
applications
– Open Source, free for public &
private sector
MOA – Module for On-line
Applications
– Identification (MOA-ID)
– Signature validation / creation
(MOA-SS/SP)
– Electronic delivery (MOA-ZS)
– Representation (MOA-VV)
– Official signatures (MOA-AS)
eID and interoperability | 27.9.2011 13 |
Variants
Minimum-footprint
Mobile Phone
Local installation
eID and interoperability | 27.9.2011 14 |
Fußzeile Seite 7 29.09.2011
8. Kopfzeile
Table of contents
Citizen Card Concept
eID-innovation: Mobile Phone Signature
eID interoperability in Austria
STORK and lessons learned
Future Challenges
eID and interoperability | 27.9.2011 15 |
Demo
Log On at
HELP
ONLINE
eID and interoperability | 27.9.2011 16 |
Fußzeile Seite 8 29.09.2011
9. Kopfzeile
mobile phone signature
server-based citizen card solution for
qualified electronic signatures via mobile phone
familiar technology and comfortable alternative to the
current smartcards
important step towards usability and dissemination of
modern eGovernment services because
– no software installation on the local PC,
– no special computer skills and
– no card readers are needed for use.
eID and interoperability | 27.9.2011 17 |
Mobile phone signature
Core Aspects
– Operated by a Certification Service
Provider (CSP) for qualified certificates
– Signature-creation data (cryptographic
keys) kept at CSP but controlled by the
signatory
• 2-factor authentication (knowledge &
possession) as known from smartcards
– Secure Signature-Creation Device
• 1999/93/EC Annex III, confirmed by a
notified body
eID and interoperability | 27.9.2011 18 |
Fußzeile Seite 9 29.09.2011
10. Kopfzeile
Features of mobile phone signature
No requirement on the mobile phone or SIM
– Just receiving SMS
Zero-footprint: no local installation, just the browser
Revocation of a certificate is definite – the signature-creation
data are destroyed (unlike with signature cards)
– Actually, revocation checking could be omitted, if relying on
that fact
Identity data is communicated from the operator directly to the
application
– Reduces verification needs and residual risks
eID and interoperability | 27.9.2011 19 |
Features of mobile phone signature
Free of charge for users
Alternative to card-based eID
Platform- and location independent
Trustworthy and secure
User-friendly
High-potential also in private sector applications
eID and interoperability | 27.9.2011 20 |
Fußzeile Seite 10 29.09.2011
11. Kopfzeile
Registration possibilities
„self registration“ using a qualified
signature (existing citizen card):
https://www.handy-signatur.at/
Registration authorities/ registration
officers at various institutions (expanding: finance
authorities, post offices…)
https://www.a-trust.at/Aktivierung/ro/OfficerData.aspx?t=mobile
Using „trusted systems“ (currently e.g. FinanzOnline,
registration via online banking in cooperation with telecom providers)
eID and interoperability | 27.9.2011 21 |
Table of contents
Citizen Card Concept
eID-innovation: Mobile Phone Signature
eID interoperability in Austria
STORK and lessons learned
Future Challenges
eID and interoperability | 27.9.2011 22 |
Fußzeile Seite 11 29.09.2011
12. Kopfzeile
Integration of foreign eIDs
Framework for the legal equality of
foreign signature cards with the
Austrian citizen card concept:
§ 6 Abs. 5 E-GovG and „equality
regulation“
Registration in the Supplementary
Register without explicit proof of
registration data, if
– an Application contains a qualified
signature, that
– is based on an equivalent proof of
unique identity (§ 2 Z 2 E-GovG) in the
country of origin.
Currently the eIDs of Belgium,
Estonia, Finland, Iceland, Italy,
Liechtenstein, Lithuania, Portugal,
Sweden, Slovenia and Spain meet
these interoperability | 27.9.2011
eID and requirements. 23 |
Table of contents
Citizen Card Concept
eID-innovation: Mobile Phone Signature
eID interoperability in Austria
STORK and lessons learned
Future Challenges
eID and interoperability | 27.9.2011 24 |
Fußzeile Seite 12 29.09.2011
13. Kopfzeile
EU “Large Scale” pilots
Electronic Procurement
Large Scale Pilot PEPPOL
www.peppol.eu
Electronic Identity
Large Scale Pilot STORK
www.eid-stork.eu
Service Directive
Large Scale Pilot SPOCS
www.eu-spocs.eu
eHealth
Large Scale Pilot epSOS www.epsos.eu
e-Justice Communication
Large Scale Pilot e-CODEX www.e-codex.eu
eID and interoperability | 27.9.2011 25 |
STORK-Outcome: it works…
www.eesti.ee
https://circabc.europa.eu
www.myhelp.gv.at
www.meinbrief.at
https://abnahme.service-bw.de/idm-web-
portal/page/protected/index/index.faces?action=init&stor
k=true
http://saferchat.eid.is/
eID and interoperability | 27.9.2011 26 |
Fußzeile Seite 13 29.09.2011
14. Kopfzeile
Electronic delivery (www.meinbrief.at)
eID and interoperability | 27.9.2011 27 |
Electronic delivery (www.meinbrief.at)
eID and interoperability | 27.9.2011 28 |
Fußzeile Seite 14 29.09.2011
15. Kopfzeile
Electronic delivery (www.meinbrief.at)
eID and interoperability | 27.9.2011 29 |
STORK - mission complete?
STORK is about making it happen - i.e. PILOTS
eID and interoperability | 27.9.2011 30 |
Fußzeile Seite 15 29.09.2011
16. Kopfzeile
eID and interoperability | 27.9.2011 31 |
STORK - mission complete?
we currently prepare for STORK 2.0
eID and interoperability | 27.9.2011 32 |
Fußzeile Seite 16 29.09.2011
17. Kopfzeile
Table of contents
Citizen Card Concept
eID-innovation: Mobile Phone Signature
eID interoperability in Austria
STORK and lessons learned
Future Challenges
eID and interoperability | 27.9.2011 33 |
STORK - mission complete?
we learned what is to be done
eID and interoperability | 27.9.2011 34 |
Fußzeile Seite 17 29.09.2011
18. Kopfzeile
eID and interoperability | 27.9.2011 35 |
Digital Agenda - the next step
eID and interoperability | 27.9.2011 36 |
Fußzeile Seite 18 29.09.2011
19. Kopfzeile
eID - essential challenges
Non-natural Persons (e.g. companies)
– where time equals money and
– where identity and privacy (e.g. IP protection ..) really counts
Mobility - eID with and through mobile devices
– convenience
– availability
– simplicity
– we have to go to the citizen - not vice versa
Impacts of Cloud Computing on eID
– cloud is opening up an ample set of security questions
– it is a chance and a challenge
– while not a technology by itself it changes assumptions
eID and interoperability | 27.9.2011 37 |
how to extend take-up and use
reduce complexity
– Amend (simplify!) legal framework and create legally secure
conditions
– public opinion still assigns high complexity with eID
– technology is high up in barriers
– these barriers are also perceived by application providers
which is hampering services
easier access to technology
– people who used eID once stay with it
the user must see the need
eID and interoperability | 27.9.2011 38 |
Fußzeile Seite 19 29.09.2011
20. Kopfzeile
Thank you
for your attention!
Peter Kustor
Federal Chancellery of Austria
Ballhausplatz 2
1014 Vienna
Phone: +43 53115 2554
Peter.Kustor@bka.gv.at
http://digitales.oesterreich.gv.at or
http://digital.austria.gv.at
Components
User
Mobile phone
Fußzeile Seite 20 29.09.2011
21. Kopfzeile
Components
Web-Frontend
HSM
- Creation of crypto-keys
- Decryption of signature
creation data
- Creation of qualified SMS Gateway
electronic signatures
Signature key DB
Signature-creation data
(private keys) are encrypted
under
- Citizen password
- Mobile number
- Secret HSM key
Registration
Fußzeile Seite 21 29.09.2011
22. Kopfzeile
Registration
Password
Enter mobile number
Mob-Nr.
Needs to verify possession
Choose password
Generate one-time code
(OTC) Identification
Send OTC via SMS
OTC
Registration II
Possession verified Code
Generate signature-
creation data (private
keys) and encrypt under
Code
- Citizen password Verify possession
- Mobile number
- Secret HSM key
Encrypted storage in DB Code
Fußzeile Seite 22 29.09.2011
23. Kopfzeile
Registration II
Possession verified Code
Generate signature-
creation data (private
keys) and encrypt under
Code
- Citizen password
- Mobile number
- Secret HSM key
Encrypted storage in DB Signature-creation data (private keys) only
Code
a) inside the HSM or
b) encrypted storage
(under key (HSM, mobile number ...)
Signature-creation
Fußzeile Seite 23 29.09.2011
24. Kopfzeile
Signature-creation
Request
password Enter password
Mob-Nr.
Enter mobile number
Application redirects to
signature website
Application prepares a
signature request
Signature-creation I
Display
Generate hash-value Confirm
Generate SMS one-time
code (OTC)
Send OTC and hash-value
via SMS Code
Fußzeile Seite 24 29.09.2011
25. Kopfzeile
Signature-creation II
Possession verified
Code
Load and decrypt the Enter OTC, verify hash
signature-creation data to
HSM using
Code
- Citizen password Verify possession
- Mobile number
- Secret HSM key
Signature-creation in the Code
HSM
Signature-creation II
Possession verified
Besitz verifiziert
Code
Load and decrypt the Enter OTC
Wiederherstellen der to
signature-creation data
Signaturerstellungsdaten
HSM using
Code
aus Datenbank mit
- Citizen password Verify possession
- Schlüssel des HSM
-- Schlüsselnumber
Mobile aus Kennwort
- Secret HSM key
Signature-creation in
Signaturerstellung mitthe
HSM
Signaturerstellungsdaten
The Code
one-time code (OTC) verifies possession of the phone
Using the signature-creation data (private keys) only
a) inside the HSM and
b) after having entered the user password
c) linked to the mobile number
Fußzeile Seite 25 29.09.2011
26. Kopfzeile
Signature-creation III
Returning the XML Signature returned to the
Signature
signature application
Mobile Phone Signature – Legal Assessment
Mobile Phone Signature = Citizen Card?
Citizen Card = qualified signature + identity link
Mobile Phone Signature = qualified signature?
Qualified Signature = advanced electronic signature
+ qualified certificate
+ SSCD
Fußzeile Seite 26 29.09.2011
27. Kopfzeile
Advanced Electronic Signature
is uniquely linked to the signatory
it is capable of identifying the signatory
it is created using means that the signatory can maintain
under his sole control
it is linked to the data to which it relates in such a manner
that any subsequent change of the data is detectable
Advanced Electronic Signature
is uniquely linked to the signatory
it is capable of identifying the signatory
it is created using means that the signatory can maintain
under his sole control
it is linked to the data to which it relates in such a manner
that any subsequent change of the data is detectable
Fußzeile Seite 27 29.09.2011
28. Kopfzeile
„is uniquely linked to the signatory“
the signature-creation-data used for signature
generation (and the corresponding signature
verification data) can practically occur only once
Advanced Electronic Signature
is uniquely linked to the signatory
it is capable of identifying the signatory
it is created using means that the signatory can maintain
under his sole control
it is linked to the data to which it relates in such a manner
that any subsequent change of the data is detectable
Fußzeile Seite 28 29.09.2011
29. Kopfzeile
„ it is capable of identifying the signatory “
Authenticity
practically impossible to create the same key pair twice
ensured that a signature that is verifiable using signature
verification data (public key in the certificate) has been
created with the corresponding signature-creation data
(private key)
practically impossible that signature-creation data can be
derived
Advanced Electronic Signature
is uniquely linked to the signatory
it is capable of identifying the signatory
it is created using means that the signatory can maintain
under his sole control
it is linked to the data to which it relates in such a manner
that any subsequent change of the data is detectable
Fußzeile Seite 29 29.09.2011
30. Kopfzeile
„using means that the signatory can maintain under
his sole control “
Signature-creation authorised only by the signatory
Multifactor authentication: knowledge and possession
Does “can maintain under sole control” mean that it must
be ensured by hardware means? NO!
„…to be assumed that ‘sole control’ can be achieved with appropriate
technical or organisational means even with software certificates
[…] … security measures need to be in place providing that the
signatory can enforce his sole control…“ (RV 293 BlgNR 23. GP)
– see also FESA - working paper on advanced
electronic signatures and “Public Statement on Server
Based Signature Services”: “…FESA members believe that
sole control at least of the signature creation data can be achieved
and that advanced electronic signatures can be created by a
server based signature service…“!
Advanced Electronic Signature
is uniquely linked to the signatory
it is capable of identifying the signatory
it is created using means that the signatory can maintain
under his sole control
it is linked to the data to which it relates in such a manner
that any subsequent change of the data is detectable
Fußzeile Seite 30 29.09.2011
31. Kopfzeile
„it is linked to the data to which it relates in such a manner that any
subsequent change of the data is detectable “
Integrity
practically impossible that different electronic data result in
the same signature or can be created from a given
electronic signature.
Advanced Electronic Signature
is uniquely linked to the signatory
it is capable of identifying the signatory
it is created using means that the signatory can maintain
under his sole control
it is linked to the data to which it relates in such a manner
that any subsequent change of the data is detectable
Fußzeile Seite 31 29.09.2011
32. Kopfzeile
Qualified Signature?
Qualified Signature = advanced el. signature
+ qualified certificate
+ SSCD
Qualified Certificate
Qualified
Certficate
Certificate content Requirements
Annex I Annex II
1999/93/EC 1999/93/EC
Fußzeile Seite 32 29.09.2011
33. Kopfzeile
Certificate Content (Annex I)
indication that the certificate is issued as a qualified
certificate
identification of the CSP and the State in which it is
established
name of the signatory (or a pseudonym identified as
such)
signature-verification data which correspond to
signature-creation data under the control of the signatory
beginning and end of the period of validity of the
certificate
identity code of the certificate
advanced electronic signature of the CSP issuing it
Further options: limitations on scope, value of
transaction, specific attributes of the signatory
Requirements on the CSP (Annex II)
reliability necessary for providing certification services
secure directory and a secure and immediate revocation service
precise date and time when a certificate is issued or revoked
verify identity and, if applicable, specific attributes of the signatory
personnel with expert knowledge, experience, and qualifications
(managerial level, electr. signature technology, security
procedures)
trustworthy systems and products - protected against modification
and ensuring the technical and cryptographic security;
measures against forgery of certificates, and, in cases where the
CSP generates signature-creation data, guarantee its
confidentiality
sufficient financial resources (to bear the risk of liability for
damages)
etc.
Fußzeile Seite 33 29.09.2011
34. Kopfzeile
Qualified Signature?
Qualified Signature = advanced el. signature
+ qualified certificate
+ SSCD
SSCD
Confirmation by a designated body (Art. 3(4) of
1999/93/EC)
§ 6 Abs. 3 Signature Order 2008: Organisational
security measures possible, if components are
operated in a “controlled environment” (e.g., qualified
and reliable personnel, appropriate physical and
logical access control).
A-SIT conformity certificate: 2.11.2009
According to Art. 3 para 4 second subpara of the
Directive, this attestation (“determination of
conformity with the requirements laid down in Annex
III”) is to be recognised by all Member States.
Fußzeile Seite 34 29.09.2011
35. Kopfzeile
Qualified Signature?
Qualified Signature = advanced el. signature
+ qualified certificate
+ SSCD
Mobile Phone Signature – Legal Assessment
Mobile Phone Signature = Citizen Card?
Citizen Card = qualified signature + identity link
Mobile Phone Signature = qualified signature?
Qualified Signature = advanced electronic signature
+ qualified certificate
+ SSCD
Fußzeile Seite 35 29.09.2011