Presentation is loading. Please wait.

Presentation is loading. Please wait.

Digital signatures in Denmark OCES 2.0

Published byJesus Bartlett Modified over 10 years ago

Similar presentations

Presentation on theme: "Digital signatures in Denmark OCES 2.0"— Presentation transcript:

1 Digital signatures in Denmark OCES 2.0
Boosting trust in the digital single market: The role of e-signature 9-10 November 2011, Poland Charlotte Jacoby Senior adviser, Master of law Centre for Digital Signature Danish Agency for Digitisation

2 Agency for Digitisation Ministry of Finance
Due to the inauguration of the new Danish government and changes in political areas, OCES and e-signature now resides in the Ministry of Finance By 3. October 2011 The National IT and Telecom Agency was closed, tasks moved to The Danish Agency for Governmental Management By 31. October 2011 The Danish Agency for Governmental Management was closed and two new Agencies formed. Tasks now in Danish Agency for Digitisation

3 Agenda Background, ICT policy and principles
National esignature standard OCES 1.0 National esignature standard OCES 2.0 – NemID How does it work? Status today

4 Government globalisation strategy
At the latest in 2012 it should be possible to perform all relevant written communication between companies, citizens and the public sector digitally. Fremgang, fornyelse og tryghed, april 2006

5 Goals for reforming the public sector
Productivity and efficiency Coherent infrastructure Digital communication

6 The Danish esignature history
NemID OCES I – Digital Signature Qualified Certificate Pilots 2000 2003 2004 2010

7 OCES legal framework OCES Agreement with governmental agency
State owned OCES Certificate Policies requirements for the public key infrastructure level of security applied for the digital signature CP’s part of agreement Agency for Digitasation supervisory authority Audit - annual report to the supervisory authority including external system audit of the CA CA liable for the content of the certificate unless the CA can prove that the CA has not acted negligently or intentionally

8 Goal and foundation of the OCES project
OCES = Public Certificates for Electronic Services Goal: A general open, scalable and transparent security infrastructure based on PKI Controlled by the state and operated by private Certificate authorities (CA) Foundation: Defining state-owned Certificate Policies (CP) An open architecture based on international standards – OCES CP’s EU-Tender with a public private partnership in mind Establishing a non-discrimination approval process for potential OCES CA’s

9 OCES Certificates Issued as: Used for:
Personal certificates – PID (a unique number related to civil registration number) Employee certificates – RID/CVR (Employee number/Central company number) Business certificates – CVR (Central company number) Device certificates – CVR (Central company number + deviceID) Used for: Access control - Logon Secrecy - Encryption of s Signature for s, documents and web-sites (non-repudiation)

10 Roles of interested parties
OCES CPs Supervision OCES CA OCES agreement DanID Develop. infrastructure Agency for Digitisation Dialogue Danish Standard Association Commercial agreement Coordinating and recommendations PKI services Guidance, monitoring, marketing etc. Public sector Private companies Vendors Citizens

11 OCES 1.0 – a good start March 2003 – July 2010:
More than 1.88 million OCES 1.0 digital signatures were issued Of these around employee certificates among companies/public authorities Many public and some private services

12 Examples of electronic services using digital signatures (OCES 1
Examples of electronic services using digital signatures (OCES 1.0 and 2.0) Sundhed.dk – the public sector’s health portal The National Tax Authority The State Education Fund The City of Copenhagen Borger.dk – A portal for citizens used by all local authorities “danmark” – the private Danish health insurance company “Virk.dk” – the common public sector portal for companies (potential companies) ATP - the Danish supplementary labour market pension fund The Ministry of Education: Central Education Admission Portal Digital post – public electronic mailbox “Eboks” - private electronic mailbox

13 OCES 2.0 Tender demands Economy of the solution Security
User friendliness and mobility Public as clear sender/owner Further penetration Functionality at least as today Continuity for services and easy migration for users

14 New agreement (august 2008)
All citizens can still order and use digital signatures and get competent support free of charge Companies and public authorities can order and use up to three employee certificates free of charge Public authorities can receive certificates for a five year period

15 OCES 2.0 - NemID Mobility  Security 
Penetration  User- Friendly  Frequent Use OCES NemID NemID is the new national digital signature NemID used for log-on, signing and secure Access to online banking in all Danish Access to a large number of public services NemID use from any computer NemID based on 2-factor security Private service providers use NemID

16 OCES 2.0 - NemID Centrally securely stored private keys
Access with 2-factor authentification independant of pc Something you know (password) Something you have (one time password) CA certificates 2048 – 4096 bits RSA SHA256 End user certificates 2048 bits RSA CRL’s and OCSP

17 Common use of infrastructure
DanID Netbank Tax Larger penetration Larger effiency potential OCES Signatures Frequent use Remember password OTP Server Netbank Signatures Applet

18 End user registration – based on requirements from law on money laundry and terror funding
Identity known - Code card sent to registered CPR-address Netbank Identity unknown - Activation password and code card sent to registered CPR-address CA/DanID NemID.nu Physical presence – On site issuance handover of Activation password and code card Citizen service centres Tax centres

19 Internet Tax authorities OTP-server Publicly financed Signature server
Citizen Signature server HSM Helpdesk

20 NemID Penetration Penetration status today 3,000,000+ active users
Supported by all major government sites Supported by all banks for ebanking Around new users per day Around 140 private service provider agreements 1,000,000 transactions per day average More than 450 transactions since 1st July 2010

21

22 References and links

23 ???

Download ppt "Digital signatures in Denmark OCES 2.0"

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
1 Proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market (COM(2012 238 final) {SWD(2012)

1 Proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market (COM( final) {SWD(2012)
© fedict 2008. All rights reserved Legal aspects Belgian electronic identity card Samoera Jacobs – November 2008.

© fedict All rights reserved Legal aspects Belgian electronic identity card Samoera Jacobs – November 2008.
© Copyright 1998-2001 International Telecommunication Union (ITU). All Rights Reserved page - 1 Alexander NTOKO Project Manager, ITU Electronic Commerce.

© Copyright International Telecommunication Union (ITU). All Rights Reserved page - 1 Alexander NTOKO Project Manager, ITU Electronic Commerce.
1 eGovernment Projects and Perspectives in the Bulgarian Public Administration Nedelcho Nedelchev Advisor to the Minister of State Administration and Administrative.

1 eGovernment Projects and Perspectives in the Bulgarian Public Administration Nedelcho Nedelchev Advisor to the Minister of State Administration and Administrative.
Steps towards E-Government in Syria

Steps towards E-Government in Syria
© 1998-2003 ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Building Confidence in E-government Services ITU-T Workshop on.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Building Confidence in E-government Services ITU-T Workshop on.
© 1998-2003 ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Digital Signatures in State of Tennessee Pam Roberts Finance & Administration Office for Information Resources Planning, Research & Development.

Digital Signatures in State of Tennessee Pam Roberts Finance & Administration Office for Information Resources Planning, Research & Development.
Taxpayers registration and e-services provided by the Estonian Tax and Customs Board Karin Aleksandrov Chief Expert Service Management Department.

Taxpayers registration and e-services provided by the Estonian Tax and Customs Board Karin Aleksandrov Chief Expert Service Management Department.
The Danish Digital Library Jakob Heide Petersen Head of division, Danish Agency of Culture NAPLE Assembly Copenhagen 2012.

The Danish Digital Library Jakob Heide Petersen Head of division, Danish Agency of Culture NAPLE Assembly Copenhagen 2012.
Launching Egyptian Root CA and Inaugurating E-Signature Dr. Sherif Hazem Nour El-Din Information Security Systems Consultant Root CA Manager, ITIDA.

Launching Egyptian Root CA and Inaugurating E-Signature Dr. Sherif Hazem Nour El-Din Information Security Systems Consultant Root CA Manager, ITIDA.
Everyone can access. Contents Mer-links context The route of decision-making What is Mer-link? Lessons Learned.

Everyone can access. Contents Mer-links context The route of decision-making What is Mer-link? Lessons Learned.
Digital Agenda Unleashing the Potential of Cloud Computing in Europe Ken Ducatel Head of Unit Software and Services, Cloud European Commission (Directorate.

Digital Agenda Unleashing the Potential of Cloud Computing in Europe Ken Ducatel Head of Unit Software and Services, Cloud European Commission (Directorate.
Www.mdaar.government.bg 1 e-Governance in Bulgaria – one year after the EU accession Youri Alkalay, Jr. Director e-Government Ministry of State Administration.

1 e-Governance in Bulgaria – one year after the EU accession Youri Alkalay, Jr. Director e-Government Ministry of State Administration.
31th of March 2008 – Warsaw – Torsten Grunwald Starting a limited liability company in Denmark.

31th of March 2008 – Warsaw – Torsten Grunwald Starting a limited liability company in Denmark.
Research, Development, and Evaluation Commission Department of Information Management Research, Development, and Evaluation Commission The Executive Yuan,

Research, Development, and Evaluation Commission Department of Information Management Research, Development, and Evaluation Commission The Executive Yuan,
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Similar presentations

Ads by Google