Copyright 東京工業大学 大山永昭 C Introduction of new ID number and my portal for checking access logs NICSS: Next generation IC card System Study group Tokyo Institute of Technology ASIST: Advanced research center for Social Information Science and Technology Prof. Nagaaki OHYAMA 1

Copyright 東京工業大学 大山永昭 C Updated ICT strategy Issued in July, 2010 Main issue is an introduction of new ID number for every citizen living in Japan Three major objectives ① Realization of citizen centric e-Government ② Reactivation of local communities ③ Investment in worldwide new market Objectives are essentially very similar to the former strategy, although terms are different 2

Copyright 東京工業大学 大山永昭 C Introduction of new ID number On 31 st, Jan., 2011 Japanese government party issued “ Basic policy for introduction of new ID number ”. Cabinet office, together with IT strategic headquarter, is making an implementation scheme  institutional and technical WGs were organized in Jan., Plan to issue the new ID number from 1 st, Jun., 2014 Start to use the new ID number from 1 st, Jan., 2015 in practice New regulation was proposed to the parliament on 14 th of May, 2012 and is under discussion 3

Copyright 東京工業大学 大山永昭 C Major discussion items Visible or invisible ? –Visible means the third private party could handle with the new ID number ID number for national pension can be used among employee, employer and national pension bureau  private - private - public –Invisible means the third private party is prohibited to use the new ID number Resident registration number is allowed to use between individual and government only by regulation  private - public Restricted or not ? –Primary purpose of the new ID number is taxation  visible number –ID number for national pension is used in limited area in effective –The new ID number will be used in much wider area, because of its purpose –The new ID number cannot be used to link privacy data as a matching key in any case except for the administrative businesses listed in the regulation 4

Copyright 東京工業大学 大山永昭 C Major discussion items Use of ID number; flat or sectral model –Flat model; unique ID number in all areas and no restriction on its use –Sectral model; each area uses different ID number and their link is restricted, known as Austrian model –Leading opinion insists on Quasi-sectral model Quasi-sectral model –The use of new ID number is limited to taxation and social security areas; exclusive use. –Health, medical and care areas may use different ID number. 5

Copyright 東京工業大学 大山永昭 C Other discussion items How the new ID number could contribute to the realization of one-stop service for e-Government Industry side insists on that the new ID number should be just like SSN in USA; private sector can use the new ID number without restriction  this requirement is hardly fulfilled for the moment in Japan 6

Copyright 東京工業大学 大山永昭 C Introduction of new ID number The new ID number is nicknamed by “ my number ”. Because “ my number ” will be used widely in Japan, the following actions will be taken –The use of new ID number is strictly restricted by new regulation: it can be used only in Taxation and Social security areas except for health and medical care fields –Privacy data could be linked in only cases explicitly stated in the new regulation  116 administrative works are listed up –Third party committee will be officially established for reinforcement of privacy protection 7

Copyright 東京工業大学 大山永昭 C New infrastructure In conjunction with “ new ICT strategy ”, one stop service for e-Government needs to be implemented Because of much respect to the social acceptance, new basic infrastructure is now under design; requirements are following –Introduction of link code; go-between system  No additional matching key –My portal for visualization of access log of the privacy data; when, why, what, from which organization to where and the basis, etc. – All administrative processes mentioned in regulations will be listed in white  keep the transparency 8

Copyright 東京工業大学 大山永昭 C Concept of link code : personal basis 9 Agencies in tax and social security area Private sector IC card My portal Resident registration code National ID# Link code P Link code A Link code B Link code X Link code A New ID # Personal data A Link code B Internal ID # Personal data B Link code X internal ID # Personal data X Local government Link system using pseudonym

Copyright 東京工業大学 大山永昭 C Link system Three major functions supported by the link system 1.Conversion of the link codes 2.Access control of the link system  compliance with the new regulation 3.Storage of access log  people could check all access log to their own privacy data through my portal Business process flow –Used to register the administrative work flow to the white list –Defined by, for example, the subset of BPMN （ Business Process Management Notation ） –Standardization and conformance test will be necessary 10

Copyright 東京工業大学 大山永昭 C Business Process Flow; A needs IB and IC kept by B and C, respectively Sub process A Link system C refistration of event 、 BP-ID Reg. of BP- ID, issue EV-ID EV-ID Execute sub- process （ A-B) EV-ID 、 LA 、 B 、 IB B prepare α prepare β Execute sub-process （ A-C) Regist. of event Activate sub- process EV-ID 、 LA 、 C 、 IC BPF end Record log Log BP-ID, LA Activate sub- process

Copyright 東京工業大学 大山永昭 C Relevant activities In addition to the new regulation under draft, current regulations concerning resident registration and JPKI are under revision Fundamental elements already available are –Resident registration card  ID card with IC chip –Personal authentication service  digital signature for non- repudiation 12

Copyright 東京工業大学 大山永昭 C Resident registration cards Resident registration law was revised in Aug., 1999 This card is issued on request of residents The total number of issued RR cards is 5.5 M since Aug., 2003, 8 years In order to improve the security level, RRC vs2.0 is under design supporting SHA256 and RSA 2048 bit New IC card will be the access key to my portal My number card will be owned by everyone  130M 13

Copyright 東京工業大学 大山永昭 C Personal authentication service: JPKI Personal authentication law –This regulation was approved by the parliament on 6, Dec., –By this law, all local governments started RA service to the residents from 29th Jan., –By this law, e-government services, which require the digital signature such as tax declaration, were launched. –Use of this service is voluntary, not compulsory. –The total number of issuance is about 2 M  more users are needed 14

Copyright 東京工業大学 大山永昭 C Revised JPKI under plan Restrictions of current JPKI by institution –CRL is not disclosed to private sector –JPKI supports only non-repudiation; digital signature –Public key certificate includes 4 personal information: name, registered address, birth date, gender 15

Copyright 東京工業大学 大山永昭 C Expansion of JPKI service under plan Expansion to the authorized private sector –Covering social security area especially private hospitals and clinics Additional certificate for authentication –Logical link to the corresponding certificate for non- repudiation –Only name, possibly pseudonym, will be written in the certificate for authentication 16

Copyright 東京工業大学 大山永昭 C Summary New ID number for taxation and national pension will be introduced in 2014 Resident registration card will be upgraded to “my number card” Personal authentication service will be expanded to the social security area RR card together with JPKI will support IAS (Identification, Authentication, Digital signature) to be fully functional eID in Japan Experimental study will be achieved in 2012 Use of facial photos is under plan in case of disasters for identification of sufferers for government and social security business 17