The Estonian Electronic Signature Legislation and case studies EESSI Seminar Budapest, 2001-05-08 Taavi Valdlo Estonian Informatics Centre

Slides:

Advertisements

Similar presentations

Taxpayers registration and e-services provided by the Estonian Tax and Customs Board Karin Aleksandrov Chief Expert Service Management Department.

Advertisements

Mr. Aivars Paegle, Legal manager at The Register of Enterprises of the Republic of Latvia, Juridical Division Workshop on Single Institution for Registration.

Launching Egyptian Root CA and Inaugurating E-Signature Dr. Sherif Hazem Nour El-Din Information Security Systems Consultant Root CA Manager, ITIDA.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Research, Development, and Evaluation Commission Department of Information Management Research, Development, and Evaluation Commission The Executive Yuan,

The Austrian Governmental eDelivery System Technical Aspects Ankara, March 17th, 2015 Christian Maierhofer, EGIZ The E-Government Innovation Center is.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

CREN-Mellon conference, December 1, 2001 University of Texas PKI Status.

August 2004 Providing Industry-wide Security and Identity Management Solutions.

Lecture 23 Internet Authentication Applications

Implementation of Electronic Signature Law Kęstutis Andrijauskas Information Society Development Committee under the Government of the Republic.

Host of the 13 th ECRF Annual Conference - Budapest 2010.

PAPERLESS BUSINESS in GEORGIAN FINANCIAL SECTOR NANA ENUKIDZE - Advisor to the Governor.

M.Sc. Hrvoje Brzica Boris Herceg, MBA Financial Agency – FINA Ph.D. Hrvoje Stancic, assoc. prof. Faculty of Humanities and Social Sciences Long-term Preservation.

Civil Registry Agency of the Ministry of Justice, Georgia Digital Signature Services in Georgia Mikheil Kapanadze.

Legal Issues on PKI & qualified electronic certificates. THIBAULT VERBIEST Attorney-at-law at the Brussels and Paris Bar Professor at the Universities.

DIGITAL SIGNATURE AND ELECTRONIC DOCUMENTS IN ITALY Prof. Pierluigi Ridolfi AIPA Authority for Information Technology in the Public Administration V. Solferino,

The Leading Information Centre Conference on Interoperable European ID Haikko, Finland 3-5 April 2002.

An In-Depth Examination of PKI Strengths, Weaknesses and Recommendations.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

03 December 2003 Digital Certificate Operation in a Complex Environment Consultation/Stakeholders Meeting 3 December 2003.

Sähköinen asiointi tulee Innotalo Juha Rekola Head of Development Division Patents and Innovations Line.

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

Civil Registry Agency of the Ministry of Justice, Georgia Georgian ID card Mikheil Kapanadze.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

Use of Electronic Digital Signature in the Russian Federation.

EHealth State Policy and Projects in Estonia Oliver Lillepruun Estonian eHealth Foundation

JVM Tehnologic Company profile & core business Founded: February 1992; –Core business: design and implementation of large software applications mainly.

12 th XBRL International Conference National Tax Agency JAPAN.

Strong Cryptographic Infrastructure and its Applications Dr Lucas Hui Center for Information Security & Cryptography Department of Computer Science & Information.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Estonian Informatics Centre 2nd Conf. on eServices in E. C. R.1 Estonian example of integration e- government services Ahto Kalja Tallinn Univ. of Technology,

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

"certification service provider" Electronic Signatures

EGov Interop'05 - Feb 23-24, Geneva (Switzerland) OBSERVATORY ON INTEROPERABLE eGOVERNMENT SERVICES eGov-Interop'05 Annual Conference February.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Management and the state registration of the enterprise.

Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.

Risks of data manipulation and theft Gateway Average route travelled by an sent via the Internet from A to B Washington DC A's provider Paris A.

Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.

E-Tallinn The Implementation of e-Government in City of Tallinn Tallinn City Office Toomas Sepp, Head of City Office.

Riccardo Genghini - Ws E-Sign Chairman – IETF PKIX San Francisco March Electronic Signature infrastructure for Europe Riccardo Genghini Cen/Isss.

Integrating security services with the automatic processing of content TERENA 2001 Antalya, May 2001 Francesco Gennai, Marina Buzzi Istituto.

Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian

SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.

EESSI June 2000Slide 1 European Electronic Signature Standardization Hans Nilsson, iD2 Technologies, Sweden.

PKI Future Directions 29 November 2001 Russ Housley RSA Laboratories CS – Class of 1981.

National Information Communication Technologies Strategy Vasif Khalafov “National strategy” working group - Web -

The Development of the Electronic System for Government Meeting.

E-SIGNED DocFlow SYSTEM in GEORGIAN FINANCIAL SECTOR NANA ENUKIDZE – E-Business Development Consultant.

1 Public Key Infrastructure Rocky K. C. Chang 6 March 2007.

Bulding blocks of e- government Ingmar Pappel. Bulding blocks of e-government  Personal Code  Digital Identity  Digital signature  X-Road  Organizations.

M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 6 – Company Law Bilateral screening:

How to introduce a unified authentication module using VISS infrastructure? For state institutions and local governments.

TAG Presentation 18th May 2004 Paul Butler

Training for developers of X-Road interfaces

PRESENTATION OF MONTENEGRO

Public Key Infrastructure (PKI)

TAG Presentation 18th May 2004 Paul Butler

ELECTRONIC DOCUMENT: LITHUANIAN EXAMPLE

Digitally Signed Legislation in Estonia

E-Lock ProSigner ProSigner means “Professional Signer” signifying the software that can apply legally enforceable Advanced electronic signatures to electronic.

Laur Mägi Department of Information Systems and Document Management

ELECTRONIC SIGNATURES

ELECTRONIC SIGNATURES

Presentation transcript:

The Estonian Electronic Signature Legislation and case studies EESSI Seminar Budapest, Taavi Valdlo Estonian Informatics Centre

Content of presentation Digital Signatures Act Provisions and implementation Infrastructure for using Digital signature Case studies: –programs and projects –public initiatives –private initiatives

Digital Signatures Act Passed 8 March 2000, entered into force 15 December 2000 A digital signature has the same legal consequences as a hand-written signature Based on PKI Scope in terms of Directive: – advanced electronic signature – qualified certificate – secure signature creation device translation:

A digital signature shall enable unique identification of the person enable determination of the time detecting any subsequent change of the data or the meaning thereof

Implementing provisions State register of certificates established on 12 December 2000 Bases for the document management procedures of state and local government agencies and legal persons in public law on 26 February 2001 Procedure for the information systems audit of service providers on 3 October 2000

State certification register Registration and supervision of service providers Maintain records of service providers Ensure the comparability of the official time and temporal order of time stamps issued Data entered in the register is public

State Sertification Register hardware

Program of document administration Started by State Chancellery Record management and archiving Pilot project of digital co-ordination of legal acts Pilot project of document management Standardization initiatives

EstEID program Nation-wide new personal electronic identification card Contain both visually and electronically accessible information Based on smartcard technology with crypto-processor Identification and signing possibilities Multifunctional national passport from beginning of 2002

Applications using digital signature Cabinet of Ministers Session Infosystem –first took place on Aug. 08, –ministers can e-participate e-Office of the Tax Board Health Insurance Fund e-elections e-citizen project

Certification Centre Ltd EMT, Hansabank, Union Bank and Eesti Telefon started cooperation on May 25, 2000 Partners established joint certification center on February 16, million EEK have been invested in Certification Center equally between the partners. Manager of Certification Center is Kalle Tarien, former area manager in Visa International (London)

Certification Centre Ltd customer base EstEID project Needs of founders of the Certification Centre Ltd Any additional companies, requiring similar services State institutions

Privador TrueSign solution

Truesign standards and protocols X.509 certificates and CRL-s profile specified in RFC 2459 Signed document format according to Cryptographic Message Syntax defined in RFC 2630 Downloading certificates and CRL-s from LDAPv2 (RFC 1777) and LDAPv3 (RFC 2251, RFC 2252) directories as specified in RFC 1777 (LDAP2) Revocation message transmission, using Certificate Management Protocol messages (RFC 2510) Time-stamping server as specified in PKIX draft Client certificate requests compliant to RFC 2511 Supported algorithms –encryption: RSA –hash: SHA-1 (read and write), MD5 (only read, for backward compatibility) Supported Certificate Authorities – iD2 Certificate Manager 3.1 – Baltimore Unicert 3.0.5

Digital Signature implementation awareness Several articles published in leading newspapers and magazines Seminars and information days Comprehensive digital signature ABC, by Valdo Praust Different Estonian organisations are preparing their operations to support implementation of Public Key Infrastructure Local PC manufacturer Microlink is planning to add chip card reader to core PC

Some information sources Estonian government portal: Department of State Information Systems: Legal text translations: Yearbooks IT in Public Administration: Research: Solutions: