Designing and Implementing Secure ID Management Systems: BELGIUM’s Experience Washington - September 27 th, 2010 Frank LEYMAN © fedict All rights reserved
Citizen Centricity COMMON BACK- OFFICE COMMON PROCESS FLOW COMMON KEY MODULES E- APPLICA TIONS TOOLS Mandates Attributes Delegation Roles © fedict All rights reserved
ONE COMMON BACK-OFFICE © fedict All rights reserved
SECURITY LAYER … Ministry A Ministry B Ministry C Ministry Z FEDMAN Federal Service Bus National Portal Website Building Blocks © fedict All rights reserved
ONE UNIQUE ELECTRONIC KEY: THE BELGIAN eID © fedict All rights reserved
Electronic identity card (eID) Children <12 years old Foreign residents Belgian citizens >12 years old © fedict All rights reserved
eID Security © fedict All rights reserved
eID Digital Information Use without PIN ID ADDRESS RRN SIGN RRN SIGN RRN SIGN RRN SIGN IDENTITY “PIN protected” authentication digital signature PKI private public private public © fedict All rights reserved
LOTS OF e-APPLICATIONS © fedict All rights reserved
Lots of applications of the eID card student cards Healthcare e-commerce Driver’s license Proof of membership SSO, etc. Home banking © fedict All rights reserved
Vending machines No alcohol under 18 year... © fedict All rights reserved
Lots of TOOLS at your disposal © fedict All rights reserved
Quick Install 1. Install the eID software 2. Connect the card reader to the computer 3. Consult your data © fedict All rights reserved
© fedict All rights reserved
05/05/2009 | Bruxelles Direct access to more than 70 on-line transactions
eID Middleware Reading of the data – Certificates - Card & PIN © fedict All rights reserved
© fedict All rights reserved
A website to verify whether Belgian identity documents are valid or not: passport identity card residence permit with chip Registration the first time Sources authentiques © fedict All rights reserved
Fiscality © fedict All rights reserved
More Information? > © fedict All rights reserved
© fedict All rights reserved
Lots of MODULES at your disposal © fedict All rights reserved
MODULES FAS: Federal Authentication Service via eID e-LOKET: Tool to allow municipalities to offer electronic services to its citizen in a secure way e-DEPOT: Service to allow notaries to faster register acts PersonService: Webservice to allow fast query about physical persons in the public registers DIGIFLOW: User interface the Public Sector uses to get access to the FSB IAM: Identity and Access Management MAGMA: Delegation of powers between two legal entities in order to allow the second to operate on-line transactions in the name of the first (accountants, social reprenstatives,...) e-PAYMENT: Service package to allow public authorities to introduce electronic transactions © fedict All rights reserved
Standard usage Standard Process Flows © fedict All rights reserved
Standard approach WEB FSB FEDMAN network Authentic Sources © fedict All rights reserved
Example1: citizen files a complaint “theft” e-FORM FAS FSB Police Ticket # Push e-LOKET © fedict All rights reserved
Future developments © fedict All rights reserved
Identity and Access Management IDENTITY NAME DATE of BIRTH PLACE of BIRTH GENDER ADDRESS NATIONALITY FAMILY STATUS CEO of COMPANY LAWYER FATHER MEMBER OF SERVICE CLUB ACCOUNTANT MEMBER of BOARD SOCIAL SECURITY DRIVING LICENSE © fedict All rights reserved
This is for Belgium, but what about the rest of Europe? © fedict All rights reserved
SECURITY LAYER FEDMAN Federal Service Bus National Portal Website … Ministry A Ministry B Ministry C Ministry Z Gateway to EU Region ARegion BRegion CRegion Z Municipality AMunicipality BMunicipality CMunicipality Z … … Country1 Country 2 Country3 Country X … © fedict All rights reserved
Room for improvement... Communication & Education Card readers Prices of internet Prices of PC’s # of Applications © fedict All rights reserved
you! FRANK LEYMAN Manager International Relations Maria-Theresiastraat 1/3 Bruxelles 1000 Brussel TEL FAX © fedict All rights reserved