The German eID and eIDAS

Slides:



Advertisements
Similar presentations
1 Proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market (COM( final) {SWD(2012)
Advertisements

Steps towards E-Government in Syria
Siemens IT Solutions and Services Porvoo 12 – Grosseto, October 2007 Update on EU Common Specifications.
Digital Identity Group May GIXEL  GIXEL is the professional association of electronic component and system industries in France. It brings together.
CEF Building Blocks Joao RODRIGUES FRADE
ETen E-Poll ID – Strasbourg COE meeting November, 2006 Slide 1 E-TEN E-POLL Project Electronic Polling System for Remote Operation Strasbourg.
TDL Meeting 7-8 April 2014 //Vienna Sprint Proposal The key of a legal on line signature The key of a legal on line signature: The inseparable link between.
Setting Processes for Electronic Signature 1 The ”W-SPES Project” and the “Leuven Report on the Electronic Signatures Directive” – Putting the Project.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
European Electronic Identity Practices Country Update of …………… Speaker: Date:
EForms and Service Delivery through State Portal & SSDG Kavita Bhatia.
Respecting Privacy in Global Networks/ Guernsey, Wednesday 11 th April, Paula Ortiz López Spanish Data Protection Agency.
Page 1 Issues in and perspectives on electronic authentication of health professionals Pascal POITEVIN Marketing and Communication manager GIP-CPS e-Health.
1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.
2-Jun-15 1 ACCESSING ON LINE SERVICES PROTECTED BY THE ITALIAN EID GIOVANNI MANCA National Center for Information technology in Public Administration (CNIPA)
E-region Gabrovo Document interchange between regional administration, municipalities within the region and de-concentrated state administrations for administrative.
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.
Designing and Implementing Secure ID Management Systems: BELGIUM’s Experience Washington - September 27 th, 2010 Frank LEYMAN © fedict All rights.
Infrastructure for Electronic Government, An Overview
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Stork is an EU co-funded project INFSO-ICT-PSP STORK PRESENTATION STORK Presentation Lithuania March 2010.
Evolution in cross-border interoperability of eSignatures and eID Tarvi Martens SK, Estonia.
National Smartcard Project Work Package 8 – Security Issues Report.
COUNTRY XXX European Electronic Identity Practices Country Update of XXX Speaker: Date: 11 May 2006.
European Electronic Identity Practices Country Update of Austria Peter F Brown Office of the CIO, Austrian Federal Chancellery Chair, CEN eGov Focus Group.
Vilnius, October 21st, 2002 © eEurope SmartCards Securing a Telework Infrastructure: Smart.IS - Objectives and Deliverables Dr. Lutz Martiny Co-Chairman,
Dao Dinh Kha National Centre of Digital Signature Authentication - Agency of Information Technology Application A vision on a national Electronic Authentication.
Account Authority Digital Signature AADS Lynn Wheeler First Data Corporation
Österreich 2006 Austria 2006 Autriche 2006 Präsidentschaft der Europäischen Union Presidency of the European Union Présidence de L’Union européenne ★★★★★★
How can I trust the rest of Europe ? Requirements and a possible organisation with regard to epSOS and eHealth Frank Robben General manager eHealth platform.
ISSA European Network Technical Seminar on efficient e-services in Social Security Warsaw, 24 th of May 2012 Dr. Jens Bruhn Deutsche Rentenversicherung.
EGovernment Services in Poland Today & in The Future Dariusz Bogucki Ph.D, IDA II, National Co-ordinator National Registers Department, Ministry of Internal.
Helsinki Institute of Physics (HIP) Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.
Kevin Novak, Chair W3C Electronic Government Interest Group April 17, 2009.
“STORK / STORK 2.0 Project Overview” ARE3NA workshop, March 17th Miguel Alvarez Rodriguez Stork 2.0 is an EU co-funded project INFSO-ICT-PSP
E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.
Stork is an EU co-funded project INFSO-ICT-PSP Students Mobility: STORK Project Deployment Paúl Santapau Nebot Vicente Andreu Navarro.
CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
eIDAS: current state of play and the Luxembourgish approach
Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
European Electronic Identity Practices Country Update of Estonia Speaker: Ivar Jung Date:
Update on ETSI Security work Charles Brookson OCG Security Chairman DOCUMENT #:GSC13-PLEN-57 FOR:Information SOURCE:Charles Brookson AGENDA ITEM:6.3
Strategy and experience of Spain in interoperability for eGovernment.
Networks ∙ Services ∙ People Andrea Biancini #TNC15, Porto, Portugal Implementing Grouper to federate user authorization Federated Authorization.
Stork is an EU co-funded project INFSO-ICT-PSP STORK PRESENTATION Frank LEYMAN Manager International Relations 04/06/2009.
The Future Digital Identity Landscape in Europe Timothée Mangenot, chairman 14th of December, 2015 ACSIEL partners day.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
Central Application s Office NISpVU2 and eID Mirko Stanić.
The Future Digital Identity Landscape in Europe Stefane Mouille/Detlef Houdeau World eID Congress, 27th of Sep. 2017, Marseille, France.
Cross-sector and user-centric AAI
InCommon Steward Program: Community Review
Public Sector Institutional Reform Project
SPOCS : Simple Procedures Online for Crossborder Services
Public private partnership concerning user and access management (UAM): the vision of the federal
Why eIDAS? eID under eIDAS compliance
European Citizens’ Initiative, Commission regulation proposal Focus on IT aspects Jérôme Stefanini DIGIT.B.2 05/06/2018.
Development roadmap of Suomi.fi-services
CEF eID SMO The use of eID in eHealth
The e-government and the OPAC
Development roadmap of Suomi.fi-services
Dashboard eHealth services: actual mockup
Laur Mägi Department of Information Systems and Document Management
Website authentication E-registered delivery
eIDAS and border region farmers
Web-Services for eGovernment in Germany
Development roadmap of Suomi.fi-services
E-identities (and e-signatures)
Presentation transcript:

The German eID and eIDAS Jens Bender Federal Office for Information Security

Electronic Identification @ eIDAS Notification of (existing) national eID schemes No „EU-eID“, but mutual recognition of national eIDs Notification is not mandatory Recognition of notified eIDs is mandatory eID schemes are only affected if notified eServices are always affected → „Interoperability“ instead of „harmonisation“

The German eID Governmental ID Card Integrated (contactless) chip since 2010 ~ 40 Mill. issued Electronic functions Travel similar to ePassport Identification/authentication Qualified Signature

Can the service provider prove its identity? The German eID Citizen: Can the service provider prove its identity? Citizen uses eID to prove identity Service Provider: Is the citizen able to prove his/her identity? Service provider proves identity using its access certifcate Both, the citizen and the service provider, have reliable proof of the identity of the other party

Background Infrastructure The German eID Based on secure channel citizen ↔ SP As opposed to “document oriented” signatures Only valid in the moment of authentication Offline capable Citizen Web Browser eID-Client Service Provider Web Site Background Infrastructure Card Reader eID-Server 01.12.2015

Background Infrastructure The German eID No traditional “ID-Provider” No central IT security hot spot No central entitiy which could track citizens → privacy No Service Level Agreements necessary Citizen Web Browser eID-Client Service Provider Web Site Background Infrastructure Card Reader eID-Server 01.12.2015

European Interoperability Many different eID schemes Smartcard based, TAN based, server based, … Based on signature or secure channel or … Operated by government or private sector (or both) Interop. framework must deal with all of them 01.12.2015

Proxy based eID scheme provides central “Proxy” all SPs can connect to Well suited for eID schemes already having a central entity Pro SPs needs to implement only a single interface Con No end-to-end relationship between citizen and SP Which law to use? Who is the data controller? The proxy knows everything → Tracking Single Point of Failure → Availability? 01.12.2015

Pure Middleware based eID scheme provides middleware to SPs Pro Con Well suited for eID schemes having no central entity Pro End-to-end relationship (allows mutual auth.) No central component Con Service provider needs to deploy middleware 01.12.2015

“Hybrid” Middleware based eID Central deployment at receiving MS No central component in eID scheme necessary Central deployment at receiving MS As single interface towards Service Provider SP does not need to know if the citizen uses a MW or Proxy based scheme 01.12.2015

Interoperability Framework Defines common interface for Proxy and Middleware Notifying MS decides on Proxy- or Middleware based notification Receiving MS decides on centralized/decentralized deployment Also “semi decentralized”, e.g. one Connector per sector, is possible Criteria Does a central entity already exists What fits into security/data protection “philosophy” Scalability National eID scheme Proxy eIDAS Connector Service Provider(s) MW 1 National eID scheme MW 2 01.12.2015

German eID is middleware based DE & eIDAS : eID scheme German eID is middleware based Fits into the framework Middleware to be provided to other MSs under development/testing eIDAS only deals with “unique identification” No pseudonymous identification, age verification, … No authentication of SP → only part of the German eID scheme is covered 01.12.2015

DE & eIDAS : Service Providers Decentralized deployment for Service Providers SPs already operate “eID-Server” for German eID To be extended by Connector to eIDAS Interoperability Framework Less data available via eIDAS than from German eID Not all MSs deliver name at birth, place of birth expected by eGov Many processes require address not available from all MSs Service Provider need to understand concept of LoA → Adaption of business processes necessary! 01.12.2015

Current Status / Way forward Implementing Act for Interoperability Framework published in Official Journal Technical Specifications Drafted by Technical Subgroup of the Expert Group Opinion of the Cooperation Network and adoption Testing and Integration Sample Implementation by DIGIT under CEF Pilots … Support for MSs for (technical) integration via CEF calls Which Member State will notify first? 01.12.2015

Long-term Hypothesis Currently: many different national eID schemes Every MS does his own thing „Enforced“ interoperability via eIDAS regulation → Hypothesis: Convergence of eID schemes will happen Due to economic, not regulatory, pressure Common standard(s) Common data model(s) and „direct“ interoperability Cost and time-to-market reduction for industry and MS 01.12.2015

! – ? 01.12.2015

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.