Presentation is loading. Please wait.

Presentation is loading. Please wait.

Extending eID authentication across Europe September 2013 Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263.

Published byEdward Wheeler Modified over 8 years ago

Similar presentations

Presentation on theme: "Extending eID authentication across Europe September 2013 Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263."— Presentation transcript:

1 Extending eID authentication across Europe September 2013 Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

2 WHAT IS E-AUTHENTICATION? Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

3 What is eAuthentication? eAuthentication is an electronic process that allows the validation of the electronic identification of a natural or legal person. Authentication can be: Something you know Something you own Something you are Where you are Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

4 What is eAuthentication? This combination of factors: Something you know Something you own Something provided to you generates trust among third parties. Trust PasswordID Card PKI Certificate Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

5 EUROPEAN EID CONTEXT Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

6 CENTRAL GOVERNMENT ONLINE SERVICES National online services today with eID LOCAL GOVERNMENT ONLINE SERVICES BUSINESS ONLINE SERVICES NON-PROFIT ORGANISATION ONLINE SERVICES CITIZEN Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

7 All MS have their own eID infrastructure CITIZEN Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

8 Borders will open & National online services will improve Opportunities for public and private sector CITIZEN Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

9 EU political framework Regulation on electronic identification and trust services for electronic transactions eGovernment Action Plan ISA Work Programme Political framework addressing the need for a common, secure and interoperable eGovernment solution in Europe: Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

10 EU support program Build, Connect, Grow: The European Commission’s ICT Policy support programme through Large Scale Pilots: Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

11 STORK 2.0 PROJECT Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

12 Overview 3 year project 2012 to 2015 19 countries involved 58 partners Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

13 Background STORK ICT-PSP CEFeSENS STORK 2.0 ISA Sustainability Action Regulation on electronic identification and trust services for electronic transactions Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

14 Enable interoperability of the identification of natural and legal persons and other sector identification. Explore possible ways to address a federated & trustworthy framework for cross-border eID services at European level. Build the basis for a future widespread use of eID solutions across borders, contributing to Europe’s leadership role of the eID market. Vision Facilitate digital living & mobility in the EU, envisioning eID as a Service Offering, with a strong commitment to open specifications and long-term sustainability. Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

15 Benefits Economies of scale Greater security Standard trusted services Increased efficiency and cross-border integration Transaction costs savings Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

16 eLEARNING and ACADEMIC QUALIFICATIONS eLearning: cross-border academic services. Academic Qualifications: use of academic information (titles, registers, qualifications) by governmental and private institutions. eBANKING Online banking services supporting national eIDs. Enable companies to open bank accounts and consult their daily procedures electronically and remotely. PUBLIC SERVICES for BUSINESSES Enable legal entities to use online public services in other Member States, with already existing procedures and applications. eHEALTH Secure online access to medical data. The patients rights to access to their personal medical data in cross-border health services. BUSINESS-ORIENTED STORK 2.0 Pilots Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

17 Collaboration with LSPs Interaction with the other LSPs building on gained experience and lessons learned. Close liaisons foreseen with: eCODEX for legal aspects around eID for legal persons epSOS for integrating STORK 2.0 solutions for eID-based authentication with its eHealth infrastructure eSENS for an infrastructure for cross-border public services delivery in support of the Digital Single Market Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

18 PLATFORM DEVELOPMENT Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

19 Enhancements to STORK 1 It encompasses eID for secure electronic authentication of both legal and natural persons. It includes facilities for mandates, widely useable across the EU, providing strong data protection and secure ways of transferring attributes, all under user control. Its allows the use of STORK not only to private sector but also public sectors, in the first place banks. This increases the requirements on availability, security, and reliability. Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

20 Platform built around the user centric approach. No data is being sent abroad unless the user allows the administration to do so. The user can give his consent in various different ways: Implicitly: By introducing his credential, he implicitly allows the data to be transferred to its destination SP. Explicitly for data types: Allows users to exclude attributes to be sent. Explicitly with data values: Eliminates data to be sent to SP. As data is signed, user may not exclude any item. User Consent Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

21 Business Processes Authentication on behalf of: Allow access to an application with data of another legal/natural person. Powers (for digital signature) (as part of a contract, commercial proposal, etc.), and representation powers of signatory should be verified. Powers as stored by a service provider need to be updated / validated periodically. Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

22 Representation powers Common situation in nearly all countries: General powers Sometimes limited in time and transaction value Most countries limitations in types of powers in text or image format Both in native language Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263 Semantic limitations in some countries: E.g. ES: 2 powers tables Representation is complex and often too much focused on country specific details. We cannot expect them to be usable for cross-border standardisation

23 Representation powers Common desire to support powers’ constraints, ready for cross border use – Time (from, until) – Transaction value – Type of power Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263 23 Implementation – Deposit this list at the “powers registration office” in each country, recommending its use – Support in common functionalities to promote it use – If accepted, list may be detailed List of types of powers – Designed to support both SMEs and large organisations – Easy mapping to their organisation

24 Business Processes Business Attributes Attributes proceeding from a certain business sector, often with a meaning limited to this sector, are to be retrieved from various Attribute providers Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263 Need from pilots to interchange extended personal data (hasDegreewith diplomaSupplement, isHealthcareProfessional, etc.) As standardised as possible (for cross-border use) Multi-country attribute collection, MS specific which registers are connected and how they are accessed Business attributes are also available in first two business processes

25 Business Processes Business Attributes Attributes proceeding from a certain business sector, often with a meaning limited to this sector, are to be retrieved from various Attribute providers Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263 Need from pilots to interchange extended personal data (hasDegreewith diplomaSupplement, isHealthcareProfessional, etc.) As standardised as possible (for cross-border use) Multi-country attribute collection, MS specific which registers are connected and how they are accessed Business attributes are also available in first two business processes User represents another person

26 Other Processes in STORK 2.0 Signatures Adoption of a common solution for creation and validation of signatures Based on existing open source software (e.g. PEPPOL) Covering standards adopted by the EC, especially PAdES and XAdES with most common versions Integration, packaging, examples, and revision of documentation Version control Control of software and configuration versions Procedure for automatic inclusion of renewed certificate Automatic inclusion of new MS Anonymity For anonymous eSurveys, eVoting, etc. Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

27 Plans Common development and test Pilot integration and test Feb 2014 Mar 2014 Maintenance, bug fixes Packaging Pilot running and evaluation Mar 2015 Node integration and test Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

28 E-SIGNATURE Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

29 eSignature Authentication is not sufficient Authorisation is a step Signature may be mandatory, e.g. in Banking Based on LSP PEPPOL signature service

30 Signature-creation The signature-creation request allows a service provider to request the user signing a form (plain text or XML) or rich document (PDF). The signature request is issued to the SP’s adjacent STORK infrastructure component (S-PEPS or V-IDP) and gets routed to the citizen’s infrastructure component (C-PEPS or V-IDP). eSignature

31 Signature-verification The signature-verification request is an auxiliary service to allow a service provider (SP) to check if a signature is valid and if it conforms to the signature-quality requirement needed for the business process. The SP delegates signature-verification to its adjacent STORK infrastructure component (S-PEPS or V-IDP) which further delegates to a verification component. eSignature

32 SECURITY - QAA Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

33 Attributes - QAA / AQAA As authentication levels for a given application may differ across Member States, the project defined attribute quality authentication assurance levels (AQAA) at a European scale to: Ensure interoperability between the different attribute standards that exist in Europe. Measure the quality of different attribute provider procedures. Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

34 QAA level framework Allows for mapping national eID solutions to STORK QAA levels. Provides a means for mapping different member states levels onto each other. Similar to the “IDABC authentication levels report”. Compatible with the “Liberty Identity Assurance Framework”. STORK QAA level Description 1Minimal assurance 2Low assurance 3Substantial assurance 4High assurance Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

35 QAA Accreditation Body STORK2.0 will analyse the need and possible mechanisms to set up a neutral accreditation body, verify compliance to the STORK QAA framework, take care of the contractual aspects regarding trusted eID interoperability. The requirements of such a body will be identified, its feasibility will be examined, and a business as well as a governance concept will be designed. Alternatives, like mutual recognition, are included in the analysis. Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

36 SUPPORTING EU POLICIES Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

37 At the forefront of EU Policy ECAS-STORK Integration: To enable access to European Union information systems using the user's national eID solution with minimal impact on the EU’s information systems themselves There are more than 110 Identity Providers on STORK already and strong support and commitment from MS for this to be a success. Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

38 The EU’s ISA initiative has taken responsibility for governing and maintaining the STORK software. The ISA programme is managed by the European Commission in close cooperation with the EU Member States represented on the programme's management committee. This committee is expected to establish sub-groups of national experts to oversee and guide the implementation of the various actions while ensuring coordination and alignment with national initiatives. At the forefront of EU Policy Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

39 HOW TO GET INVOLVED… Visit STORK 2.0 website www.eid-stork2.eu !www.eid-stork2.eu Subscribe to STORK 2.0 Newsletter! Participate & “like” Stork eID Facebook page!Stork eID Facebook “Follow” us on Twitter @StorkEid !Twitter @StorkEid Connect to Stork 2.0 EID LinkedIn page!Stork 2.0 EID LinkedIn Register in STORK 2.0 online groups! Contact us at info@eid-stork2.eu !info@eid-stork2.eu Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

40 Thank you for your attention! www.eid-stork2.eu www.eid-stork2.eu Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263

Download ppt "Extending eID authentication across Europe September 2013 Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263."

Similar presentations

ICT research priorities and recommendations for strategy development in the WBC Ulrike Kunze / PT-DLR, Germany Consultation session on recommendations.

ICT research priorities and recommendations for strategy development in the WBC Ulrike Kunze / PT-DLR, Germany Consultation session on recommendations.
1 Proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market (COM(2012 238 final) {SWD(2012)

1 Proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market (COM( final) {SWD(2012)
Www.peppol.eu PEPPOL is owned by OpenPEPPOL AISBL OpenPEPPOL – Making Procurement Better André Hoddevik Head of e-procurement unit, Agency for Public Management.

PEPPOL is owned by OpenPEPPOL AISBL OpenPEPPOL – Making Procurement Better André Hoddevik Head of e-procurement unit, Agency for Public Management.
How eID and eSignatures work in a cross-border setting Wendy Carrara SPOCS Deputy Programme Director eID workshop Reaping the benefits of eID in different.

How eID and eSignatures work in a cross-border setting Wendy Carrara SPOCS Deputy Programme Director eID workshop Reaping the benefits of eID in different.
Cornel Vintila Expert in IT&C policies and regulations, Enterprise Architect, BPM Expert.

Cornel Vintila Expert in IT&C policies and regulations, Enterprise Architect, BPM Expert.
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards.

AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards.
The European Activities of BR Communication e-CODEX e-Justice Communication via Online Data Exchange Bucharest, June 14 th 2013.

The European Activities of BR Communication e-CODEX e-Justice Communication via Online Data Exchange Bucharest, June 14 th 2013.
EGovernment Vision, Policies and Implementations in Austria Prof. Dr. Reinhard Posch CHIEF INFORMATION OFFICER.

EGovernment Vision, Policies and Implementations in Austria Prof. Dr. Reinhard Posch CHIEF INFORMATION OFFICER.
Quality Label and Certification Processes Vienna Summit 11 April 2014 Karima Bourquard Director of Interoperability IHE-Europe.

Quality Label and Certification Processes Vienna Summit 11 April 2014 Karima Bourquard Director of Interoperability IHE-Europe.
Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263 Robert Scharinger & Gottfried Heider (Ministry of Health, AT) WP 5.4 eHealth pilot - epSOS OpenNCP.

Stork 2.0 is an EU co-funded project INFSO-ICT-PSP Robert Scharinger & Gottfried Heider (Ministry of Health, AT) WP 5.4 eHealth pilot - epSOS OpenNCP.
Setting Processes for Electronic Signature 1 The ”W-SPES Project” and the “Leuven Report on the Electronic Signatures Directive” – Putting the Project.

Setting Processes for Electronic Signature 1 The ”W-SPES Project” and the “Leuven Report on the Electronic Signatures Directive” – Putting the Project.
Stork is an EU co-funded project INFSO-ICT-PSP-224993 Secure Identity Across Borders Linked Secure Electronic Identity Across Europe! STORK – 4 TH I NDUSTRY.

Stork is an EU co-funded project INFSO-ICT-PSP Secure Identity Across Borders Linked Secure Electronic Identity Across Europe! STORK – 4 TH I NDUSTRY.
E-SENS Electronic Simple European Networked Services Moving services forward Dr. Cagatay KARABAT National Coordinator of e-SENS.

E-SENS Electronic Simple European Networked Services Moving services forward Dr. Cagatay KARABAT National Coordinator of e-SENS.
Stork is an EU co-funded project INFSO-ICT-PSP-224993 STORK PRESENTATION STORK Presentation Lithuania March 2010.

Stork is an EU co-funded project INFSO-ICT-PSP STORK PRESENTATION STORK Presentation Lithuania March 2010.
E-Government and interoperability : the role of Machine Translation Francisco García Morán Chief IT Advisor European Commission e-Government powered.

E-Government and interoperability : the role of Machine Translation Francisco García Morán Chief IT Advisor European Commission e-Government powered.
ISA programme: Secure-related initiatives Miguel Alvarez Rodríguez.

ISA programme: Secure-related initiatives Miguel Alvarez Rodríguez.
European Electronic Identity Practices Country Update of Austria Peter F Brown Office of the CIO, Austrian Federal Chancellery Chair, CEN eGov Focus Group.

European Electronic Identity Practices Country Update of Austria Peter F Brown Office of the CIO, Austrian Federal Chancellery Chair, CEN eGov Focus Group.
1st MODINIS workshop Identity management in eGovernment Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public.

1st MODINIS workshop Identity management in eGovernment Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public.
Identity management – developments within the European Social Security Sector Pantelis Angelidis.

Identity management – developments within the European Social Security Sector Pantelis Angelidis.

Similar presentations

Ads by Google