Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ministry of Public Administration

Published byGeraldine Cox Modified over 8 years ago

Similar presentations

Presentation on theme: "Ministry of Public Administration"— Presentation transcript:

1 Ministry of Public Administration
e: Tržaška cesta 21, 1000 Ljubljana t: , f: Republic of Slovenia Certification service and electronic identification – PKI in Slovenian government Aleš Pelan, M.Sc. Directorate for e-Government and Administrative Processes Ministry of Public Administration

2 Digital Certificate Digital Certificate = Presents a modern alternative to old fashioned forms of identification Content: Name and surname of the holder Unique number Public key address ...... Certified by the certificate authority DN: cn=Ales Pelan, ou=certificates, o=state-institutions,c=si Serial #: Start: 15/7/ :20 End: 15/7/ :50 Key: CA DN: ou=SIGOV-CA, c=SI

3 Legal Bases for Digital Certificates
Electronic Commerce and Electronic Signature Act (2001, novel in 2004) Decree on Conditions for Electronic Commerce and Electronic Signing Personal Data Protection Act Secret Data Protection Act CA Policy (public and internal part of rules)

4 Register of CSP’s (Certificate Service Providers)
Regulated in ECESA (electronic, digitaly signed form) Managed by Ministry of Higher Education, Science and Technology Basis for Certificate-based e-services in Slovenia (instead of cross-certification) 5 CSP’s issuing qualified certificates: SI*CA (CA at MPA) HALCOM CA AC NLB POŠTA CA SI-MoD-CA

5 SI*CA Slovenian Governmental Certification Authority Slovenian General

6 SI*CA Slovenian Time Stamping Authority
Country Signing Certification Authority Slovenia

7 Types of digital certificates
Enterprise certificates Web certificates Encryption/decryption Digital signature Authentication Secure delete Web communication Web communication (SSL, TLS) (S/MIME) Usage private public Validity of keys 3 years en./de., signature 5 years authentication Characteristics Valid for 5 years No automatic extension of validity Automatic extension of validity Keeping of decryption keys

8 Types of digital certificates
Public administration Natural and legal persons Enterprise certificates: employees organizational units servers TSA systems Enterprise certificates : employees organizational units servers Web certificates : employees organizational units servers code signers OCSP responders Web certificates: employees organizational units servers code signers citizens

9 o=state-institutions
SIGEN-CA public directory (digital certificates & CRL) c=si X500.gov.si (LDAP, HTTP access) o=state-institutions ou=sigen-ca firma1 ou=companies firma2 firma3 ou=companies-web firma1 firma2 firma3 ou=individuals

10 Data of certificate holders and legal persons
serial number of digital certificate holder’s ID number holder’s tax number ID number of legal person tax number of legal person Connectional table Access for services: legal basis agreement Levels of access: data acquisition data validation

11 Registration authority SI*CA
Policy Application Registration authority SIGOV-CA SIGEN-CA Applicant Reference number Authorization code DC holder

12 Registration authority SI*CA
Public Admini- stration MPA Administrative units (68) Citizens Embassies & Consulates (45) Legal persons Tax offices (24)

13 SI*CA certificates in e-services
e-Government (e-SPA, OSS, e-taxes, Intrastat, e-notary, e-reporting, e-geodetic data, e-farm …) e-banking (Abanet, e-Banka Celje, DBS NET, Dh-Plus, E-LON, KaD.Net …) e-businesses (SiOL, Elektro Ljubljana, Mobitel, miniMAX, EBA …) other (e-student, M servis …)

14 SI-TSA (Slovenian Time-Stamp Authority)
Trusted time stamp is an electronically signed certificate from a certifying authority that confirms data content at the stated time. SI-TSA Issuing trusted time stamps for applications; Intended for public administration institutions and bussinesses (agreement); Interface: Web service (SOAP) and RFC 3161 ASN.1 service.

15 CSCA-SI (Country Signing Certification Authority - Slovenia)
EU Member States must issue passports with Biometric identifiers (facial image) after 28 August Council Regulation No 2252/2004 of 13 December 2004; Countries in Visa waiver Permanent Program had to fulfill the same requirement till 26 October 2006; Biometric data stored on a contactless radio chip and digitaly signed; CSCA-SI issues digital certificates for Document Signers in Slovenia; Operational since June 2006.

16 Bussiness issues PKI – one of infrastructural services at MPA
availability of services: free services for government and citizens paylable services for legal persons ( contracts, EUR of yearly income) maintanance costs: usually as a percentage of purchase price monthly cost per CA approx EUR (covering HW and SW for core CA and RA services; no costs for business premises, common infrastructure and employees included)

17 Critical success factors
suitable internal organization compulsory policy documents (CP, CPS…) pre-defined standard procedures strict division of responsibilities/roles min two employees per role trained stuff (min 9 persons for 8 roles to be correctly covered) integration of certificates in e-services: test PKI environment tool for creating dig. signatures (XML/PDF) CA certificates in web browsers (IE,FF…)

18 And the future? web RA autoregistration identification by Post m-PKI
certificates on mobile phones CVCA-SI e-passports with fingerprints CVCA -> DV -> IS e-ID e-gov functionality (digital certificates) project currently on-hold

19 Any further questions:
Additional information:

Download ppt "Ministry of Public Administration"

Similar presentations

1 eGovernment Projects and Perspectives in the Bulgarian Public Administration Nedelcho Nedelchev Advisor to the Minister of State Administration and Administrative.

1 eGovernment Projects and Perspectives in the Bulgarian Public Administration Nedelcho Nedelchev Advisor to the Minister of State Administration and Administrative.
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Mr. Aivars Paegle, Legal manager at The Register of Enterprises of the Republic of Latvia, Juridical Division Workshop on Single Institution for Registration.

Mr. Aivars Paegle, Legal manager at The Register of Enterprises of the Republic of Latvia, Juridical Division Workshop on Single Institution for Registration.
Launching Egyptian Root CA and Inaugurating E-Signature Dr. Sherif Hazem Nour El-Din Information Security Systems Consultant Root CA Manager, ITIDA.

Launching Egyptian Root CA and Inaugurating E-Signature Dr. Sherif Hazem Nour El-Din Information Security Systems Consultant Root CA Manager, ITIDA.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Host of the 13 th ECRF Annual Conference - Budapest 2010.

Host of the 13 th ECRF Annual Conference - Budapest 2010.
Respecting Privacy in Global Networks/ Guernsey, Wednesday 11 th April,2007 1 Paula Ortiz López Spanish Data Protection Agency.

Respecting Privacy in Global Networks/ Guernsey, Wednesday 11 th April, Paula Ortiz López Spanish Data Protection Agency.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.

PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
DIGITAL SIGNATURE AND ELECTRONIC DOCUMENTS IN ITALY Prof. Pierluigi Ridolfi AIPA Authority for Information Technology in the Public Administration V. Solferino,

DIGITAL SIGNATURE AND ELECTRONIC DOCUMENTS IN ITALY Prof. Pierluigi Ridolfi AIPA Authority for Information Technology in the Public Administration V. Solferino,
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Summer School Certificates Diego Romano & Gilda Team.

Summer School Certificates Diego Romano & Gilda Team.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Workshop 57074 Ankara, 16.3. – 17.3. 2015.  Introduction  Legal background in Slovenia  Usage areas  Accreditations and supervision  REM service.

Workshop Ankara, –  Introduction  Legal background in Slovenia  Usage areas  Accreditations and supervision  REM service.

Similar presentations

Ads by Google