Upload
darrell-underwood
View
218
Download
3
Tags:
Embed Size (px)
Citation preview
Belgian proposal of an organization model for an
electronic identity card
Frank RobbenGeneral ManagerCrossroads Bank for Social SecuritySint-Pieterssteenweg 375B-1040 BrusselsE-mail: [email protected]
2Crossroads Bank for Social Security 09.10.2001
What is E-government ?
E-government is a continuous optimization of service delivery and governance by transforming internal and external relationships through technology, internet and new media
internal relationships- government to government- government to employees
external relationships- government to citizen- government to business
• user of public services• provider of services
3Crossroads Bank for Social Security 09.10.2001
Why E-government ?
provision of better service to the customer (citizens and companies) and service providers
modernization of the public sector- example and catalyst for the adoption of new technologies- improvement of cost efficiency- more challenging work environment for government
employees
4Crossroads Bank for Social Security 09.10.2001
reduce burdens (travel, queuing, paperwork, …)
realtime feedback
permanent access from any location
easy to find information personalized service
unique data collection proactive governance
more participation in decisions direct contact with competent
public agency access to personal data
Better service
5Crossroads Bank for Social Security 09.10.2001
E-government: a structural reform process
E-government requires- re-engineering of processes- re-organization- change of mindsets (customer centric)- changes of legal environment- cooperation between several government levels
6Crossroads Bank for Social Security 09.10.2001
Back office integration is the key
unique data collection integrated data management (principle of the
authentic source) electronic data exchange and work flow architecture & horizontal services:
- unique identification keys (electronic identity card)- PKI- messaging and transaction services- portal architecture- content management system
standards (XML, IP, etc) global but decentralized approach
7Crossroads Bank for Social Security 09.10.2001
Customer centric
portal interaction triggered on- life events (birth, marriage, etc.)- life styles (sport, culture, etc.)- life status (unemployed, retired, etc.)
p-channels and e-channels must co-exist multi device access (PC, TV, WAP GSM, PDA, …) integrated services
- information- interaction- transaction
8Crossroads Bank for Social Security 09.10.2001
Customer centric
critical reflection on principles of data collection and creation of new added value- readable and understandable text- analysis of the requirement of data collection- harmonization of basic concepts- first data verification, then data collection- default values based on previously entered data- on-line help- simulation environments
9Crossroads Bank for Social Security 09.10.2001
Levels of service maturity of E-government
Level 1Information
Government agenciespublish information
on the web
Level 2Interaction
Users can communicateelectronically withsingle government
agencies, but agenciesdon’t necessarily
communicateelectronically with
the user
Level 3Transaction
User can communicateelectronically with single government
agencies, andapplications
of the agenciesrespond electronically
to the user
Level 4Integration
Cross-agency informationand transactionsare available via
intention based portals
Back offices are integrated and business processes
are re-engineered
Complexity / Costs
Con
stit
uenc
y V
alue
10Crossroads Bank for Social Security 09.10.2001
Electronic identity card
possible functions- identification of the holder- authentification of the holder- generation of electronic signature- electronic proof of characteristics of the holder- execution of programs- electronic data storage- electronic purse
11Crossroads Bank for Social Security 09.10.2001
Electronic identity card
retained functions- visual and electronic identification of the holder- authentification of the holder via the technique of the digital
signature- generation of electronic signature via the technique of the
digital signature- proof of characteristics of the holder via the technique of the
digital signature on the initiative of the holder- only identification data storage- no electronic purse- no biometry
12Crossroads Bank for Social Security 09.10.2001
Identification
visual- basic identification data: name, first names, place and date of
birth, sex, nationality, unique identification number – no address
- photograph
electronic- cfr. visual basic identification data (+ address ?)- digital photograph
13Crossroads Bank for Social Security 09.10.2001
Digital versus electronic signature
digital signature- technique based on asymmetric cryptography- permitting to determine the origin and the integrity of
electronic data
certificate- confirmation that a pair of keys proves something (e.g.
identity, characteristic, …)
electronic signature- use of a certain technique, e.g. the technique of the digital
signature- as an electronic and legally valid alternative of a manual
signature
14Crossroads Bank for Social Security 09.10.2001
Scheme
digital signature electronic signature
electronic signature by means of thetechnique of a digital signature
15Crossroads Bank for Social Security 09.10.2001
Technique of the digital signature
CA
public key
CA
public key
digital signature
16Crossroads Bank for Social Security 09.10.2001
Some concepts
identity certificate: proof of identity attribute certificate: proof of characteristics (e.g.
function, quality, mandate) function of registration authority (RA):
- ‘counter’ where the certificate is requested and that verifies if communicated identity or characteristic is correct
- if so, approves the request and reports it to the certification authority
function of certification authority (CA):- produces on the base of the information from the RA a
certificate which is linked with a pair of keys- manages that certificate
17Crossroads Bank for Social Security 09.10.2001
Use of the technique of the digital signature
3 applications- electronic storage private key with related identity certificate
for electronic authentification- electronic storage private key with related identity certificate
for the generation of an electronic signature- electronic storage of one or more private keys with related
attribute certificates in order to proof characteristics
18Crossroads Bank for Social Security 09.10.2001
Use of the digital signature
model- private keys with related identity certificates
• automatically stored on the card unless opposition of the holder (opting-out)
• delivered by CA chosen by the government as a result of a public call for tenders
- private keys with related attribute certificates• storage place available on the card• free choice of the holder (opting-in)• delivered by CA chosen by the holder
19Crossroads Bank for Social Security 09.10.2001
Law on electronic signature
article 1322, paragraph 2 Civil Code
“For the purpose of this article can meet the requirement of a signature, a set of electronic data that can be attributed to a particular person and that proves that the content of the act has been maintained”.
20Crossroads Bank for Social Security 09.10.2001
Law certification service providers
implementation European Directive into Belgian law- provision that qualified electronic signature meets the
requirements of article 1322, paragraph 2 Civil Code- scheme of minimal missions (issuance, management,
revocation of certificates) and liability of certification-service-providers
- rules at suspension of activities by certification-service-provider
- voluntary accreditation scheme- rules regarding liability of certificate holder- supervision and sanctions - possibility to make the use of electronic signatures in the
public sector subject to additional requirements
21Crossroads Bank for Social Security 09.10.2001
Goals
promote rapid availability of identity certificates guarantee quality of identity certificates promote multifunctional and free use of identity
certificates guarantee open market of independent evolving
certification authorities guarantee interoperability between certification
authorities guarantee conformity with evolving technical
standards conformity with the European Directive
22Crossroads Bank for Social Security 09.10.2001
Organization model
government chooses card producer and CA issuing the identity certificates as a result of a public call for tenders
the municipality calls the holder for the issuing of the electronic identity card
the holder can choose to have or not 2 private keys associated to identity certificates, on his identity card; if so, the municipality acts as registration authority for the identity certificates
23Crossroads Bank for Social Security 09.10.2001
Organization model
electronic identity card contains necessary space to store other private keys associated to attribute certificates that holder can obtain at CA of his choice
private key associated to identity certificate on electronic identity card can be used to generate electronic signature within the scope of E-government applications which require an electronic signature
24Crossroads Bank for Social Security 09.10.2001
Organization model
CM/CP/CI (7)
(8)(9)
Matti
ERA
Face to face identification
De Gemeenten(1)
RC
(3)BullBull
Meikäläinen
PIN & PUK1
(10b)
(10a1)
(11)
(13)
-
(10a2)
(2), (12)
VRKVRK
(4)
CA
CA
(5)
(6)
-code
25Crossroads Bank for Social Security 09.10.2001
No storage of electronic data
why not ?- preventing perception of the card as a big brother- preventing loss of data, when the card is lost- preventing frequent updates of the card
stimulation of the controlled access to data over networks, using the card as an access tool, rather than storage of data on the card
thus, no integration of SIS-card and electronic identity card
26Crossroads Bank for Social Security 09.10.2001
Advantages
to the user- faster communicaton / service delivery- better quality of service- more personalized approach- reduction of administration cost- higher availability of services (24/7)- more transparancy
27Crossroads Bank for Social Security 09.10.2001
Advantages
to the government- higher work satisfaction for employees by avoiding useless
work- better control of administration cost- better image of public agencies- more direct relation with target groups- more efficient policy support- more efficient fraud detection
Th@nk you !
Crossroads Bank for Social Security