E-government: from hype to reality

E-government:from hype to reality

Frank RobbenGeneral manager Crossroads Bank for Social SecurityStrategic advisor Federal Public Service for ICTSint-Pieterssteenweg 375B-1040 BrusselsE-mail: [email protected]: http://www.law.kuleuven.ac.be/icri/frobben

Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)

mailto:[email protected]

http://www.law.kuleuven.ac.be/icri/frobben

2 02/12/2002Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)

What is E-government ?

E-government is a continuous optimization of service delivery and governance by transforming internal and external relationships through technology, internet and new media

external relationships- government <-> citizen

- government <-> business internal relationships

- government <-> government

- government <-> employees all relationships

- are bidirectional

- can be within a country or border-crossing


Government

not monolithic- EU- in every country

• federal level• regions• communities• provinces• municipalities• parapublic institutions• private instutions participating in delivery of public services• …

integrated E-government is based upon common strategy, multilateral agreements and interoperability

E-government contains the opportunity to realize one virtual electronic government with full respect for every specific competence


Advantages

efficiency gains- in terms of costs: same services at lower total costs, e.g.

• unique information collection using co-ordinated notions and administrative instructions

• less re-encoding of information by electronic information exchange

• less contacts

• functional task sharing concerning information management, information validation and application development (distributed information systems)

- in terms of quantity: more services at same total cost, e.g.• all services are available at any time, from anywhere and from any device

• integrated service delivery

- in terms of speed: same services at same total cost in less time• reduction of waiting and travel time

• direct interaction with competent governmental institution

• real time feedback for the user


Advantages (ctd)

effectiveness gains- in terms of quality: same services at same total cost in same

time, but to a higher quality standard, e.g.• more correct service delivery• personalized and participative service delivery• more transparant and comprehensive service delivery• more secure service delivery• possibility of quality control on service delivery process by customer

- in terms of type of services: new types of services, e.g.• push system: automatic granting of or information about services• active search of non-take-up using datawarehousing techniques• controlled management of own personal information• personalized simulation environments


E-government: a structural reform process

ICT is only a means by which a result may be obtained

E-government requires- considering information as a strategic resource for all

government activity- change of basic mindset: from government centric to

customer centric- re-engineering of processes within each government

institution, each government level and across government levels

- clear definition of mission and core tasks of every governmental institution


E-government: a structural reform process (ctd)

E-government requires (ctd)- co-operation between governmental institutions: one virtual

electronic government, with respect for mission and core tasks of each governmental institution and government level

- co-operation between government and private sector- adequate legal environment elaborated at the correct level- interoperability framework: ICT, security, unique identification

keys, harmonized concepts- implementation with a decentralized approach, but with co-

ordinated planning and program management (think global, act local)

- adequate measures to prevent a digital divide


Information as resource: implications

information modelling- information is being modelled in such a way that the model

fits in as close as possible with the real world• definition of information elements• definition of attributes of information elements• definition of relations between information elements

- information modelling takes into account as much as possible the expectable use cases of the information

- the information model can be flexibly extended or adapted when the real world or the use cases of the information change


Information as resource: implications (ctd)

unique collection and re-use of information- information is only collected for well-defined purposes and in

a proportional way to these purposes- all information is collected once, as close to the authentic

source as possible- information is collected via a supplier-chosen channel, but

preferably in an electronic way, using uniform basic services (single sign on, arrival receipt of a file, notification for each message, …)

- information is collected according to the information model and on the base of uniform administrative instructions



unique collection and re-use of information (ctd)- with the possibility of quality control by the supplier before the

transmission of the information- the collected information is validated once according to an

established task sharing, by the most entitled institution or by the institution which has the greatest interest in a correct validation

- and then shared and re-used by authorized users



management of information- information in all forms (e.g. voice, print, electronic or image)

is managed efficiently through its life cycle- a functional task sharing is established indicating which

institution stores which information in an authentic way, manages the information and keeps it at the disposal of the authorized users

- information is stored according to the information model- information can be flexibly assembled according to ever

changing legal notions- all information is subject to the application of agreed

measures to ensure integrity and consistency



management of information (ctd)- every institution has to report probable improprieties of

information to the institution that is designated to validate the information

- every institution that has to validate information according to the agreed task sharing, has to examine the reported probable improprieties, to correct them when necessary and to communicate the correct information to every known interested institution

- information will be retained and managed as long as there exists a business need, a legislative or policy requirement, or, preferably anonimized or encoded, when it has historical or archival importance


electronic exchange of information- once collected and validated, information is stored, managed

and exchanged electronically to avoid transcribing and re-entering it manually

- electronic information exchange can be initiated by• the institution that disposes of information• the institution that needs information• the institution that manages the interoperability framework

- electronic information exchanges take place on the base of a functional and technical interoperabilty framework that evolves permanently but gradually according to open market standards, and is independent from the methods of information exchange




electronic exchange of information (ctd)- available information is used for the automatic granting of

benefits, for prefilling when collecting information and for information delivery to the concerned persons



protection of information- security, integrity and confidentiality of government

information will be ensured by integrating ICT measures with structural, organizational, physical, personnel screening and other security measures according to agreed policies

- personal information is only used for purposes compatible with the purposes of the collection of the information

- personal information is only accessible to authorized institutions and users according to business needs, legislative or policy requirement

- the access authorisation to personal information is granted by an independent institution, after having checked whether the access conditions are met

- the access authorizations are public



protection of information (ctd)- every concrete electronic exchange of personal information

is preventively checked on compliance with the existing access authorisations by an independent institution managing the interoperability framework

- every concrete electronic exchange of personal information is logged, to be able to trace possible abuse afterwards

- every time information is used to take a decision, the used information is communicated to the concerned person together with the decision

- every person has right to access and correct his own personal data


Customer centric

unique declaration of every event during the life cycle/business episode of a customer and automatic granting of all related services, e.g.


Customer centric (ctd)

delivery of services that cannot be granted automatically to a customer- in an integrated way

• information• interaction• transaction

- re-using all available information• harmonized concepts• back-office integration• prefilled information



delivery of services that cannot be granted automatically to a customer (ctd)- in a personalized way

• look & feel and interface• content

– only relevant information and transactions• personalized support

– contextual help– own language– adapted vocabulary– on-line simulations

- or at least based on the way of thinking of the customer group• life events (birth, marriage, etc.) or business episodes (starting a company,

recruiting personnel, etc.)• life styles (sport, culture, etc.)• life status (unemployed, retired, etc.) or business sectors• specific target groups



declaration of events and service delivery via an access method chosen by the customer- various end-user devices

• PC, GSM, PDA, digital TV, kiosks, …

- file transfer- use of intermediaries- accessible to disabled

use of integrated customer relation management tools service delivery in principle free of charge


Re-engineering of processes

BPR programs started within every federal ministry but need for transversal BPR programs between

- federal ministries- institutions of other government levels (e.g. municipalities,

regions, communities, …)- parapublic institutions or private institutions delivering public

services (e.g. social security institutions)

integration is the key- processes (back office and front office)- information management


Integration is the key

lack of integration leads to- overloading of the citizens/companies

• multiple collection of the same information by several governmental institutions

• no re-use of available information• avoidable contacts with citizens/companies due to multiple, unco-

ordinated quality checks

- waste of efficiency and time within the governmental institutions

- suboptimal support of the policy made by government- higher possibilities of fraud


Co-operation between government levels

co-operation agreement has been signed between federal government, regions and communities- coordinated offer of e-services to citizens/companies- guarantee that a citizen/company can use the same tools

• terminal• software• electronic signature

- guarantee of a unique data collection from the citizen/company

- with respect for the partition of competences between government levels


Co-operation agreement between government levels

co-ordinated, customer oriented service delivery agreements have to be made on common standards mutual tuning of portals, middleware, websites and

back offices use of common identification keys and electronic

signature mutual tuning of business processes when necessary gradual mutual task-sharing on data storage in

authentic form common policy on SLA’s and security


Co-operation government and private sector

private companies as service providers (sharing of investments), e.g.- network and security management- co-sourcing in BPR and development/maintenance/housing

of ICT building blocks, e.g.• certification authorities• portals

private companies as partners- integrated work flow with their own information systems, e.g.

• e-procurement• tax declaration• social security declarations


Changes of the legal environment

organization of integrated data management and electronic service delivery: legal base for Royal Decree exists- functional task sharing on information management- obligation to respect unique data collection from the

customer- obligation to exchange information in an electronic way- permission or obligation to use unique identification keys

harmonization of basic concepts


Changes of legal environment (ctd)

ICT-law- data protection- public access to information- electronic signature- probative value

no overregulation- only basic principles- technology-neutral, but not technology unaware


Interoperability framework

goal: to guarantee the ability of government organizations and customers to share information and integrate information and business processes by use of- interoperable ICT- common security framework- common identification keys/sets for every entity- harmonized concepts and data modelling


ICT interoperability

examples on- www.govtalk.gov.uk and www.e-government.govt.nz (recent

frameworks based on actual open ICT standards, to be implemented)

- www.ksz.fgov.be (framework started in 1991 and implemented between 2.000 Belgian social security institutions, with unique gateway to foreign social security institutions within the EU, and continuously adapted to evolving and proven ICT standards with backwards compatibility)

tendency to use of open ICT standards but ICT is so dynamic and fast changing that ICT standards are

in an almost constant state of evolution huge need to agreements on how to ensure functional

interoperability, far beyond technical interoperability

http://www.govtalk.gov.uk/

http://www.govtalk.gov.uk/

http://www.e-government.govt.nz/

http://www.ksz.fgov.be/



Functional ICT interoperability

standardized codification (e.g. institutions, return codes, …) standardized use of objects and attributes standardized layout of header of messages, independent from

information exchange format (EDI, XML, …) and type of information exchange

version management backwards compatibility SLA’s on disponibility and performance of services access autorisation management anonimization rules acceptation and production environments priority management …


Common security framework

issues- confidentiality- integrity- availability- authentication- autorisation- non-repudiation- audit


Common security framework (ctd)

specific points of interest- risk awareness based on risk analysis- security policies - structural and organisational aspects- encryption standards- interoperability of

• PKI• electronic certificates

– procedures (registration authority, certification authority)– difference between identification certificates and attribute

certificates– attributes, optional fields

• revocation lists• directories

- application security


Common identification keys

at least common identification keys and identification sets for every entity- person- company- patch of ground

between nations- unique schemes- conversion tables

regulation of interconnection of information based on unique identification keys


Common identification keys (ctd)

characterictics- unicity

• one entity – one identification key• same identification key is not assigned to several entities

- exhaustivity• every entity to be identified has an identification key

- stability through time• identification key doesn’t contain variable characterics of the identified

entity• identification key doesn’t contain references to the identification key or

characteristics of other entities• identification key doesn’t change when a quality or characteristic of the

identified entity changes


Harmonized concepts and data model

harmonized concepts and datamodel: example on www.socialsecurity.be (best practice of combination of back office integration and e-portal solution in web-based survey on electronic public services by DG Information Society (European Commission) – April 2002)

http://www.socialsecurity.be/





Harmonized concepts and data model

standard elements- with well defined characteristics

- used within all services OO-oriented, e.g. inheritance in a multilingual environment version management in an ever changing environment define once, use many (different presentations) workflow for validation of standard elements and characteristics multi criteria search

- by element

- by scheme

- by version

- …


OO-oriented – inheritance






Version management


Version management


Validation workflow


Validation workflow


Define once, publish many


Define once, publish many


Multi criteria search






A methodology to harmonize concepts

inventory of all documents (frequently) used for information collection

inventory of collected information classification of collected information using a

clustering methodology decomposition of collected information into “real life”

classes with description of the asked attributes analysis of goals: what is every “real life” classes used

for ? setting up of simplification propositions (e.g.

senseless different treatment of same “real life” object)


A methodology to harmonize concepts (ctd)

based on the simplification propositions, framing out of an OO information model for information to be collected

design of XML-schema’s for the collecting of the information, corresponding to the OO information model

legislative adaptations in order to introduce the uniform definitions of the information classes

procedures in order to guarantee the consistency of the OO information model in an ever changing legal environment


Preventing digital divide

no creation of information haves and information have-nots

possible measures- promoting automatic granting of services- electronic services are (for the time being) considered as

extra services, tradional services remain- access to electronic services in public places- role of intermediaries and front office organisations- education and life-long learning- promoting usability of portals and websites


Some interesting Belgian projects

social security sector network of service integrators electronic identity card unique identification keys portal sites


April 2002

Web-based survey on electronic public services ordered by the European Commission (p. 11):

The website of the social security administration in Belgium (www.socialsecurity.be) is a good example of the combination of back-office integration and an e-portal solution. This site is a front-office result of a long-term effort that the Belgian government made last years linking different databases. The site is a unique window for social security in Belgium

See http://europa.eu.int/information_society/eeurope/benchmarking/ list/source_data_pdf/2nd_measurement_final_report.pdf





http://europa.eu.int/information_society/eeurope/benchmarking/list/source_data_pdf/2nd_measurement_final_report.pdf





Belgian social security sector

principles have been implemented under co-ordination of the Crossroads Bank for Social Security, in co-operation with 2.000 public and private social security institutions

functional and technical interoperability framework is functioning- between these institutions- between these institutions and all employers

every socially insured person has a unique identification key throughout the whole social security sector and an electronically readable social identity card containing this identification key


Belgian social security sector

protection of information organised by- Control Committee designated by Parliament

• preventive authorization of legitimacy of the exchange of personal data• complaint handling• security policies

- Crossroads Bank for Social Security• preventive access control• loggings


Interoperability within social security

onem

inami

cger

onpossom

onva

fmp

fat

adp

onafts

cpsm

inasti

onssaplonss

spfss

spfe & t

fonds de

séc.

exist.

Crossroads Bankfor

Social Security

national register

sickness fundsnetwork


Reference directory

serves as a base for organization of information flows structure

- directory of persons: what persons in what capacities have personal files in what social security institutions for what periods

- data availability table: what data are available in what social security institutions for what types of files

- access authorization table: what data may be transmitted to what institutions for what types of files

functions- routing of information- preventive access control- automatic communication of changes to information


Information servers

information servers- directory of persons of the Crossroads Bank- National Register- Crossroads Bank Registers- wages and working time database (LATG) of the ONSS- employers directory (WGR) of the ONSS- consultable database of contribution certificates - it contains the

proofs of “ensurability”, i.e. the fact that somebody is entitled to receive medical treatment

- SIS-card registers services offered

- interactive consultation- batch consultation- automatic communication of updates


National Register - CBSS Registers - past situation

National Register

Municipalities


National Register - CBSS Registers –present situation

National Register

Municipalities


Preprocessed messages

preprocessed messages- beginning/end of labour contract, beginning/end of self-employed activity- contribution certificates medical care (employees, self-employed,

beneficiaries of social security allowances)- unemployment benefits – career break- allowances for incapacity for work (health care, accidents at work,

occupational disease)- young unemployed- allowances to the handicapped- guaranteed income – social support- people suffering from long-term illness- social exemption- fiscal exemption- tax reduction/exemption- special contribution for social security- solidarity contribution on old age pensions- migrant workers


Preprocessed messages

services offered:- batch consultation- automatic communication of messages


ONSS INAMI

Employer

Employees

Sickness funds

Control

Contribution certificate health care sector –past situation


INAMI

Control

KSZ-BCSS

ONSS

Employer

Employees

Sickness funds

Contribution certificate health care sector - present situation


Derived rights in tax affairs

a number of people are entitled to an increased refund of the costs for medical care

moreover, a number of municipalities and provinces grant these persons reductions or even exemptions of the taxes


Sickness fund

Derived rights in tax affairs - past situation


CBSS

sickness fundsnetwork

Derived rights in tax affairs - present situation


218.621.479of exchanged

messagesLong-term illness 198.973Long-term illness 198.973

1 10 100 1000 10000 100000 1000000 10000000 100000000

Young unemployed 247.136Young unemployed 247.136

Handicapped 48.439Handicapped 48.439Migrant workers 58.842Migrant workers 58.842

Deductions on pensions 1.292.559Deductions on pensions 1.292.559

Social exemption 2.543.064Social exemption 2.543.064

Increase Reference Directory 6.505.535Increase Reference Directory 6.505.535

Unemployed persons / persons in career break 5.090.014Unemployed persons / persons in career break 5.090.014

Special contribution 7.373.277Special contribution 7.373.277Fiscal exemption 9.361.690Fiscal exemption 9.361.690Contribution certificates 12.808.975Contribution certificates 12.808.975

Database on wages and working time 66.824.952Database on wages and working time 66.824.952

DIMONA (immediate declaration of employment) 39.370.742DIMONA (immediate declaration of employment) 39.370.742

Tax reduction / exemption 5.993.504Tax reduction / exemption 5.993.504

Incapacity for work 2.370.358Incapacity for work 2.370.358

National Register / Crossroads Bank Register 53.944.809National Register / Crossroads Bank Register 53.944.809

SIS / SAM cards 847.116SIS / SAM cards 847.116

Guaranteed income 68.219Guaranteed income 68.219Self-employed 170.587Self-employed 170.587

Preventive breast screening 1.173.464Preventive breast screening 1.173.464

Public transport pass 28.000Public transport pass 28.000Automatical pension application 5.087Automatical pension application 5.087

Nominal control cards 454.811Nominal control cards 454.811

Consultation directory of persons 1.841.326Consultation directory of persons 1.841.326

Number of exchanged messages


Some figures

14,5 million different persons known in person directory

on an average, every person is known in 5,1 sectors response time on-line messages:

question CBSS question

answer answer

93,8 % in < 1 sec99,6 % in < 2 sec 98,8 % in < 4 sec


1234567890

Social security card

nameChristian namedate of birthsexsocial security numberperiod of validity of the cardcard number

sickness fundsickness fund registration numberinsurance periodinsurance statussocial exemption status

other data to be added in the future, if useful

key 1

key 2


Social security card - example 1

Social identity card

Decryption card

CBSS

in chemistries

and hospitals

Sickness fund 3

Sickness fund 1

Sickness fund 2CIN


Social security card - example 2

ONSS

EMPLOYER

CBSS


Social security portal


Integrated service delivery

common basic services (e.g. single sign on, notification

information several categories of transactions

- transactions at the beginning or the end of employment (DIMONA)

- quarterly declaration of wages and working time- transactions when a social risk occurs- transactions in order to manage information about yourself- transactions in order to control the quality of the service

delivery process- ...


Work forceregister

Data-base

Specialwork force

register

Indivudualdocument

Studentscontract

Inspection

Employmentcontract

SimplificationSimplification

OnOn linelineconsultaticonsultationon

ONSS

Work forceregister

Transactions at beginning/end of employment


Immediate declaration of employment

can only be done electronically via- social security portal- FTP/MQSeries- interbanking network- vocal server

24/24 7/7 offers the employer a key to on-line consultation and

correction- of the database on employment- by using a electronic certificate, of the database concerning

wages and working time and other derived databases- concerning his employees and the period of employment


Quarterly declaration wages & working time

ONSS

ONP

ONVA

Employer

old age pension

holiday payCBSS

ONEM

INAMI

ONAFTS

FAT

FMP

SimplificationSimplificationActiviteit 3

Activiteit 2Activiteit 1

one electronicdeclaration


Quarterly declaration wages & working time

can only be done electronically via- social security portal- FTP/MQSeries- interbanking network

24/24 7/7 can, by using an electronic certificate

- be consulted and corrected on-line by the employer- concerning his employees and the period of employment


Electronical declaration of social risks

today: multiple collection of information by using various, complex, not co-ordinated paper forms


Electronical declaration of social risks

tomorrow- limitation of the collected information to the information not

yet available at other public services (abolition or at least significant simplification of forms)

- unique collection of information from the employer- in a standardized way across all social security institutions- possibility of electronical declaration (24/24 7/7) via

• social security portal• FTP/MQSeries• interbanking network

- uniform instructions


Time frame

operational- DIMONA and on-line consultation of work force register- declaration of temporary employment of foreign employees in

Belgium- declaration of temporary unemployment- declaration of building yards- on-line consultation of overdue payments of social security

contributions by an employer- documentation, instructions, test cases and XML-schemes

concerning transactions that will be available during the next 2 years


Time frame

end 2002- multifunctional declaration of wages and working time data- electronical declaration of beginning of part-time job- electronical declaration of accident at work- application for temporary removal from work because of

occupational disease end 2003

- electronical application for allowances in case of incapacity of work

end 2004- electronical application for unemployment benefits- electronical application in case of pre-pension scheme (early

retirement)


Network of service integrators

InternetInternet

Extranetregion or

community

Extranetregion or

community

Extranetsocial

security

Extranetsocial

security

Servicesrepository

SSI

SSI

SSI

FPS

FPS

Servicesrepository

FedMAN

FPS

R/CPS

R/CPS

Servicesrepository

PublilinkPublilink

Municipality Province

Municipality

Servicesrepository

Serviceintegrator(BCSS)

Serviceintegrator(FEDICT)

Serviceintegrator


Network of service integrators (ctd)

type of exchanged information- structured data- documents- images- multimedia- metadata- business processes

using web services



useful functions of service integrators (FEDICT, CBSS, …)- secure messaging

- business logic and work flow support

- directory of authorized users and applications• list of users and applications

• definition of authentication means and rules

• definition of authorization profiles

– which service is accessible to which type of user/application for which persons/companies in which capacities in which situation and for which periods

- directory of data subjects• which persons/companies in which capacities have personal files in which

institutions for which periods

- subscription table• which users/applications want to receive automatically which services in which

situations for which persons in which capacities



Interconnection Information Exchange

ServicesRepository

TCP/IPSMTPLDAPFTPS/MIME

XMLXSLSOAPWSDLmetadata (RDF, XTM, XMI, …)

Security (e.g. PKI)

Open standards

Services Register (~ UDDI)Agreements (~ ebXML)PoliciesVocabularia (content + metadata)



key issues- evolution of standards- collaboration with vendors- not limited to public agencies- national, European & international standards- every partner is free to implement internally in his own way:

black box philosophy


FEDICT: TANGO

Target Architecture for Networked Government Operations


Service oriented architecture

Intranet

ServiceServicess

Internet

Source: Peter Strickx - FEDICT


Service oriented architecture

Intranet

Presentation Presentation TierTier

Business TierBusiness Tier

Integration Integration TierTier

Source: Peter Strickx - FEDICT


Electronic identity card

retained functions- visual and electronic identification of the holder- electronic authentication of the holder via the technique of

the digital signature- generation of electronic signature via the technique of the

digital signature (non repudiation)- proof of characteristics of the holder via the technique of the

digital signature on the initiative of the holder- only identification data storage- no electronic purse- no biometry


Electronic identity card: content

visual- identification data: name, first names, sex, date and place of birth- National Register number- photograph- card number- validity period

electronic- serial number (sn)- National Register number (nrn)- card number (cn)- visual identification data + sn + nrn + cn (signed by National

Register = sig1)- address + sig1 (signed by National Register = sig2)- photograph + sig1 (signed by National Register = sig3)


Organization model

government chooses card producer and certification authority issuing the identity certificates as a result of a public call for tenders

the municipality calls the holder for the issuing of the electronic identity card

the municipality acts as registration authority for 2 certificates: authentication and electronic signature

2 key pairs are generated within the card at production time and the private keys are stored within the chip of the card


Organization model (ctd)

the 2 certificates are created by the certification authority, but published only when the holder agrees

the use of the private keys within the chip needs an activation of the card by a municipal official using his PUK2 and the PUK1 sent to the holder

first authentication within one session (first private key) and every generation of an electronic signature (second private key) requires the PIN code of the holder

the second private keys and the identity certificate on the electronic identity card can be used to generate an electronic signature within the scope of E-government applications which require such a signature


Organization model (ctd)

the electronic identity card contains the necessary space to store other private keys associated to attribute certificates that holder can obtain at the certification authority of his choice


Organization model

CM/CP/CI

VRKVRK

BullBull

CA

CA

ERA

Matti

Meikäläinen

PIN &

PUK

1-code

1

102

3

6

7

9

5

4

8


No storage of electronic data on the card

why not ?- preventing perception of the card as a big brother- preventing loss of data, when the card is lost- preventing frequent updates of the card

stimulation of the controlled access to data over networks, using the card as an access tool, rather than storage of data on the card

thus, no integration of SIS-card and electronic identity card


Technical characteristics

security policy conform to the BelPIC document secure infrastructure between National Register and service

providers smart card

- support• format ID-1 (ISO 7816-1)• rainbowprint• fluorescent marks (UV)• an other substrat for impression• printing in OVI• micro-letter• kinegram• photograph

• card number


Technical characteristics (ctd)

smart card (ctd)- chip: ISO 7816-2 to 9 (format, command) and PKCS#15

(structure file and identifier)- protocol : T=0- functions: PKCS#11 & ISO 7816-4-8-9- certificates: X.509 V3- concrete implementation: proposal of JavaCard

SLE66CX322P - 32KB

identity certificate status validation: OCSP


Unique identification keys

citizens- generalization of the use of the social security number

(national register number or CBSS-number)- (electronically) readable from the electronic identity card- controlled access to basic identification data in National

Register and CBSS

companies- unique company number (based on VAT-number)- unique number for every plant of business- generalized access to basic identification data in Company

Register

regulation on data interconnection


Portal sites: actual situation





customers•citizens•companies

suppliers

partners

employeesintermediaries

PORTAL A•single sign on•personalization•user groups•multi-channel•aggregation

back-endsystems, e.g.•ERP•groupware•DB’s•applications

businessintelligence

contentmanagement

directory

PORTAL B•single sign on•personalization•user groups•multi-channel•aggregation


contentmanagement


directory


Portal sites (ctd)

need to strike the right balance between roles in delivering e-government services: not a single, but many one-stop shops (public and private)

Government ASP’s

Leading portals

Local service providers

Banks

Associations

…

Government own portals

Government-hosted community sites

Content and Services

Public Private

Private

Public

Channel PPP

Source: Andrea Di Maio - Gartner


Portal sites (ctd)

public institutions need to concentrate on core activities, such as- information

• modular• up to date• information blocks concerning public services• with standardized metadata• based on standardized thesauri• in generally accessible content management systems• with separation between content and metadata (reuse, don’t rewrite)• that can be submitted to automatical re-indexation

- transactions• applications that can be easily integrated in private or public portal sites


Portal sites (ctd)

public portals should have added value- integration of services

• information• work flow based on life events of the customers• integration with work flow of customers

- coordinated basic services for own customers• single sign on• ticketing• logging• notification service• …


Portal sites: to be situation

customers•citizens•companies

suppliers

partners

employeesintermediaries

PORTAL B•single sign on•personalization•user groups•multi-channel•aggregation


contentmanagement


PORTAL A•single sign on•personalization•user groups•multi-channel•aggregation



contentmanagement

directory directory


Portal sites (ctd)

other key issues- multidimensionality: accessibility of same services through

different « views »- multi channel enabling- citizen/company relation management

• integrated service delivery, across all used channels• personalization of service delivery

– first step: personalized home page for every company on social security portal

• evolution to push system• quality control• feedback mechanisms for permanent improvement of service delivery

- contact center


Critical success factors

E-government as a structural reform process- process re-engineering within and across public institutions

- back-office integration for automatic granting of services

- integrated and personalized front-office service delivery support of and access to policymakers at the highest level co-operation between all actors concerned based on repartition

of tasks rather than centralization of tasks quick wins combined with long term vision focus on more efficient and effective service delivery rather than

on the fight against fraud respect for legal repartition of competences between actors legal framework creation of an institution that stimulates and co-ordinates


Most important barriers

privacy and security average public sector project is more complex than

average private sector project, due to- interaction with a larger number of stakeholders (elected

officials, public employees, members of interest groups, voters, tax payers, recipients of public services, other governmental institutions, other government levels, …)

- execution in a less stable environment

complexity of BPR in a government environment race for quick wins (cf surveymania) doesn’t stimulate

development of well conceived systems based on re-engineering



public sector tends, perhaps for reason of prestige, to favour tailor-made, high-risk, state-of-the-art solutions even when alternative, off-the-shelf, cheap, tried and tested systems are available

in the public sector, there is typically no financial margin of value to be added by innovation

intermediaries often perceive e-government as a threat

skills and knowledge



need for radical cultural change within government, e.g.- from hierarchy to participation and team work- meeting the needs of the customer, not the government- empowering rather than serving- rewarding entrepreneurship within government- ex post evaluation on output, not ex ante control of every

input


More info

Crossroads Bank for Social Securitywww.ksz.fgov.be

FEDICTwww.fedict.be

portal sites- federal portal: www.belgium.be- social security portal: www.socialsecurity.be



http://www.fedict.be/

http://www.fedict.be/

http://www.belgium.be/








Th@nk you !

Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)

Documents

E-government: from hype to reality