Electronic identity management for eGovernment
Conceptual framework and objectives
Frank RobbenGeneral manager Crossroads Bank for Social SecurityStrategic advisor Federal Public Service for ICTSint-Pieterssteenweg 375B-1040 BrusselsE-mail: [email protected]: http://www.law.kuleuven.ac.be/icri/frobben
Common conceptual framework
entity: a physical or legal person identity: a unique number or a set of attributes
of an entity that allows to know precisely who the entity is; an entity has only one identity
characteristic: a characteristic of an entity, other than an attribute determining its identity, such as a capacity, a function, a professional qualification, ...; an entity can have several characteristics
mandate: a right granted by an identified entity to another identified entity to perform well- defined legal actions in her name and for her account
Common conceptual framework
authentication: the process of checking whether what is being pretended, is true; authentication can relate to identity or to a characteristic; authentication can be done based on the verification of knowledge (e.g. a password), of possession (e.g. an electronic card), of biometrical characteristics or on a combination of those
authorization: a permission to an entity to perform a defined action or to use a defined service
role: a list of authorizations related to an application
profile: a list of roles
Objectives to be reached
be able to electronically identify a physical or legal person know the relevant characteristics of a physical or
legal person know that an entity has been mandated by
another entity to perform a legal action in a sufficiently certain and secure way in as much relations as possible (C2C, C2B,
C2G, B2B, B2G, …) using open interoperability standards
Some issues to be dealt with
the means by which a physical or legal person can be identified within each country and across countries
the way identity management and characteristics management are well separated in order to guarantee the multifunctional use of identity authentication means
the quality insurance criteria for the registration procedures that are used to verify the identity, a characteristic or a mandate before linking it to authentication means
the quality insurance criteria for authentication means and their use
Some issues to be dealt with
the criteria to securely exchange identity, characteristics, mandate and authentication data in an electronic way between information systems
an organizational, functional and technical interoperability framework to exchange identity, characteristics, mandate and authentication data based on open standards
the necessary legal framework for identity, characteristics and mandate management and the implications on existing law (e.g. directives on privacy protection and electronic signatures)
Proposed method
to work out a common conceptual framework, a common vision and common basic principles
to translate these principles in common, measurable objectives
to ask every Member State to develop an action plan to achieve these objectives
to elaborate an architecture and guidebooks to implement the principles
to create a forum for the exchange of best practices