Service  Layer  

Help  Layer  

Customer  Layer  

Browser  

 www.Help.gv.at  Portal  

 

MOA-­‐ID  STORK   MOCCA  STORK  

eDelivery   eSafe   HV-­‐Services  

CiDzen  

MOCCA  Server  

MOA-­‐ID  Server  

Graphics  

Internet  

Internet  

eDelivery   eSafe   HV-­‐Services  

26.05.13   1  

Proxy  AuthenDcator  eGovernment  official  Channel  InformaDon    

Help.gv.at:  Login  via  Mobile  

26.05.13   2  

eGovernment  official  Channel  InformaDon    

Customer  Layer  

myHelp  Layer  

Service  Layer  

Browser  

eDelivery   eSafe   HV-­‐Services  MOA-­‐ID  STORK   MOCCA  STORK   MOA-­‐ID  STORK   MOCCA  STORK  

CerDficate  &  Private  Key  

in  accordance  to  §35  ZustG  in  Austria  

CiDzen  

MOCCA  Server  

MOA-­‐ID  Server  

Graphics  

eDelivery,  eSave,  HV-­‐Services  �  CerDficate    GeneraDon  (pkcs12  Container)  �  [RegistraDon/Re-­‐entry  (a^er  First  RegistraDon)]  opDonal  

CerDficate  Private  Key  

1  2  

CerDficate  GeneraDon  

Internet  

Internet  

1  

2  

26.05.13   3  

 www.myHelp.gv.at  Portal  

 

MOA-­‐ID  STORK   MOCCA  STORK  

eSafe   HV-­‐Services  

CerDficate  &    Private  Key  

1  

eDelivery  

2  1  

BRZ  eDelivery  Service:  Create  CerDficate  

26.05.13   4  

BRZ  eDelivery  Service:  pkcs12  Container  saved    

26.05.13   5  

Help.gv.at:  Connect  to  BRZ  eDelivery  Service  

26.05.13   6  

BRZ  eDelivery  Service  

Service  Domain  myHelp  Domain    

Private  User  Domain  

Domain  Model:  Login  Request  

26.05.13   7  

CiDzen‘s  Client   Proxy  AuthenDcator  (Client  Proxy)  

myHelp.gv.at  

Key  Share  

Holder  1  

BRZ  login  page,  …  

eDelivery  Service  

meinBrief  login  page,  …  

eDelivery  Service  

Post  Server  login  page,  …  

eDelivery  Service  

Key  Share  

Holder  n  

1. URL  2. request  login  

shared  Key  n  shared  Key  1  

shared  Key      request  

shared      Key  1-­‐n  

BRZ  eDelivery  Service:  Upload  pkcs12  Container  

26.05.13   8  

BRZ  eDelivery  Service:  Show  Inbox  (2  Objects)  

26.05.13   9  

Sequence  Diagram  Data  Access  CiDzen   myHelp   ProxyAuthenDcator   KeySharholder  1   KeySharholder  n   Database   meinBrief  

getData  

validaDon  <  <  

<  <  

getData  

getSharedKeyPart  1  

getSharedKeyPart  n  

validaDon  

<   reconstructSharedKey  <  

loadPrivateKey  +  CerDficate  

<   decryptPrivateKey  +  CerDficate    <   connect  

Post  Server  

BRZ  eDeliveryService  

26.05.13   10  

Components  for  secure  saving  of  the    eDelivery  CerDficates  in  myHelp.gv.at  

Key  Upload  Policy  Server  

LDAP  

MeinBrief  eDelivery  Service  

load  

access  Data  

Key1  Access  (eDelivery  

Correspondence)  

myHelp.gv.at  

load  CerDficate  +  Policy  Key  

Site  Minder  (AuthenDcaDon)  

store  CerDficate  

+  Policy  Key  

store  

get  Key2+Key3  

Key3  

upload  CerDficate  +  Private    Key  

MySQL  

Post  Server  eDelivery  Service  

BRZ  eDelivery  Service  

Key2  

based  on

 (bPK

+Key2+Ke

y3)  

26.05.13   11