1 / 21

ISA programme: Secure- related initiatives Miguel Alvarez Rodríguez

ISA programme: Secure- related initiatives Miguel Alvarez Rodríguez. The ISA programme. Interoperability Solutions for Public Administrations Objectives. Flexible and interlinked. European public administrations. Efficient.

basil
Download Presentation

ISA programme: Secure- related initiatives Miguel Alvarez Rodríguez

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ISA programme: Secure-related initiatives Miguel Alvarez Rodríguez

  2. The ISA programme Interoperability Solutions for Public Administrations Objectives Flexible andinterlinked European publicadministrations Efficient … and effective electronic cross-border and cross-sectorinteraction between European public administrations. … share and re-use existing successful or newInteroperability solutions, common services and generic tools. …IT systems allow smooth implementation of Community policies and activities. 2

  3. Key enablers for secure eGOV services: Cluster of eID-related actions and toolsforeSigning Securetelecommunicationnetwork: sTESTA eTrustEx: Secureexchange of DOCs Actions. Quick overview

  4. STORK, the LSP on eID came to an end in 2011. The project implemented and deployed in various MS a federated platform based on common specification and assurance model. Aimed to the provision of electronic identification services related to citizen´s accessing to eGovernment applications in cross-borders set-ups. ISA programmewasappointedforthesustainability of STORK´sresults in the short/ medium-term. 1. Action 1.5 STORK´ssustainability

  5. 1. STORK Sustainability. • Continuous maintenance and upgrade of STORK reference components (PEPS and VIDP modules) to the most common operating environments. • Update of the technical specs (SAML profile and QAA model) according to upcoming needs.

  6. 1. STORK Sustainability. Top Reasons to use STORK: • Easy-to-deploy solution for the provision and consumption of secure identity services of national and foreign citizens. • Access to a Reference interoperability technical solution for the mutual recognition of eID at European level. • It can be used as a service or as tool: Flexible interoperable solution that can handle any type of electronic identities and assurance levels. • Solution maintained and supported by the EC and many MS.

  7. Theproblem MS officialsandcivilservantsfrom all over Europe needtoaccess EC corporateapplications UseofECAS credentialssince national eIDsare not recognisedbythe EC applications. A firstproof of concept demonstrating the integration of ECAS with STORK project was funded by IDABC programme and executed in 2011. Thecurrent situation ECAS-STORK integrationalready in productionmode In use already by CIRCABC and the eJustice Portal 2. ECAS-STORK integration

  8. Beneficiaries and anticipatedbenefits European Institutions and Agencies will benefit from ECAS integration with STORK with a minimal impact, by accepting higher assurance eID mechanisms from the MS and by increasing the trust and confidence on the user's identities For MS's public administrations, consistency is increased since the same credentials are used to access both national information systems and European Commission information systems. Levels of security are aligned as well with those provided by MS. 2. ECAS-STORK integration

  9. 2. ECAS-STORK integration

  10. 3. Action 1.18: Federated Authorisation across public administrations • Objectives • Public officials should be able to log to EC applications and be granted access based on their role or position in a national administration. • Extend ECAS multi factor authentication to a federated authorisation solution • Access to EC Applications using the national model for authorisation and ECAS-STORK.

  11. 1. Context We are here now Main milestones of the ISA Action 1.18

  12. 3. Objective The picture below presents the objectives of the current phase on short and long term. • # • Future versions based on incoming requirements and lessons learnt • Integration in ECAS Production • Pilot with at least one Member State connecting to one EC Application • Get buy-in from stakeholders (Demo) At least 5 stakeholders At least one EC application At least one MS application To be decided

  13. This action supports development of a software tool DSS (Digital Signature Software) that creates and verifies legally binding electronic signatures. The tool makes use of the MS Trust Status Lists (TSLs) to check the trustworthiness of the signing certificates. Open source. Available to all MS and for any electronic procedure. 4. Action 1.9: DSS tool Reuse of tools is cost saving

  14. Thelegal basis Comitology Decision 2009/767/EC defined "Trust Lists" (TSL) as means to facilitate technical recognition of qualified electronic certificates cross-border. Under that Decision each Member States has to establish, maintain and publish in a secure way a trust list of certification service providers issuing qualified certificates to the public Decision 2011/ 130/ EC establishes minimum technical requirements for the interoperable cross-border processing of documents signed electronically by competent authorities under Directive 2006/123/EC 4. DSS: TSL & eSignature creation/ verification tools

  15. 4. DSS tool: Technical features • Framework • Realised in Java • Open Source under LGPL • Main goals • Signature creation • Signature validation • Validation report according to validation policy ETSI TS 102 853 • Interoperable Formats EU-wide • XAdES / PAdES / CAdES • ASiC-S • Levels • BES to LTV • Packaging • detached, enveloped, enveloping

  16. Public administrations, Tool allowing the governance of the MS trusted lists Easier setting up of secure eGovermentservices Solution to enhance trust and implement interoperable e-signatures for national & cross border completion of administrative formalities Possibility to validate electronically signed documents coming from different competent authorities For business and citizens, Higher levels of trust and confidence on electronic transactions Access to fully-fledged transactional public services, saving time 4. DSS: Beneficiaries and benefits

  17. 5. What is sTESTA? • sTESTA (secured Trans European Services for Telematics between Administrations) is a communication platform to exchange electronic data between European and Member States administrations in a secure, reliable and efficient way • Facilitate cooperation between public administrations in various policy areas. • Consolidate existing networks by providing a secure, reliable and flexible communication service layer. • Exchange both unclassified and classified information (up to "EU RESTRICTED "). • The sTESTA service platform is the continuation of the service infrastructure initiated and developed under the IDA, and IDABC programmes of the EC

  18. Goal 6. e-TrustEx • Platform to supportthe secure exchange of documents between Public Administrations at national and European level, so as to: • Reduce overall costs of digital data exchange • Enable the digitisation of business processes • Secure digital data exchange • Promote and re-use of interoperable solutions • Usable as a tool or as a service: e-TrustEx can be installed by the Public Administration or used as a service on the cloud. Open source e-TrustEx e-PRIOR CIPA e-Delivery

  19. 6. e-TrustExmain features: • Services for sending documents: • Binary files (structured and unstructured documents up to 100MB) • Groups of binary files (up to 500 documents of up to 100 MB each). • Services for retrieval of documents: • Inbox • Query • Security: • End-to-end encryption (GUI only) • End-to-end integrity (GUI only) • Point-to-Point integrity e-TrustEx e-PRIOR CIPA e-Delivery

  20. Thank You !!!

  21. SEMIC 2014 – Athens, 9 April http://semic.eu

More Related