1 / 46

Austrian e-Government and Citizen Card Initiatives

Austrian e-Government and Citizen Card Initiatives. Herbert Leitold Secure Information Technology Center – Austria (A-SIT). About myself. Working for A-SIT Confirmation body under Austrian Signature Law Notified body w.r.t. EU Electronic Signature Directive 1999/93/EC

arion
Download Presentation

Austrian e-Government and Citizen Card Initiatives

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Austrian e-Government and Citizen Card Initiatives Herbert Leitold Secure Information Technology Center – Austria (A-SIT)

  2. About myself • Working for A-SIT • Confirmation body under Austrian Signature Law • Notified body w.r.t. EU Electronic SignatureDirective 1999/93/EC • Advises public authorities in ICT security aspects • Activities include • Technology assessment activities • Electronic signatures, biometrics, IT security tools, … • Standardization • EESSI: Common Criteria Protection Profiles that support the EU Electronic Signature Directive • White Book “Austrian Citizen Card”

  3. Table of Contents @ Introduction e-Government in Europe Austrian e-Government basics Unique identification Electronic signatures & e-Gov. European dimension Austrian dimension Austrian citizen card concept Identification/Confidentiality levels Conclusions

  4. Internet penetration in the EU 50 % Source: Europ. Commission (eEurope benchmarking 2002)

  5. e-Government in Europe: Public services online 2001-2002 50 % Source: Europ. Commission (eEurope benchmarking 2002)

  6. e-Government in Europe: Internet users visiting e-Government sites 50 % Source: Europ. Commission (eEurope benchmarking 2002)

  7. e-Government in Europe: Government services online 2001 Source: Eurobarometer (eEurope benchmarking 2001)

  8. ICT-structure for e-government in Austria

  9. The starting points ... • Austrian cabinet council decision (Nov. 2000) • … to employ chip-card technology to improve citizen’s access to public services • … to supplement the planned health insurance card with electronic signature • “White book” citizen card (June 2001) • defines general requirements and strategic decisions from an authority’s perspective

  10. The administration doing it’s core business Open for the market to provide services Linked via Open Interfaces Portals, helpdesks Guiding principles … Choice of access forcitizens

  11. General structure PORTAL OPEN INTERFACE STANDARD BUILDING BLOCKS Identification Confidentiality Standard forms xml – print xml – signature e-delivery e-payment .. Knowledge Management

  12. The overall communication for e-Government

  13. Unique identification The problem of unique identification considering PKI, certificates, etc. Data protection requirements Process specific ID solution followed in Austria

  14. The “identification problem” • EU Signature Directive (1999/93/EC) defines: • considering §2(b), why is there a problem with unique identification ? • § 2. ‘advanced electronic signature’ means an electronic signature which meets the following requirements: • it is uniquely linked to the signatory; • it is capable of identifying the signatory; • it is created using means that the signatory can maintain under his sole control; and • it is linked to the data to which it relates in such a manner that any subsequent change of the data is detectable;

  15. Certification service provider (CSP) • Certificate holds • Issuer • Name of signatory (pseudonym) • Public key • Attributes • Validity period • etc. • How to avoid digital twins? High quality identification at the CSP Relying party Subscriber/signatory/signer The PKI “magic triangle”

  16. CSP The “identification problem” • High-quality identification at the CSP • personal appearance, present a photo ID • Authority’s processes require identification • certificate not sufficient • “digital twins” problem • Possible solutions • Online-access to CSP’s registration records • Government-owned PKI (has access to registration records) • Permanent/unique ID in the certificate • Alternatives ?

  17. Data protection concerns • A unique ID (central registration number CRN) is available in the Austrian central registry • based on data out of a 2001 census • central registration system launched in 2002 • CRN may not be used with official proceedings • cross-search violates data-protection rules • However, process-specific IDs may be used • e.g. a ID for tax declarations • e.g. a (different) ID for social security matters

  18. Preserving data protection

  19. Process-specific ID • Process-specific ID • derived from national central registration number • combined with a process-specific number • Cryptographic hash • prevents tracing backto registration numbers • observes data protectionrequirements • replaces UID/PWD schemes

  20. Persona-binding • A XML data structure that holds • data often used in official proceedings • Given name, family name, date of birth • the citizen’s unique ID (CRN) • and a citizen’s public key (the citizen may have several) signed by the Ministry of Interior • Ties PKI data to an “official electronic identity” • Stored with the citizen card under the citizen’s control persona-binding PKI Official registry(CRN)

  21. Directive1999/93/EC Electronic signatures and e-Government EU signature directive the European dimension Requirements for SSCDs Evaluation of components Austrian signature law Relation to the EU directive

  22. EU electronic signature directive • EU Signature Directive (1999) lays down: • EESSI developed technical standards • e.g. Common Criteria protection profiles (SSCD-PP, CMCSO-PP, ..) • EU Commission/A9C to publish reference numbers – binding for EU § 5(1) Member States shall ensure that advanced electronic signatures which are based on a qualified certificate and which are created by a secure-signature-creation device: (a) satisfy the legal requirements of a signature in relation todata in electronic form in the same manner as a handwritten signature satisfies those requirements in relation to paper-based data; and ...

  23. EU electronic signature directive (cntd.) • secure signature-creation device means a signature-creation device which meets the requirements laid down in Annex III; Annex III covers requirements for secure signature-creation devices to ensure the functionality of advanced electronic signatures; it does not cover the entire system environment in which such devices operate; … The conformity of secure signature-creation-devices with the requirements laid down in Annex III shall be determined by appropriate public or private bodies designated by Member States.

  24. Certification service provider (CSP) Qualified certificate policy Trustworthy systems Qualified certificate Signature-creation process and environment Signature-validation process and environment creation device Signature-format and syntax Relying party Subscriber/signatory/signer Electronic Signature Standards (EESSI)

  25. Certification service provider (CSP) Qualified certificate policy Trustworthy systems Qualified certificate Signature-creation process and environment Signature-validation process and environment creation device Signature-format and syntax Relying party Subscriber/signatory/signer Common Criteria Protection Profiles CMCSO-PPCMCKG-PP SSCD-PP

  26. Type 3: “both 1&2” SSCDs (3 types defined by EESSI) • Type 1: SCD generation • Type 2: SCD usage (“to sign”)

  27. Electronic Signature SVD export (public key/certificate) Document(hash value) DTBS(viewer) SCD(private key) User authentication(e.g. PIN entry) SSCD: the device getting ‘in touch’ with the private keye.g. a smart-card(1999/93/EC Annex III) SSCD – a different view

  28. FCS_COP.1/SIGNING FCS_COP.1/CORRESP FTP_ITC.1 FTP_ITC.1 FTP_TRP.1 (*) FCS_CKM.1 SFRs – a few of them FCS_CKM.1 / _CKM.4 FPT_PHP.1 / _PHP.3 FIA_AFL.2, ……. FIA_UAU.1 FMT_SMR.1 (Adm./Sign.) FDP_ACF.1

  29. EU vs. Austrian electronic signature rules • Austrian signature law (2000) requirements wrt. evaluation of technical components vary § 18(1) Technical components which allow the forgery of signed data to be reliably recognized and reliably prevent unauthorized use of signature creation data procedures shall be used […].[…](5) The technical components and procedures for generating secure signatures must be constantly and adequately verified using state-of-the-art technology. Compliance with security requirements must be certified by a confirmation body (§ 19).

  30. Austrian Citizen Card a single specific smart-card? requirements of the citizen card logical view to the card security layer / security capsule How the model is used

  31. Several smart-card initiatives … • National ID card with chip (2003) • Health insurance card“health care certificate + el. signature”(for each citizen 2004) • ATM card / bank account cardswith electronic signatures(expected for 2004) • further initiatives: • CSPs issuing qualified certificates • Austrian computer society member card • new technologies (PDAs, cell phones, WIM) • student service cards

  32. Concept “Austrian Citizen Card” • Defines general minimum requirements: • secure electronic signatures • i.e., legal equivalence to handwritten signatures, • additional key-pairs • ‘general signatures’, encryption • info-boxes to store data • persona binding, certificates, power of attorney • access control to info-boxes • DH key exchange • session key certificates

  33. Some definitions … • Security Capsule:Combination of the security-relevant components wrt. electronic signatures • clear responsibility / liability (signature law) • Security Layer:An interface that provides a logical view to the security capsule

  34. Hashfunction add. memory Security Layer vs.Security Capsule Application Security-Layer PIN pad trustw. viewer Security Capsule card-interface (e.g. PKCS#11)

  35. Security-Layer Security Capsule Elements of the Austrian Citizen Card

  36. Request Response Security Capsule Security Layer Protocol • Simple request/response scheme • Application sends request • Security Capsule responds • Result or • Error code • Protocol elements encoded in XML • Transport layer bindings • TCP/IP, SSL/TLS (socket communication) • HTTP/HTTPS (capsule acts as simple Webserver)

  37. Application submit form

  38. Application return result

  39. Using the concept for payment

  40. Identification / Confidentiality levels e-Government processes have different requirements wrt. identification or confidentiality Three Security levels Replacing UID/PWD

  41. SSL/TLS Security Level Ino specific requirements Browser Server Based on “conventional” SSL/TLS

  42. SSL/TLS 1 2 SCT: • time • URL 3 Authentic.Block: • time • URL • ID Security Level IIusual G2C services Browser Server active component

  43. Security Level IIIspecific confidentiality requirements Browser Server bind the SSL/TLScertificatesto citizen card SSL/TLS activecomponent

  44. Current State • Security Layer • Demonstrator implemented in JAVA • Used by developers • “golden device” for developing security capsules • to test e-Government applications in early stages • Some e-Government applications • Applications to social insurance (operational) • Registration of a business in Vienna (operational) • Petitions to federal ministries (end 2002) • Penal records (Q1 2003) • Tax declarations online (Q1 2003)

  45. e-Austria Conclusions Security capsule / layer provide a technology-neutral interface to the Austrian citizen card Electronic signatures are a central element Concept is the basis of Austrian e-Government initiatives

  46. Thank you foryour attention ! Herbert.Leitold@a-sit.at

More Related