1 / 16

Venue: Barcelona Author: Professor D. Polemi

SWEB at a Glance 2007-2010 http://www.sweb-project.org/. Venue: Barcelona Author: Professor D. Polemi Organisations: University of Piraeus, Research Center Date: 3/3/08. Introduction SWEB Objectives Consortium/Roles Technical-Research Aspects Lessons Learned.

arty
Download Presentation

Venue: Barcelona Author: Professor D. Polemi

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SWEB at a Glance 2007-2010 http://www.sweb-project.org/ Venue: Barcelona Author: Professor D. Polemi Organisations: University of Piraeus, Research Center Date: 3/3/08

  2. Introduction SWEB Objectives Consortium/Roles Technical-Research Aspects Lessons Learned Topics

  3. Introduction • National Strategy for Information Society Development • Progress towards e-government • Mobile Penetration • Legal infrastructure

  4. Small –Medium sized governmental organizations (SMGOs) • cover a geographic area serving several thousand citizens and may be located in rural or isolated areas. • cover a geographic area serving approximately up to 500.000 citizens and are normally located in urban or metropolitan areas. • Interact frequently with citizens and/or businesses, to offer paper based and electronic services utilizing a limited number of available resources (employees and funds). • Interact with each other, in local or cross-border transactions with metropolitan areas.

  5. Challenges for the SMGOs • Interoperability • Security-Identity management • Mobility • User friendliness-accessibility • Cross-border interconnection • Scalability and extensibility • Self recovery • Limited Connectivity/Processing Capabilities of mobile user • Compliance with Legal, ethical and Policy frameworks • Social (multilingualism, inclusion, multi-channel , training, culture)

  6. SWEB overall objectives Develop the SWEB platform which is a secure, interoperable, open, affordable platform (based on eMayor experience) upon which two secure cross border e/m-government services are built: • m-Residence Certification exchange in which a public organization or individual citizens’ may exchange securely Residence Certificates documents. This service enhances the secure communication of citizens. • Electronic/Mobile Invoicing has a pivotal role in all the stages of handling Value Added Tax (VAT) for European Member States. Through e/m-invoicing, tax administrators is able to implement new tools and procedures to carry out alternative controls that are less intrusive on the trading partners. This service prevents money laundry and promotes secure investments in the region.

  7. Consortium-Roles PM: FOKUS TM: UPRC QM: MISANU SWEB-AC: ICCS

  8. Research Activities R&D Activity 1: Mobile Enterprise WSs • Schemas for the various request notification documents. These shall be optimal with respect to size and complexity in order to satisfy mobile environment performance constraints that can be used by SMGOs. • Specification of the generic form based service. • Specification of Trial scenarios mobile enterprise services as instances of the generic form based service. • The Web Service orchestration modules that will utilize SWEB platform components to carry out the Trial scenarios. • The adaptation layers that will interface the SWEB platform to the existing systems of the trial sites (based on the best practices already established in eMayor).

  9. R&D Activity 2: Mobile Web Services messaging • Collection of requirements for the design of missing functionality. • Definition of appropriate interfaces. • Extension and enhancement of existing libraries and toolkits. R&D Activity 3: Security & Cryptography for mobile Web Services • Specifications for the security and cryptography extensions of libraries and toolkits taking into account limitations of mobile devices and performance restrictions. • Programming language capabilities, mGovernment policy issues.

  10. Timestamping G New Subprocesses WS Privacy Policy OCSP / XKMS Service E SWEB upgrades A F C D B SOAP messaging

  11. Web Services security • Access Control Mechanisms Authentication & Authorization integrating XML technologies based on WS-Trust and SAML. • Security architecture for message security in mobile Web Services Develops a guideline on message security architecture and service scenarios for securing messages for mobile Web Services. • Hybrid Security Profile Integrity & Confidentiality using an optimized combination of X.509 digital certificates, digital signatures and XML key management system (XKMS). • Time-Stamping Non-Repudiation using a time-stamping token in combination with digital signatures.

  12. Policies • Signature policy • ETSI TS 102 733 Electronic signature formats • ETSI TR 102 041 Signature Policy Report • Application policy • Describes terms of use for the applications: • what they must, may and should offer • how users must, may or should interact with them • Security policy • Defines the measures that should be taken by an organization adopting the services to ensure their security • WS privacy policy • Describes non-functional attributes of the services, such as confidentiality mechanisms and authentication characteristics

  13. SWEB SWEB SWEB SWEB SWEB MoStariGrad MoSiena APV MoTirana City of Scopie Prozone DunavNet Trial Activities TIPS/ANB MFC Internet MoSiena/FOKUS T&P Cons

  14. State of the art on secure Web services for e/m-Gov. SWEB Visionary Outcomes EU, Public Sector, Standardisation Bodies Investors, Venture Capitals SWEB Guidelines SWEB Platform Dissemination / exploitation reports SWEB Services Requirements . for secure m-Gov SWEB-AC, stakeholders Municipalities, Cities, SMGOs

  15. Lessons Learned • Create, Handle, Send & Receive m-documents overcoming mobile devices’ limitations and constrains • Create advance cryptography features in mobile devices • Build communication channels with various enterprise systems (e.g. XKMS, TSA, STS) • Build advance mobile applications in both development environments (.Net & Java) • Build advance authentication & authorization solutions based on SAML assertions with the use of an STS server • Provide future electronic and mobile governmental services based on European Standards and Frameworks, with the use of one, secure and interoperable platform • Good software engineering principles are needed • Mobile Security is still problematic • Luck of methodologies for building complex, scalable, extensible, auditable e-government platforms

  16. Thank you http://www.sweb-project.org/ dpolemi@unipi.gr www.thalis.cs.unipi.gr/~dpolemi

More Related