1 / 10

Classification of assurance levels

Classification of assurance levels. Filling in the open norm for electronic communication. Agenda. Growth of e-services Open norms in Dutch legislation Means for authentication The STORK framework Joining these together: a classification scheme for assurance levels.

indiya
Download Presentation

Classification of assurance levels

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Classification of assurance levels • Filling in the open norm for electronic communication

  2. Agenda • Growth of e-services • Open norms in Dutch legislation • Means for authentication • The STORK framework • Joining these together: a classification scheme for assurance levels

  3. Growth e-services… …development in legislation Electronic communication Act Electronic signatures Act

  4. Legislation Open norm: sufficiently reliable Electronic communication Act Communication should be sufficiently reliable Similar guarantees as in ‘paper’ communication Electronic communication does not require a higher reliability than conventional communication. Electronic signatures Act Electronic signature has the same legal status as written signature, if method used is ‘sufficiently reliable’, in view of its goal and the circumstances in which it is used.

  5. Means for authentication • Several national solutions for identification/authentication/authorisation • DigiD • DigiD Machtigen • PKI.overheid • eHerkenning • First steps towards European standaardisation of assurance levels • STORK

  6. Assurance levels STORK jan@hotmail.com High Reasonable Limited Minimal None Sufficient as in open norm Maximal

  7. Required reliability supply of e-services supply of means ?

  8. Filling in the open norm A risk approach? Government organisations are not uniqueStandard decision processes for permits, grants, taxes etc.Thus: defining ‘families of services’- requesting information- submitting an application- tax filing- accounting The mirror image of risks: criteria and interests- specific legal requirements- volition- personal data involved (Data protection Act)- individual economic interest- public interest (collective economic interest, violation of law)

  9. Filling in the open norm (2) Interests and criteria elaborated in all possible aspects that can occur in services Risk increasing and decreasing circumstances Validated and refined by real life cases of participating agencies Result: Menu (default classification of the required assurance level per category of services) Cookbook with recipies (for accounting (audits) or in case of motivated divergence) Agencies implement in their own organisation and processes

  10. Discussion What kind of approach for classification of assurance levels is used in EU-member states? Does this approach sound feasible? Possibilities for standardisation or coöperation?

More Related