60 likes | 205 Views
Security of eGovernment. Presentation of STOA project Anders Jacobi, DBT. Project overview. Project started in 2011 The project is carried out by the ETAG consortium
E N D
Security of eGovernment Presentation of STOA project Anders Jacobi, DBT
Project overview Project started in 2011 • The project is carried out by the ETAG consortium • The aim is to address the security challenges related to EU level eGovernment services and produce a set of policy options for securing future eGovernment systems Knowledge building phase in 2012 • September 2012, case study report, 175 pages Expert-stakeholder debate on challenges 2013 • Conference on February 19th 2013 • March 2013, conference report and policy brief • June 2013, final report with policy options assessment
Knowledge Building • Case studies of three eGovernment application areas: eProcurement, eHealth and ePassport • Pointing out the most important challenges in each of the three areas • Based on challenges derived from the case studies the report points out the most important overarching policy challenges for establishing secure eGovernment systems • Frame them in a life-cycle perspective
Conclusions Most important conclusions: • Need for common security baselineA common European security baseline should be established to ensure a minimum level of security in all EU eGovernment services • Actors must have more control over their dataTo ensure privacy for all actors (citizens, business and other actors) by giving them control over their own data • Take a life-cycle perspectiveConsider security of eGovernment systems in a life-cycle perspective to make the right decisions
Challenges in life-cycle perspective Most important challenges in a life-cycle perspective • Decisions phaseMismatch between political ambition and realistic possibilities, insufficient knowledgebase – Definition of the purpose • Design phaseSecurity and privacy by design, proportionality, technical solutions and social design – Rules of design phase • Operational phaseTransparency, user competences, resistance in security level – Standard of training and certification of personnel • DecommissioningDeleting data, maintaining security level when merging systems – Considering decommissioning already in the decision phase
Policy options for the future How can MEPs react to the challenges of establishing secure eGovernment services? What are the policy options of the future? Can we use the life-cycle perspective to highlight the important dilemmas and decisions?