170 likes | 294 Views
Synthesis of the Eurosmart’ Technical Day on eID interoperability Bruno Rouchouze, ID SG Convenor Porvoo 12, Grosseto - Italy. Eurosmart in brief. Eurosmart is an international non-profit association founded in 1995 and located in Brussels.
E N D
Synthesis of the Eurosmart’ Technical Day on eID interoperability Bruno Rouchouze, ID SG Convenor Porvoo 12, Grosseto - Italy
Eurosmart in brief • Eurosmart is an international non-profit association founded in 1995 and located in Brussels. • Eurosmart represents 25 companies of the smart security industry for multi-sectors applications and includes : manufacturers of smart cards, semiconductors, terminals, equipment for smart cards system integrators, application developers and issuers. • Eurosmart member companies represent 75% of the worldwide shipment of cards
From Smart Cards to Smart Secure Devices Eurosmart is acknowledged as the “Voice of the Smart Security Industry” • Security is the core of the smart security industry activities • The role of Eurosmart is to make sure that security is well positioned and valued
The Smart & Secure World in 2020a Vision Paper by Eurosmart • Reflection of a representative panel of experts • Present the future applications and market trends in 13 years • Explain the characteristics of the smart security technology family to the general public Smart Secure Devices will help our lives become easier, safer and more enjoyable, while protecting our privacy
Before 2020…i2010! • The i2010 Initiative: A European society for Growth and Employment - Adopted by the EC (June 05) • The eGovernment Ministerial Declaration – Manchester (Nov. 05) • The i2010 eGovernment Action Plan • Aligning its objectives with the Manchester Declaration • Adopted by the Council (June 06) • Ministerial Declaration approved unanimously in Lisbon (Sept. 07) • 4 priorities: • Cross-border interoperability • Reduction of administrative burdens • Inclusive eGovernment • Transparency & democratic engagement
Current Landscape Europe Countries with no ID cards New gen Deployed/launched Not launched Chipless/ cardID1 high end
eID Large Scale Pilot – 2007/2010 • A European Commission initiative for European Members States • Objective: Have a full interoperability between 6 MS for eID for eGovernment pan-european services • Should be based on Standards & Open technologies • Eurosmartwants to share its expertise and its know-how
Targets of EU eID EU eID • Increase the quality and accessibility of public services • Improve security for government services security, ID documents, and enrolment process • European Citizen Card (ECC) is the key to the virtual town hall*. • Harmonized data- and security architecture in the EU-area. • Pick out services with clear added-values to Citizens & Governments • Cost reduction in administration * The Data is running around, not the citizen
On-Line Services EURODAC Government to Government: SIS, VIS G2G • Regulated Information • Tax on input • Certificates of exports • Public tender Government • Regulated Services • Tax computation • Registration • eVoting Government to Business Government to Citizen G2B G2C Citizen Enterprise Business to Customer B2C • On-Line Trading • Internet Market • Internet Auction
The four pillar approach Private Local Government • Local income tax • Education • Social Services • Access to amenities • Physical and logical ID for 3rd party uses • Authentication on-line • Financial transactions • Legal transactions • Company ID National EU-Wide • Access to voting systems • Tax services for self employed • Authentication for health services • Authentication for social services • Cross border services • Support of travel and health documents • Authentication of entitlement to services
ECC Interopeability Framework • First European Standardized solution for e-Government • Based on Open Interfaces enabling different implementations • The mechanisms are under adoption by ISO • Compatible with different e-ID Management Systems • Preserves the investments by providing a migration path • Stress is put on Privacy and Accessibility features • Framework proposed for electronic Health Insurance Card • Proof of the concept validated by Onom@Topic Project
eID Interoperability using the ECC • The interoperability is achieved with 4 keys features • A common set of card commands and data structures specified in the ECC part 2 and ISO 8716 compliant • A core of IAS protocols and algorithms from prEN 14890 with specific provisions for privacy • A middleware based on Open Interfaces which makes any ECC look the same for the external applications • The definition of ECC profiles: eGovernment card, National ID Card, Traveling ICAO defined in part 4
Pan-European security only achievable if all eID implementations are equally strong I bought a new lock… SAFE It’s the most secure in the world • Cyber criminals & terrorists will attack the weakest link in the European defense chain • Member states should evaluate and compare security levels of all national implementations • eID should be evaluated by independent expert labs with international recognition • Common Criteria must be used
Conclusions for 2007 (1) • Combination of interoperability & security mixed with Privacy is the European goal for cross border services on eID • Technical interoperability needs international accepted and proofed standards • Standards & Products exist for a full secured interoperability • CEN ECC & ISO/IEC 24727 need only additional 8 months for its completeness • Countries with the vision of upcoming eGov services should follow the three standards for IAS ( CEN TC 224 WG16), eID cards and for Middleware ( both CEN TC 224 WG 15) • The solution for European interoperability and an important step for a worldwide interoperability • by following international standards, governments can reduce time to market, financial efforts and technical risks at the national level
Conclusions for 2007 (2) • National and European approaches can and must mixed • Countries with running projects and issued government service cards can follow the Middleware- Standards CEN European Citizen Standard part 3 based on ISO/IEC 24727 as transition vehicle for interoperability in the EU • The proposed Eurosmart’ approach is: • Compatible with already deployed solutions and with coming ones • In line with the objectives of Manchester (2005) and Lisbon (2007) declarations
An unique scheme for all European eID requirementsbased on CEN & ISO Standards eDriving License eHealth eID eGovernment eVehicle Registration ECC - 3 ECC - 3 National Middleware ISO 27727 ISO 24727 ECC - 3 ISO 24727 National Middleware ECC - 3
Thank you for your attention www.eurosmart.com bruno.rouchouze@gemalto.com