e-identities and trust services½užek-… · access the web page, cheks if the website is really...
TRANSCRIPT
Operation is co-financed
by Republic of Slovenia and European Union
from European Regional Development Fund
SI-TRUST SERVICES
E-IDENTITIES AND TRUST SERVICES
Dr. Alenka Žužek Nemec
Ministry of Public Administration
Today‘s many challenges for public services
e-government
e-taxes
e-pension e-education
e-healthe-municipalities
…
DIGITALby default
REUSABLEby default INCLUSIVE and ACCESSIBLE
by default
CROSS BORDERby default
SECUREby default
INTEROPERABLEby default
PRIVACYby design
OPEN by default
4
Trust and security!
6
7
E-Identities as key enablers
Misuse is in most cases related to the use of
usernames and passwords
71% accounts use common
passwords that are used for different purposes
600.000 sign ups to
Facebook is being disclosed daily
8
e-Transactions workflow
WEB AUTHENTICATION1. Access the web page, cheks if the website is reallylinked to the authority
2. Identification and authentication with eID e-IDENTITY
AUTHENTICATION
✓
9
3. e-Signing or e-sealing the application + time stamping
4. Registered e-delivery
e-DELIVERY
e-SIGNATURE
e-SEAL
TIME STAMP
e-Transactions workflow
EU Regulation on e-identification
andtrust services
eIDAS
№ 910/2014
✓
12
National supervision of trust services providers
Cross-border interoperability
Mutual recognition of qualified trust services
Trusted reliable list of qualified trust service providers
Breach notification
Notification
Interoperability
framework
13
Use your national eID cross-border
Mandatory cross-border recognition only to access
public services
14
eIDAS DOES NOT CHANGE e-identities in the member states
BUT
builds on interoperability for cross-border recognition
Two main conditions
MS decides WHEN andWHICH eID scheme
will notified for cross-border USE
1
Service providers mustbe able to offer
services that acceptnotified eID
2
NOTIFIED
UNDER„PEER-REVIEW“
Notifications
MS decides WHEN andWHICH eID scheme
will notified for cross-border USE
1
17
10 Sep 201926 Sep 2018 7 Nov 2019
Mandatory cross-border recognition only to access public services
27 Dec 2019…
MILESTONE29 September 2018
TODAY!
18
eIDAS nodesMUST be
establishes in each MS
Service providers mustbe able to offer
services that acceptnotified eID
2
19
e-IDAS node must be integrated into SP
eIDAS node
e-government
e-taxes
e-pension
e-education
e-health
e-public procurement
e-municipalities
TRUST SERVICES
DATA GATHERING
PLATFORM FOR E-SERVICES
…
Unified approach to information systems development in Slovenia
STATE CLOUD JEP
TRAY
22
Central Authentication System
Central Server Based System for e-Signature
Central System for e-Delivery*
Qualified Time-Stamping
Central building blocks for trust services: “APP store” for developers and project managers
Cross-border Node (EU)
* In preparation
e-Documents
TSAizdajanje varnih časovnih žigov
centralni
strežniški e-podpis
centralni avtentikacijski sistem
centralno vozliščeeIDAS
PEPS
centralna platforma za e-pooblaščanje
CeP Central System for e-Mandates*
24
1. Low Assurance Level
2. Substantial Assurance Level
3. High Assurance Level
e-Identities as the key element
0. Limited Assurance Level
25
IdentityFederationModules
Service Provider A Service Provider B Service Provider N
SI-CAS Architecture
Person’s credentials provided by different Identity Providers
Username/password
Certificates ofSI citizens
eIDASidentity
Certificatersof non-SIcitizens
Mobile identity
... other identities
Central Register of Population
BusinessRegister
… other data sources
SI-CAS Hub supporting different Identity Providers, Attribute Providers and Identity Assertion Providers
(OASIS SAML 2.0, OpenID, Jasig CAS, ...)
Attribute Providers
26
26
e-Signatures
27
User holds the cretential of high level of assurance, e.g.
qualified digital certificiates on the smart card, OTP device,
mobile phone
SI-CeS concept
+
Users‘ private keys are kept safely inside hardware security module (HSM)
28
AUTHENTICATION AND E-SIGNATURE SERVICE
PEPS
eIDAS node
29List of e-services integrated with SI-PASSMinistrstvo za javno upravo: • eUprava, eVEM & EUGO (SPOT), e-Javna naročila, DU-AD, KrpanMinistrstvo za finance:• MFERACMinistrstvo za kulturo:• SARK, eJR, RMSNUprava RS za pomorstvo:• STCWSlužba vlade RS za razvoj in kohezijsko politiko: • eMANacionalni inštitut za javno zdravje: • zVEMAgencija RS za javnopravne evidence in storitve• Portal AJPESLokalna samouprava: • eObčina
In the preparation• FURS (eDavki)• GURS (eProstor)• MZI (eVozovnice, Tahografi)• MIZŠ (eVŠ)• MKGP• Arhiv RS• AKTRP• AKOS• Direkcija za vode• Vrhovno sodišče• Zavod za zaposlovanje• Zavod za pokojninsko in invalidsko zavarovanje• Zavod za zdravstveno zavarovanje
30
Number of users
107.027Number of authentications
1.739.781Number of e-signatures
117.741*28.2.2019
31
E-IDENTITIES IN SLOVENIA
Number of citizens ~25% (2017)
32
Going mobile….
Everybody carries her/his mobile phone!
It is more than a phone!
Trully personal device
33
Mobile basedauthenticationand e-signature
16 April 2018
Register or associate a citizen‘smobile phone
Two-factor security:• PIN code• One-Time-Password (OTP)
SIMPLE – One phone, one PINSECURE – OTP via SMSCONVENIENT – No need for multiple password
What about the future eID?New legislation is under preparation
ZEISZ
36
37
Operation is co-financed
by Republic of Slovenia and European Union
from European Regional Development Fund
Alenka Žužek Nemec
[email protected]@gov.si
All invited, especially the service providersfrom public sector!