CEF eDelivery Digital Service Infrastructure

Slides:



Advertisements
Similar presentations
1 Proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market (COM( final) {SWD(2012)
Advertisements

e-TrustEx e-PRIOR CIPA e-Delivery
PEPPOL is owned by OpenPEPPOL AISBL OpenPEPPOL – Making Procurement Better André Hoddevik Head of e-procurement unit, Agency for Public Management.
Proposal for CEF telecommunications guidelines e-Procurement and e-Invoicing in the EU Jean-Francois Junger DG CONNECT Public Sector.
How eID and eSignatures work in a cross-border setting Wendy Carrara SPOCS Deputy Programme Director eID workshop Reaping the benefits of eID in different.
Current trends and perspectives on e-Services for Public Services in Europe European Network Technical Seminar on Efficient e-Services in social security.
The European Activities of BR Communication e-CODEX e-Justice Communication via Online Data Exchange Bucharest, June 14 th 2013.
Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.
CEF Building Blocks Joao RODRIGUES FRADE
S.1 Using a Global Validation Service to Unite Communities Jon Shamah EMEA Head of Sales, BBS eSecurity.
Workshop on registered electronic mail policies and implementations (ETT 57074) Ankara, –
PenalNet Secure e-communications in Criminal Law Practice Antonio Ruiz-Giménez de Aguilar, CEO of PenalNet.
Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.
E-SENS Electronic Simple European Networked Services Moving services forward Dr. Cagatay KARABAT National Coordinator of e-SENS.
Cross-border Empowerment of Next Generation Access National Networks MINISTRY OF TRANSPORT, INFORMATION TECHNOLOGY AND COMMUNICATIONS REPUBLIC OF BULGARIA.
E-TrustEx | CIPA Reuse across e-Government services 17 April2012 Joao Rodrigues Frade.
The new EU legal framework for e-procurement: Expectations and Prospects Conference ‘E-procurement and Public Spending: Status, Opportunities and Prospects’
Connecting Europe Facility: Digital Service Infrastructures How Europe's Public Services get connected Sofia, 20 September 2012 Dr Mechthild Rohen Head.
E-SENS Electronic Simple European Networked Services WP2 kick off Berlin, Germany Apr 10th 2013.
European Commission 1 ASEAN Connectivity Coordinating Committee Brussels, 24 February 2014 Eddy Hartog Head of Unit "International" Directorate General.
PEPPOL is owned by OpenPEPPOL AISBL Pan-European Public Procurement Online (PEPPOL) André Hoddevik Agency for Public Management and eGovernment.
SGCC 6.1 Kick-off Project Setup. Introduction Tour de Table –Who’s who –Attendance list, s Scope of CC 6.1.
PEPPOL is an EU co-funded project CIP-ICT PSP-2007 No PEPPOL Business requiremernts Jostein Frømyr Transport Infrastructure Agreement.
The German eID and eIDAS
eIDAS: current state of play and the Luxembourgish approach
JASPERS for CEF Stéphane OUAKI Head Of Unit
Self-assessment tool DIGIT Directorate-General for Informatics DG CONNECT Directorate-General for Communications Networks, Content and Technology eDelivery.
Strategy and experience of Spain in interoperability for eGovernment.
19-20 October 2010 IT Directors’ Group meeting 1 Item 6 of the agenda ISA programme Pascal JACQUES Unit B2 - Methodology/Research Local Informatics Security.
PEPPOL is an EU co-funded project CIP-ICT PSP-2007 No OpenPEPPOL Transport Infrastructure Rome Sven Rasmusen Danish Agency.
# # 0089CB # 00283C HEXRGB # COLOUR PALETTE TEXT COLOUR HEXRGB # FFFFFF 255 # # BFBFBF.
Digitizing European GovServices Accelerating European digitization with e-SENS , The Hague.
E-CODEX: the new frontiers of integration among e-Justice platforms Giampiero Lupo Research Institute on Judicial Systems (IRSIG-CNR) National Research.
Stork is an EU co-funded project INFSO-ICT-PSP STORK PRESENTATION Frank LEYMAN Manager International Relations 04/06/2009.
Implementing eProcurement with PEPPOL Tim McGrath, Deputy WPM WP8 Malmö, February 9 th 2010.
The CEF Telecom calls & evaluation process. Call information 2.
2 PSD2- C HALLENGES AND OPPORTUNITIES Pascale-Marie BRIEN– Senior Policy Adviser.
Digital Single Market Valentinas KVIETKUS Baltic Assembly, Ryga
A policy framework for an open and trusted Internet
CEF Building Blocks status update CONNECTING EUROPEAN CHAMBERS
SPOCS : Simple Procedures Online for Crossborder Services
Introduction to Connecting Europe Facility
Enhancing maritime domain awareness and responsiveness in Europe
Why eIDAS? eID under eIDAS compliance
Choosing the Discovery Model Martin Forsberg
Kara Baptista – Evaluation Manager, CEF Telecom - INEA
Introduction to Connecting Europe Facility
EDelivery Tutorial How can CEF help you set-up your eDelivery infrastructure? November 2016.
TRACES Trade Control and Expert System Electronic sanitary certificates using qualified electronic signature Brussels 15th September 2016.
Accelerating the digital transformation of government
E-Commerce for Developing Countries (EC-DC)
CEF eID SMO The use of eID in eHealth
eDelivery Infrastructure day
CEF eInvoicing Stakeholder Day 2016 Brussels, 1 December
Live Webinar: "CEF eDelivery - What's In It For You?"
 What is the strategy to consistently implement eDelivery in the Norwegian Public Sector? André Hoddevik Head of e-procurement unit, Department for public.
CEF eDelivery PEPPOL AS2 to AS4 migration info session
Dashboard eHealth services: actual mockup
Connecting Europe Facility eSignature
15 November 2016 Introduction to Connecting Europe Facility DIGIT
Innovation in Healthcare across the EU WhiteRoseBrussels
EC (DG SANTE) The eHealth DSI
Choosing the Security Model:
OpenPEPPOL-CEF AS2 to AS4 migration info session
e-Invoicing – e-Ordering 20/11/2008
Website authentication E-registered delivery
Juan Gonzalez eGovernment & CIP operations
Support for syntaxes (UBL and UN/CEFACT) Nicosia October 30, 2017
European Commission - DIGIT
Presentation transcript:

CEF eDelivery Digital Service Infrastructure eInvoicing day CEF eDelivery Digital Service Infrastructure 01 December 2016 João Rodrigues Frade, DIGIT B4

1 2 3 Agenda Introduction to eDelivery eDelivery and eIDAS ERDS in practice 3 PEPPOL and CEF eDelivery Convergence Process

Introduction to eDelivery 1 Introduction to eDelivery

What happened before eDelivery Stakeholder Days 28/10/2016 TODAY eDelivery Stakeholder Days 28/10/2016 Webinar - How can CEF help you set-up your eDelivery infrastructure? 12/09/2016 Webinar - Electronic Registered Delivery Service (ERDS) and the eIDAS Regulation 26/07/16 CEF eDelivery - What's In It For You 26/05/16 Information session on AS4 Profile 25/05/16 eDelivery Extended Expert Group 19/05/16 CEF Digital Presents at the AMA More information on CEF Digital Event Calendar

What is eDelivery? PARTY PARTY eDelivery is a domain neutral message exchange infrastructure Justice Claims Reports eHealth PARTY PARTY PARTY Procurement Invoices Orders … Decisions Orders of Payment Patient Summaries PARTY Complaints Consumer Protection eDelivery enables the exchange of electronic data and documents among public administrations, businesses and citizens in a secure, reliable and trusted way

A message exchange infrastructure is PARTY A message exchange infrastructure is PARTY A combination of a message exchange model, discovery model and security model on top of the internet, or of a private network, to exchange structured or unstructured information wrapped in a messaging envelope. Data Exchange Agreements Payload (structured/unstructured) Message Exchange model Topology Messaging protocol Integration approach (Participant) Discovery model Static vs. Dynamic Security Model Trust Circle Security Controls Network (public/private) PARTY Scope of CEF eDelivery PARTY PARTY PARTY

The example of OpenPEPPOL PARTY The example of OpenPEPPOL PARTY Data Exchange Agreements PEPPOL Transport Infrastructure Agreements (legal framework) Payload PEPPOL Business Interoperability Specifications (document specifications) Message Exchange model 4-corner model (>100 APs) PEPPOL AS2 profile Service Providers (Participant) Discovery model Dynamic discovery with a central SML and over 50 SMPs Security Model PKI-based security Network Internet The Pan-European Public Procurement Online, the LSP of eProcurement, now transferred to the non-profit international association OpenPEPPOL. The purpose of OpenPEPPOL is to enable European businesses to easily deal electronically with any European public sector buyers in their procurement processes, thereby increasing opportunities for greater competition for government contracts and providing better value for tax payers’ money. PARTY Scope of CEF eDelivery PARTY PARTY PARTY

eIDAS Electronic Registered Delivery Services (ERDS) PARTY eIDAS Electronic Registered Delivery Services (ERDS) PARTY Data Exchange Agreements Payload (structured/unstructured) eIDAS Electronic Registered Delivery Services (ERDS) Network (public/private) Source Art. 3 (36) ERDS means a service that makes it possible to transmit data between third parties by electronic means and provides evidence relating to the handling of the transmitted data, including proof of sending and receiving the data, and which protects transmitted data against the risk of loss, theft, damage or any unauthorised alterations. PARTY Scope of CEF eDelivery PARTY PARTY PARTY

Reuse of eDelivery by CEF's sectorial projects Building Block DSIs eDelivery eSignature eID eTranslation eInvoicing Sector Specific DSIs Europeana* DG CONNECT Safer internet* DG CONNECT Public open data DG CONNECT ODR DG JUST eHealth DG SANTE eProcurement DG GROW EESSI DG EMPL EU e-Justice portal DG JUST BRIS (ECP) DG JUST Cybersecurity DG CONNECT eTranslation DGT Commitment to analyse Commitment to reuse Reusing

Reuse by projects (without CEF funding) Building Block DSIs eDelivery eSignature eID eTranslation eInvoicing Sector Specific DSIs FLUX DG MARE CISE DG MARE eParticipation DG CONNECT EU-CEG DG SANTE TRACES DG SANTE LRI DG JUST EUGO DG GROW UUMDS DG TAXUD ECRIS DG JUST PNR DG HOME Tachonet DG MOVE CISP COUNCIL Commitment to analyse Commitment to reuse Reusing

CEF eDelivery is not a one-size fits all solution eDELIVERY MESSAGING INFRASTRUCTURES ePROCUREMENT eJUSTICE MESSAGE EXCHANGE MODEL TOPOLOGY 4-corner model Your choice PROTOCOL PEPPOL AS2 profile e-SENS AS4 profile e-SENS AS4 profile recommended INTEGRATION APPROACH Service Providers (Market) Specific Connector DISCOVERY MODEL Dynamic Static SECURITY MODEL TRUST CIRCLE PKI Mutual trust SECURITY CONTROL + Liberal inner security Inner security with connector Your CEF eDelivery implementation SCOPE OF CEF eDELIVERY

CEF eDelivery Components MESSAGE EXCHANGE MODEL KEY SPECIFICATIONS Access Point e-SENS AS4 profile of the ebMS3/AS4 OASIS Standards PEPPOL AS2 profile of AS2 and SBDH (for the eProcurement only) The approach employed by eDelivery is to promote the use of existing technical specifications and standards rather than to define new ones. The profiling work of e-SENS and PEPPOL on these standards, i.e. constraining configuration choices, is equally taken on board. Security Controls ETSI – Electronic Signatures and Infrastructures profile ETSI REM for evidences Connector SECURITY MODEL DISCOVERY MODEL Service Metadata Locator (SML) Service Metadata Publisher (SMP) e-SENS Profile based on the OASIS BDXL Specification e-SENS ebCore Party ID Profile e-SENS Profile based on the OASIS BDX-SMP Specification

CEF Work Programmes: DSIs' funds are planned every year 2014 2015 2016 2017 2018 2019 2020 TRANS-EUROPEAN TELECOMMUNICATIONS CONNECTING EUROPE FACILITY NETWORKS WORK PROGRAMME 201X TRANS-EUROPEAN TELECOMMUNICATIONS CONNECTING EUROPE FACILITY NETWORKS WORK PROGRAMME 201X TRANS-EUROPEAN TELECOMMUNICATIONS CONNECTING EUROPE FACILITY NETWORKS WORK PROGRAMME 201X Procurement by the Commission to offer services to the Member States. Budget allocated for 4 years. ... Total Amount € 86.5 M € 85.2 M € 101.6 M Example eDelivery DSI € 8 M Core Service Platform € 0 € 1 M € 500k Grants … Typically 'deployment' projects at national level (up to 75% of eligible cost). Allocated every year.

eDelivery and eIDAS ERDS in practice 2 eDelivery and eIDAS ERDS in practice

CTR1: TLS + Authentication CTR1: TLS + Authentication Mapping of security controls to the 4-Corner Model End-to-end Security Inner Security Cross-party Security Inner Security C1 C2 C3 C4 Party A CTR1: TLS + Authentication e-SENS AS4 Profile CTR1: TLS + Authentication Party B ORIGINAL SENDER FINAL RECIPIENT Backend REQ4: Recipient /Addressee Identification REQ3: Sender Identification Backend NOTIFY NOTIFY SUBMIT Connector Access Point SEND RECEIVE Access Point Connector DELIVER AS4 ACKNOWLEDGE Internet

Summary of security requirements from the eIDAS regulation Description eIDAS reference REQ1 Message Integrity Messages should be secured against any modification during transmission. Article 3 (36) Article 19 Article 24 Article 44, (d) the sending and receiving of data is secured by an advanced electronic signature or an advanced electronic seal of a qualified trust service provider in such a manner as to preclude the possibility of the data being changed undetectably; REQ2 Message Confidentiality Messages should be encrypted during transmission. Article 5 REQ3 Sender Identification The identity of the sender should be verified. Article 44 (b) they ensure with a high level of confidence the identification of the sender; REQ4 Recipient / Addressee Identification Recipient / addressee Identity should be verified before the delivery of the message. (c) they ensure the identification of the addressee before the delivery of the data; REQ5 Time-Reference The date and time of sending and receiving a message should be indicated via a qualified electronic timestamp. (f) the date and time of sending, receiving and any change of data are indicated by a qualified electronic time stamp. REQ6 Proof of Send/Receive Sender and receiver of the message should be provided with evidence of message sending and receiving. Article 3 (36) “… provides evidence relating to the handling of the transmitted data, including proof of sending and receiving the data…”

Mapping of security controls to the 4-Corner Model End-to-end Security REQ1: Message Integrity REQ2: Message Confidentiality Inner Security Inner Security REQ5: Time Reference CTR1: TLS + Authentication CTR1: TLS + Authentication REQ6: Proof of Send/Receive REQ4: Recipient /Addressee Identification REQ3: Sender Identification e-SENS AS4 Profile C1 C2 C3 C4 ORIGINAL SENDER Party A Party B FINAL RECIPIENT SUBMIT Backend NOTIFY Backend DELIVER 1 or several NOTIFY NOTIFY 1 or several Cross-party Security Connector Access Point SEND RECEIVE Access Point Connector AS4 ACKNOWLEDGE Internet

PEPPOL and CEF eDelivery Convergence Process 3 PEPPOL and CEF eDelivery Convergence Process Will go through Services now available Improvements coming in the next few months How we will move forward

eDelivery alignment between CEF and PEPPOL Timeline 2017 2018 2019 20xx Q4 2016 T1: LoU Q4 2017 T2: Phase In ~Q1 2019 T3: Transition TBD T4: Phase Out Milestones AS4 adopted as optional protocol (AS2 Mandatory) Announcement of T3 AS4 Mandatory (AS2 Optional) Only AS4 Criteria 3a 1 a-c 2 a-b 3 b-c 5 a-d 2 c-s 4 a-d 3e Example: There exists a stable, well documented CEF AS4 profile specification, including SMP and PKI implementation.

Find out more on CEF Digital Directorate-General for Informatics DG CONNECT Directorate-General for Communications Networks, Content and Technology CEF-BUILDING-BLOCKS@ec.europa.eu ec.europa.eu/cefdigital

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.