PKI-enabled e-tax in the Netherlands Ir. E.J. Kuiper Ministry of Finance The Netherlands.

Slides:

Advertisements

Similar presentations

Universal Electronic Signatures Tarvi Martens ESTONIA.

Advertisements

Security standardization for Health Informatics ITU-T eHealth conference Geneva Dr Gunnar O. Klein convenor of ISO/TC 215/WG 4 Security Karolinska.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

Launching Egyptian Root CA and Inaugurating E-Signature Dr. Sherif Hazem Nour El-Din Information Security Systems Consultant Root CA Manager, ITIDA.

Bundesamt für Sicherheit in der Informationstechnik EESSI - WS May , 2000, Paris, Folie 1/18Klaus J. Keus, BSI Electronic Signatures in Germany,

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

WPKI available technology diagram and the business model

PKI -An Industry Perspective Lisa Pretty Executive Director.

Single Audit Strategy LATVIA. Audit System The Audit Authority functions are carried out by the Internal Audit Department of the Ministry of.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.

EESSI - 19/06/011 The French national initiative of e-procedures in Social sector Jacques Sauret General Director Groupement d’intérêt public – Modernisation.

The Icelandic PKI project Jóhann Gunnarsson Head of Division, Ministry of Finance.

Page 1 ©2000 Bull Major Challenges in e-Government Value System in modern IS’s for Public services Claude Boulle, European Affairs FP 6 Consultation Meeting.

The OpenEvidence Project Peter Sylvester, EdelWeb IETF - N° 57, Wien PKIX working group.

European Signatures versus Global SignaturesRome, 7 April, 2003 EESSI open specifications and interoperability The state of the art in Italy Giovanni Manca.

New DFG Information Infrastructure Projects Dr. Stefan Winkler-Nees; Birmingham, 28. March 2011 New DFG Information Infrastructure Projects.

© Julia Wilk (FHÖV NRW) 1 Digital Signatures. © Julia Wilk (FHÖV NRW)2 Structure 1. Introduction 2. Basics 3. Elements of digital signatures 4. Realisation.

DEVELOPMENT OF PROJECT IDEAS

NASA PKI for PKI FORUM Presenters: Paul Ma, NASA-Ames Research Center

Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)

IDA Security Experts Workshop Olivier LIBON Vice President – GlobalSign November 2000.

Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.

European Electronic Identity Practices Country Update of Austria Peter F Brown Office of the CIO, Austrian Federal Chancellery Chair, CEN eGov Focus Group.

Erich Waldecker Federal Ministry of Finance, Austria FTA Taxpayer Services Sub-group Istanbul, October 2006.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Key Elements for electronic Local Authorities’ Networks Cagliari, 27 th May 2002 Walter Wenzel CEO of KEeLAN project.

E-Business Romania Adriana Ţicău State Secretary for Information Technology Conferinţele Piaţa Financiară Bucharest, the 26 th of March 2002.

Vilnius, October 21st, 2002 © eEurope SmartCards Securing a Telework Infrastructure: Smart.IS - Objectives and Deliverables Dr. Lutz Martiny Co-Chairman,

8 Nob 06 / CEN/ISSS ETSI STF 305: Procedures for Handling Advanced Electronic Signatures on Digital Accounting CEN/ISSS Workshop.

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

Selected problems of the e-signature law and of its implementation Doc. RNDr. Daniel Olejár, CSc. Department of computer science Comenius University, Bratislava.

Dao Dinh Kha National Centre of Digital Signature Authentication - Agency of Information Technology Application A vision on a national Electronic Authentication.

OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.

Österreich 2006 Austria 2006 Autriche 2006 Präsidentschaft der Europäischen Union Presidency of the European Union Présidence de L’Union européenne ★★★★★★

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

E-BANKING. Internet Banking  Internet as new communication medium.  Open up current IT-systems to the outside world.  Automating relations.  What.

IT in the Swedish public sector Britta Johansson

Risks of data manipulation and theft Gateway Average route travelled by an sent via the Internet from A to B Washington DC A's provider Paris A.

Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.

Hurdles and Solutions for the Interoperable EHR John W, Loonsk, MD FACMI Chief Medical Officer CGI.

Module 9: Designing Public Key Infrastructure in Windows Server 2008.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.

HEBCA – The Operating Authority July 2005 Dartmouth PKI Summit.

IDI Conference The digital signature of InfoCamere a practical and effective means for business Turin, 6 th of June Gabriele DA RIN.

Information Security Systems Cost Effective Authenticity & Integrity in CEN/FISCALIS eInvoicing Good Practice Guidelines Nick Pope – Principal Consultant,

DG CONNECT NIPS Study – CONSULTATION CONFERENCE 13 November 2013

Project Management Methodology Project Closing. Project closing stage Must be performed for all projects, successfully completed or shut off by management.

NEW TECHNOLOGIES FOR CITIZENS AND TAX SYSTEM ELECTRONIC TAX RETURN FILING SYSTEM July, 2000 GRUPPO TELECOM ITALIA - FINSIEL.

ICT Solutions for achieving Smart Regulation The Dutch Programme

The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.

Mobile PKI ● Demo ● Overview / Terminology ● Use cases ● Trust ● Costs ● Feedback.

TAG Presentation 18th May 2004 Paul Butler

TeleTrusT Initiatives for PKI Solutions

New Integrated Customs Information System (ICISnet) and Single Window

Paperless & Cashless Poland Program overview

TAG Presentation 18th May 2004 Paul Butler

Public Electronic Payment System

Public Key Infrastructure (PKI)

E-Commerce for Developing Countries (EC-DC)

The Swedish strategy on eGovernment

Laur Mägi Department of Information Systems and Document Management

Session 1.6a: PRESENTATION

WG 1.5 b Summary Statement: Qualitative e-Government-services and effective front-office are conditioned by a good back-office Presentation of Emmanuel.

e-Security Solutions Penki Kontinentai Vladas Lapinskas

Presentation transcript:

PKI-enabled e-tax in the Netherlands Ir. E.J. Kuiper Ministry of Finance The Netherlands

Agenda Current pilots: –AVI, BAPI EU and EESSI work: –Contribution of Directive –EESSI specifications –Priorities for further standardization

AVI characteristics Selected entrepeneurs (advanced) Tax declaration for VAT and wages PKI: Entrust PKI suite CA: Interpay, RA: Tax Office Interactive session over Internet On-line payment Soft certificates (no SSCD) NetDynamics infrastructure and development environment First stand-alone, later connected to backoffice (Async. Message queueing)

Sassenheim, March 1st 1999

Administrative process is complex Software certificates + user errors result in 20 % re-certification / year Juridical Archive: lacking guidelines Organisation / person Separation between authentication and autorisation presents problems Payments did not work out (banking problem) Lessons PKI AVI

BAPI characteristics Selected entrepeneurs (advanced) Cooperation with bookkeeping suppliers Tax declaration for Profit PKI: made to measure (BAPI client and gateway) CA: Diginotar, RA: Diginotar Off-line preparation in bookkeeping Soft certificates identify companies Connected to backoffice (Async. Message queueing)

BAPI characteristics

Lessons PKI BAPI Slow start - dependency on bookkeeping suppliers costs time Life this year No officially accredited CSPs, but 3 which had done an experimental audit Only 1 CSP offered company certificates as a standard offering Client retrieval of CRL presented problems

Directive 1999/93/EC Very important with respect to signature for natural persons But business requirements also exist for confidentiality and identification of other objects than natural persons Terminology not in line with accepted terms like CA, RA -> confusion Definitions broad, e.g. CSP

Directive 1999/93/EC Open ends: –continuity of CSP business –acceptance of foreign certificates –certification of products –authorization associated with signature

Directive 1999/93/EC Common use of signatures is associated with functions, roles, e.g. authorization (Privilege Management Infrastructure): Dear Norien, Kind regards,

EESSI specs Result in very high-end requirements -> risk considering lifetime of PKI is finitive Deliver only part of the implementation choices Technical interoperability does not get enough attention Directed at signatures of natural persons (only part of the business requirements for trust)

EESSI specs and PKI

Priorities Identification of objects, which are not natural persons Transition to QCP + SSCD Requirement: confidentiality only Handling of limited PKIs in American standard software products -> more cooperation with US suppliers and standard groups is needed Authorization linked to PKI identification Solutions for open ends in Directive