ISA programme: Secure-related initiatives Miguel Alvarez Rodríguez
Click to edit Master title style 2 … and effective electronic cross-border and cross-sector interaction between European public administrations. … share and re- use existing successful or new Interoperability solutions, common services and generic tools. …IT systems allow smooth implementation of Community policies and activities. Efficient European public administrations Flexible and interlinked Interoperability Solutions for Public Administrations Objectives 2 The ISA programme
Click to edit Master title style 3 Actions. Quick overview 1.Key enablers for secure eGOV services: Cluster of eID-related actions and tools for eSigning 2.Secure telecommunication network: sTESTA 3.eTrustEx: Secure exchange of DOCs
Click to edit Master title style 4 1. Action 1.5 STORK´s sustainability STORK, the LSP on eID came to an end in The project implemented and deployed in various MS a federated platform based on common specification and assurance model. Aimed to the provision of electronic identification services related to citizen´s accessing to eGovernment applications in cross-borders set-ups. ISA programme was appointed for the sustainability of STORK´s results in the short/ medium-term.
Click to edit Master title style 1. STORK Sustainability. Continuous maintenance and upgrade of STORK reference components (PEPS and VIDP modules) to the most common operating environments. Update of the technical specs (SAML profile and QAA model) according to upcoming needs. 5
Click to edit Master title style 1. STORK Sustainability. Top Reasons to use STORK: Easy-to-deploy solution for the provision and consumption of secure identity services of national and foreign citizens. Access to a Reference interoperability technical solution for the mutual recognition of eID at European level. It can be used as a service or as tool: Flexible interoperable solution that can handle any type of electronic identities and assurance levels. Solution maintained and supported by the EC and many MS. 6
Click to edit Master title style 7 2. ECAS-STORK integration The problem MS officials and civil servants from all over Europe need to access EC corporate applications Use of ECAS credentials since national eIDs are not recognised by the EC applications. A first proof of concept demonstrating the integration of ECAS with STORK project was funded by IDABC programme and executed in The current situation ECAS-STORK integration already in production mode In use already by CIRCABC and the eJustice Portal
Click to edit Master title style 8 2. ECAS-STORK integration Beneficiaries and anticipated benefits European Institutions and Agencies will benefit from ECAS integration with STORK with a minimal impact, by accepting higher assurance eID mechanisms from the MS and by increasing the trust and confidence on the user's identities For MS's public administrations, consistency is increased since the same credentials are used to access both national information systems and European Commission information systems. Levels of security are aligned as well with those provided by MS.
Click to edit Master title style 9 2. ECAS-STORK integration
Click to edit Master title style Objectives o Public officials should be able to log to EC applications and be granted access based on their role or position in a national administration. o Extend ECAS multi factor authentication to a federated authorisation solution o Access to EC Applications using the national model for authorisation and ECAS-STORK. 3. Action 1.18: Federated Authorisation across public administrations
Click to edit Master title style 1. Context Inception – 2012 Feasibility study Architectural and Functional SWOT Execution 2013 Definition of common generic specification Providing necessary gateway, transformation services to connect ECAS Implementation plan for integration of MS solutions Lessons learned Main milestones of the ISA Action 1.18 We are here now
Click to edit Master title style # Future versions based on incoming requirements and lessons learnt Integration in ECAS Production Pilot with at least one Member State connecting to one EC Application Get buy-in from stakeholders (Demo) The picture below presents the objectives of the current phase on short and long term. At least 5 stakeholdersAt least one EC application At least one MS application To be decided 3. Objective
Click to edit Master title style Action 1.9: DSS tool This action supports development of a software tool DSS (Digital Signature Software) that creates and verifies legally binding electronic signatures. The tool makes use of the MS Trust Status Lists (TSLs) to check the trustworthiness of the signing certificates. Open source. Available to all MS and for any electronic procedure.
Click to edit Master title style DSS: TSL & eSignature creation/ verification tools The legal basis Comitology Decision 2009/767/EC defined "Trust Lists" (TSL) as means to facilitate technical recognition of qualified electronic certificates cross-border. Under that Decision each Member States has to establish, maintain and publish in a secure way a trust list of certification service providers issuing qualified certificates to the public Decision 2011/ 130/ EC establishes minimum technical requirements for the interoperable cross-border processing of documents signed electronically by competent authorities under Directive 2006/123/EC
Click to edit Master title style Framework – Realised in Java – Open Source under LGPL Main goals – Signature creation – Signature validation – Validation report according to validation policy ETSI TS Interoperable Formats EU-wide – XAdES / PAdES / CAdES – ASiC-S Levels – BES to LTV Packaging – detached, enveloped, enveloping 4. DSS tool: Technical features
Click to edit Master title style DSS: Beneficiaries and benefits Public administrations, Tool allowing the governance of the MS trusted lists Easier setting up of secure eGoverment services Solution to enhance trust and implement interoperable e- signatures for national & cross border completion of administrative formalities Possibility to validate electronically signed documents coming from different competent authorities For business and citizens, Higher levels of trust and confidence on electronic transactions Access to fully-fledged transactional public services, saving time
Click to edit Master title style 5. What is sTESTA? sTESTA (secured Trans European Services for Telematics between Administrations) is a communication platform to exchange electronic data between European and Member States administrations in a secure, reliable and efficient way Facilitate cooperation between public administrations in various policy areas. Consolidate existing networks by providing a secure, reliable and flexible communication service layer. Exchange both unclassified and classified information (up to "EU RESTRICTED "). The sTESTA service platform is the continuation of the service infrastructure initiated and developed under the IDA, and IDABC programmes of the EC
Click to edit Master title style Goal Platform to support the secure exchange of documents between Public Administrations at national and European level, so as to: Reduce overall costs of digital data exchange Enable the digitisation of business processes Secure digital data exchange Promote and re-use of interoperable solutions Usable as a tool or as a service: e-TrustEx can be installed by the Public Administration or used as a service on the cloud. Open source e-TrustExe-PRIORCIPA e-Delivery 6. e-TrustEx
Click to edit Master title style 6. e-TrustEx main features: Services for sending documents: Binary files (structured and unstructured documents up to 100MB) Groups of binary files (up to 500 documents of up to 100 MB each). Services for retrieval of documents: Inbox Query Security: End-to-end encryption (GUI only) End-to-end integrity (GUI only) Point-to-Point integrity e-TrustExe-PRIORCIPA e-Delivery
Click to edit Master title style Thank You !!!
Click to edit Master title style SEMIC 2014 – Athens, 9 April