17 March 2010 Workshop on Efficient and Effective eGovernment FASTeTEN : a Flexible Technology in Different European Administrative Contexts

Slides:

Advertisements

Similar presentations

Universal Electronic Signatures Tarvi Martens ESTONIA.

Advertisements

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Using PHINMS and Web-Services for Interoperability The findings and conclusions in this presentation are those of the author and do not necessarily represent.

COSPA Consortium for Open Source in the Public Administration Paolo Zuliani Libera Università di Bolzano-Bozen, Italy

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.

ICT research priorities and recommendations for strategy development in the WBC Ulrike Kunze / PT-DLR, Germany Consultation session on recommendations.

Introduction of Grid Security

e-TrustEx e-PRIOR CIPA e-Delivery

Web Services Security Requirements Stephen T. Whitlock Security Architect Boeing.

Education applications and the FAST project. Jonathan Gay Co-ordinator for Sheffield.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

EMI Development Plans for Identity Management Henri Mikkonen / HIP Moonshot, Grid and HPC Workshop London, UK.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E IEPG March 2000 APNIC Certificate Authority Status Report.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Open Policy Meeting SIG: Whois Database October 2000 APNIC Certificate Authority.

Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.

Copyright Hub Software Engineering Ltd 2010All rights reserved Hub Document Exchange Product Overview Secure Transmission for Transaction-based Documents.

Page 1 Encouraging e-Government excellence in Europe Baudouin de Sonis Executive Director + 32 (0)

Dematerialization of Organisations’ Key Business Processes Security and e-Invoicing ATHENEE PALACE HILTON, Bucuresti September 21 st 2004 Genovel Iovu.

Lecture 23 Internet Authentication Applications

HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.

©Centre for Development of Advanced Computing 1 State e-governance Service Delivery Gateway (SSDG)‏ A Messaging Middleware for.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

European Signatures versus Global SignaturesRome, 7 April, 2003 EESSI open specifications and interoperability The state of the art in Italy Giovanni Manca.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E 36th RIPE Meeting Budapest 2000 APNIC Certificate Authority Status Report.

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

CDC Confiance Electronique Européenne Presentation of FAST project CDC Confiance Electronique Européenne Bertrand AIT-TOUATI – Architecture & new services.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

The proof of your digital documents. Copyright Lex Persona – All rights reserved 2 Our approach to paper reduction The current approach –The.

JVM Tehnologic Company profile & core business Founded: February 1992; –Core business: design and implementation of large software applications mainly.

Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.

Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.

Exchange of digitally signed SPSCertificate messages Overview of prototype of digital signature applied to SPSCertificate message between national systems.

Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.

WS-Security: SOAP Message Security Web-enhanced Information Management (WHIM) Justin R. Wang Professor Kaiser.

EGovernment Services in Poland Today & in The Future Dariusz Bogucki Ph.D, IDA II, National Co-ordinator National Registers Department, Ministry of Internal.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.

IETF - LTANS, March 2004P. Sylvester, Edelweb & A. Jerman Blazic, SETCCE Introduction The following slides were prepared as a result of analysis and discussion.

OpenEvidence and ESS Peter Sylvester, EdelWeb IETF - N° 57, Wien S/MIME working group.

Integrating security services with the automatic processing of content TERENA 2001 Antalya, May 2001 Francesco Gennai, Marina Buzzi Istituto.

Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian

1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.

SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.

Lifecycle Metadata for Digital Objects October 18, 2004 Transfer / Authenticity Metadata.

DIGITAL SIGNATURE.

INTERCENT-ER Agency A regional prospective on e-invoicing Stockholm - December 2, 2014 Regional Agency for the development of electronic markets.

The Hierarchical Trust Model. PGP Certificate Server details Fast, efficient key repository –LDAP, HTTP interfaces Secure remote administration –“Pending”

Directive 123 / 2006 / CE on Services in the Internal Market Point of Single Contact Directive 123 / 2006 / CE on Services in the Internal Market Point.

Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.

OASIS Juan Carlos Cruellas – UPC Stefan Drees - DSS-X co-chair Nick Pope – Thales eSecurity OASIS Digital Signature Services and ETSI standards Juan Carlos.

Presented by : Piero Milani ( InfoCamere - Italy)Piero Milani InfoCamere - Italy VCD Signature & VCD Verification strategy as seen by InfoCamere ( WP1.

 Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches.

© Software602 a.s. SOFTWARE Zdenek Metodej Zalis Martin Vondrous Ondrej Malek.

Frank Schipplick Work Package Coordinator WP1 - eSignatures.

OASIS Digital Signature Services and ETSI standards Juan Carlos Cruellas – UPC Stefan Drees - DSS-X co-chair Nick Pope – Thales.

Training for developers of X-Road interfaces

Public Key Infrastructure (PKI)

S/MIME T ANANDHAN.

European Citizens’ Initiative, Commission regulation proposal Focus on IT aspects Jérôme Stefanini DIGIT.B.2 05/06/2018.

X-Road as a Platform to Exchange MyData

Chapter 4 Cryptography / Encryption

E-Lock ProSigner ProSigner means “Professional Signer” signifying the software that can apply legally enforceable Advanced electronic signatures to electronic.

Dashboard eHealth services: actual mockup

e-Invoicing – e-Ordering 20/11/2008

Electronic Payment Security Technologies

Presentation transcript:

17 March 2010 Workshop on Efficient and Effective eGovernment FASTeTEN : a Flexible Technology in Different European Administrative Contexts +32 (0)

17 March 2010 Workshop on Efficient and Effective eGovernment FAST Project FAST Platform

17 March 2010 Workshop on Efficient and Effective eGovernment EU supported project – pilot deployment of award-winning FAST trust infrastructure Contributes to Commission's defined European eGov objectives: providing tools that can be used flexibly and interoperably by European administrations Adaptation of French-developed bundle of services to Spanish and UK local/regional government contexts F.A.S.T. : Fully Automated Secured Transactions services

17 March 2010 Workshop on Efficient and Effective eGovernment FACTS Initial Deployment project, from 01/01/2007-to- 31/12/2009 years, funding 2.2M Trust and secure European platform for Data exchange between all levels of administration (European, Central, Regional and Local). Consortium will develop for the FP6 and Public Sector projects a playfield to help architecting, deploying, and testing robust and flexible trust and secure infrastructure solutions. Beneficiaries are The Industry sector for secured exchanges with administration (Spain) The Department of Education, pupils, teachers, parents and Administrative (UK), Where does it take place ? In the region of Valencia in the e-Procurement arena In the Department of Education (based in Sheffield) in UK Deployment plans are to extend this project in Belgium, Hungary, Italy, Bulgaria and Malta Member States involved : France, UK, Spain, Belgium, Italy, Hungary, Malta, Bulgaria, Fully Automated Secured Transactions services

department for education and skills creating opportunity, releasing potential, achieving excellence FASTeTEN Project partners

17 March 2010 Workshop on Efficient and Effective eGovernment FAST Project FAST Platform

17 March 2010 Workshop on Efficient and Effective eGovernment The FAST technologies Introduction What are the FAST technologies designed for? –Secure data exchange –Long-term electronic evidence What are the FAST technologies? –The FAST platform –The FAST APIs

17 March 2010 Workshop on Efficient and Effective eGovernment The FAST technologies Security Rationale –The FAST technologies process highly sensitive data, which require a high level of security Security mechanisms –Authentication and integrity –Confidentiality –Evidence –Availability

17 March 2010 Workshop on Efficient and Effective eGovernment The FAST technologies Interoperability Rationale –Standard formats and protocols are best suited for long-term conservation of electronic evidence Interoperable formats and protocols –Electronic signature –Encryption –Digital certificates –Revocation status –Time-stamping –Request format and transport

17 March 2010 Workshop on Efficient and Effective eGovernment The FAST platform Transmission process 1.Authentication and access control 2.Signature validation 3.Time-stamping 4.Transmission to the recipient 5.Creation of the proof 6.Archiving 7.Indexing

17 March 2010 Workshop on Efficient and Effective eGovernment The FAST platform Extensibility Time-stamping –Time-stamp authorities Validation –PKIX X.509 certificates Transmission –Web services, proprietary protocols Archiving –Archive authorities

17 March 2010 Workshop on Efficient and Effective eGovernment The FAST platform Infrastructure The Software as a Service (SaaS) version of the FAST platform is hosted by Informatique CDC Highly secure premises Highly available infrastructure Proficient personnel

17 March 2010 Workshop on Efficient and Effective eGovernment The FAST APIs : Overview Two major APIs –Signature API –Encryption API Common desktop and server environments are supported –Windows, UNIX/Linux, Mac OS X –Java, COM object, C API Validation requests are web service-based

17 March 2010 How does FAST create legal evidence? Sender FAST a) Preparation of outbound message b) Electronic signature c) Data encryption (optional) a) Preparation of outbound message b) Electronic signature c) Data encryption (optional) Transmission Origination check (authentication) Origination check (authentication) Global archiving Transmission to the authenticated receivers Decryption of the data Transmission to the authenticated receivers Decryption of the data Validation of the transmission (certificate / signature) Time stamping Receiver FAST creates evidence at each step of the transaction

17 March 2010 Workshop on Efficient and Effective eGovernment What can I use FAST for ? Legality check Public accounting Health Legal archiving Welfare Convocation of elected people Education Birth and death certificates Urbanism E-procurement

17 March 2010 FAST treatments : Several rules adapted to the exchanges considered Workflow engine XML Time stamping Validation Archiving Recuperation of a legal time-stamp or internal time stamping Extraction of the data included in the stamp for historical archiving Recuperation of a legal time-stamp or internal time stamping Extraction of the data included in the stamp for historical archiving Validation of the certificates used for the exchange / for signing documents Verification of the signatures and of the roles of the people signing (habilitations) Counter-signature FAST validating the exchange Validation of the certificates used for the exchange / for signing documents Verification of the signatures and of the roles of the people signing (habilitations) Counter-signature FAST validating the exchange Post-treatment data recuperation Addition of data for a historical purpose Archive sealing to guarantee integrity Conservation in a database or sending to a third-part archiveur Post-treatment data recuperation Addition of data for a historical purpose Archive sealing to guarantee integrity Conservation in a database or sending to a third-part archiveur Data reception Final sending

17 March 2010 A powerful rights management and authentication engine is embedded in FAST Users are being attributed X509v3 electronic certificates: Software or personal certificates depending on the profile Multi PKI interoperability Rights management By application By profileOr delegated to the client A single client entity can access several services corresponding to several applications A same user can have several profiles and several rights depending on the service he is using The e-services manager is responsible for managing the rights within his structure