Digital signatures in Denmark OCES 2.0

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

1 Proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market (COM( final) {SWD(2012)
© fedict All rights reserved Legal aspects Belgian electronic identity card Samoera Jacobs – November 2008.
© Copyright International Telecommunication Union (ITU). All Rights Reserved page - 1 Alexander NTOKO Project Manager, ITU Electronic Commerce.
1 eGovernment Projects and Perspectives in the Bulgarian Public Administration Nedelcho Nedelchev Advisor to the Minister of State Administration and Administrative.
Steps towards E-Government in Syria
© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Building Confidence in E-government Services ITU-T Workshop on.
© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Digital Signatures in State of Tennessee Pam Roberts Finance & Administration Office for Information Resources Planning, Research & Development.
Taxpayers registration and e-services provided by the Estonian Tax and Customs Board Karin Aleksandrov Chief Expert Service Management Department.
The Danish Digital Library Jakob Heide Petersen Head of division, Danish Agency of Culture NAPLE Assembly Copenhagen 2012.
Launching Egyptian Root CA and Inaugurating E-Signature Dr. Sherif Hazem Nour El-Din Information Security Systems Consultant Root CA Manager, ITIDA.
Everyone can access. Contents Mer-links context The route of decision-making What is Mer-link? Lessons Learned.
Digital Agenda Unleashing the Potential of Cloud Computing in Europe Ken Ducatel Head of Unit Software and Services, Cloud European Commission (Directorate.
1 e-Governance in Bulgaria – one year after the EU accession Youri Alkalay, Jr. Director e-Government Ministry of State Administration.
31th of March 2008 – Warsaw – Torsten Grunwald Starting a limited liability company in Denmark.
Research, Development, and Evaluation Commission Department of Information Management Research, Development, and Evaluation Commission The Executive Yuan,
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.
6/2/2015Information Technology Standing Committee of the IMO 1 Digital Certificate Initiative Guy Springgay Holiday Inn - Oakville.
E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Danish e-government Are there lessons to be learned ? Mikkel Hemmingsen Deputy director general Ministry of Science, Technology and Innovation.
Workshop on registered electronic mail policies and implementation Ankara, March 2015 Davide Mula REM country practice in legal infrastructure,
June 2003 © S.Hashem Empowering E-Business in Egypt: Facing the Challenges! Dr. Sherif Hashem Director, Information Society Development Office Ministry.
Civil Registry Agency of the Ministry of Justice, Georgia Georgian ID card Mikheil Kapanadze.
© Julia Wilk (FHÖV NRW) 1 Digital Signatures. © Julia Wilk (FHÖV NRW)2 Structure 1. Introduction 2. Basics 3. Elements of digital signatures 4. Realisation.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Public Key Infrastructure Ammar Hasayen ….
Mobile Identity and Mobile Authentication (mobile e-signature) Valdis Janovs Sales Director Lattelecom Technology SIA.
E-Business Romania Adriana Ţicău State Secretary for Information Technology Conferinţele Piaţa Financiară Bucharest, the 26 th of March 2002.
Company LOGO Workshop on Macedonian e-Gov project and best UE practices (Slovenian experience) Skopje Blagica Andreeva Ministry of Information.
Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam
ICT Policy in Azerbaijan
Copyright © 2008, CIBER Norge AS 1 Using eID and PKI – Status from Norway Nina Ingvaldsen and Mona Naomi Lintvedt 22 nd October 2008.
THE ROLE OF CIVIL REGISTRY TO ACTIVATE THE ELECTRONIC AUTHENTICATION
1 International Forum on Trade Facilitation May 2003 Trade Facilitation, Security Concerns and the Postal Industry Thomas E. Leavey Director General, UPU.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
Internet Security for Small & Medium Business Week 6
IT in the Swedish public sector Britta Johansson
EGovernment in Estonia – organization, policies, frameworks Arvo Ott, PhD, e-Governance Academy Vinnytsia
EGovernment Services in Poland Today & in The Future Dariusz Bogucki Ph.D, IDA II, National Co-ordinator National Registers Department, Ministry of Internal.
The Danish Approach: Recognition of prior learning – Anerkendelse af realkompetencer Kirsten Aagaard National Knowledge Centre for Validation of Prior.
Establishing a Digital Identity Martin Roe - Director of Technology, Royal Mail ViaCode.
E-GOVERNMENT IN VIETNAM Ph.D Tran Cong Yen Deputy Director Information and Communication Technology Center Ministry of Science and Technology, Vietnam.
Logo Add Your Company Slogan China Financial Certification Authority Third-party certification authority Team 13 :吉露露、吴莹莹、潘韦韦 ( CFCA )
Configuring Directory Certificate Services Lesson 13.
BACKGROUND AND COMPARATIVE ADVANTAGES  Armenia as a regional center for ICT  Comparative advantages of Armenia:  qualified and experienced labor force.
MINISTRY OF SOCIAL AFFAIRS AND HEALTH 1 The Finnish National Electronic Patient Record Archive
Module 9: Fundamentals of Securing Network Communication.
NemID An agile national eID for Denmark V1.00a Geneva, 6-7 December 2010.
NEW SOLUTIONS IN LAND CADASTRE AND REGISTER: LITHUANIAN EXPERIENCE Kestutis Sabaliauskas, Director General, State Enterprise Centre of Registers
Belgian EID Card 15/12/2004 Derette Willy eID program manager.
National Information Communication Technologies Strategy Vasif Khalafov “National strategy” working group - Web -
/ 8 FEIDHE Electronic Identification in Finnish Higher Education Janne Kanner FEIDHE Electronic Identification in Finnish Higher Education.
LECTURE – V e-COMMERCE İstanbul Commerce University Vocational School.
Cross border electronic signature services Ingmar Vali Head of Court Registers Department Centre of Registers and Information Systems
Bulding blocks of e- government Ingmar Pappel. Bulding blocks of e-government  Personal Code  Digital Identity  Digital signature  X-Road  Organizations.
NEW TECHNOLOGIES FOR CITIZENS AND TAX SYSTEM ELECTRONIC TAX RETURN FILING SYSTEM July, 2000 GRUPPO TELECOM ITALIA - FINSIEL.
ICT Solutions for achieving Smart Regulation The Dutch Programme
PRESENTATION OF MONTENEGRO
E-Commerce for Developing Countries (EC-DC)
Dashboard eHealth services: actual mockup
PKI (Public Key Infrastructure)
Presentation transcript:

Digital signatures in Denmark OCES 2.0 Boosting trust in the digital single market: The role of e-signature 9-10 November 2011, Poland Charlotte Jacoby Senior adviser, Master of law Centre for Digital Signature Danish Agency for Digitisation

Agency for Digitisation Ministry of Finance Due to the inauguration of the new Danish government and changes in political areas, OCES and e-signature now resides in the Ministry of Finance By 3. October 2011 The National IT and Telecom Agency was closed, tasks moved to The Danish Agency for Governmental Management By 31. October 2011 The Danish Agency for Governmental Management was closed and two new Agencies formed. Tasks now in Danish Agency for Digitisation

Agenda Background, ICT policy and principles National esignature standard OCES 1.0 National esignature standard OCES 2.0 – NemID How does it work? Status today

Government globalisation strategy At the latest in 2012 it should be possible to perform all relevant written communication between companies, citizens and the public sector digitally. Fremgang, fornyelse og tryghed, april 2006

Goals for reforming the public sector Productivity and efficiency Coherent infrastructure Digital communication

The Danish esignature history NemID OCES I – Digital Signature Qualified Certificate Pilots 2000 2003 2004 2010

OCES legal framework OCES Agreement with governmental agency State owned OCES Certificate Policies requirements for the public key infrastructure level of security applied for the digital signature CP’s part of agreement Agency for Digitasation supervisory authority Audit - annual report to the supervisory authority including external system audit of the CA CA liable for the content of the certificate unless the CA can prove that the CA has not acted negligently or intentionally

Goal and foundation of the OCES project OCES = Public Certificates for Electronic Services Goal: A general open, scalable and transparent security infrastructure based on PKI Controlled by the state and operated by private Certificate authorities (CA) Foundation: Defining state-owned Certificate Policies (CP) An open architecture based on international standards – OCES CP’s EU-Tender with a public private partnership in mind Establishing a non-discrimination approval process for potential OCES CA’s

OCES Certificates Issued as: Used for: Personal certificates – PID (a unique number related to civil registration number) Employee certificates – RID/CVR (Employee number/Central company number) Business certificates – CVR (Central company number) Device certificates – CVR (Central company number + deviceID) Used for: Access control - Logon Secrecy - Encryption of e-mails Signature for e-mails, documents and web-sites (non-repudiation)

Roles of interested parties OCES CPs Supervision OCES CA OCES agreement DanID Develop. infrastructure Agency for Digitisation Dialogue Danish Standard Association Commercial agreement Coordinating and recommendations PKI services Guidance, monitoring, marketing etc. Public sector Private companies Vendors Citizens

OCES 1.0 – a good start March 2003 – July 2010: More than 1.88 million OCES 1.0 digital signatures were issued Of these around 354.000 employee certificates among 132.000 companies/public authorities Many public and some private services

Examples of electronic services using digital signatures (OCES 1 Examples of electronic services using digital signatures (OCES 1.0 and 2.0) Sundhed.dk – the public sector’s health portal The National Tax Authority The State Education Fund The City of Copenhagen Borger.dk – A portal for citizens used by all local authorities “danmark” – the private Danish health insurance company “Virk.dk” – the common public sector portal for companies (potential 250.000 companies) ATP - the Danish supplementary labour market pension fund The Ministry of Education: Central Education Admission Portal Digital post – public electronic mailbox “Eboks” - private electronic mailbox

OCES 2.0 Tender demands Economy of the solution Security User friendliness and mobility Public as clear sender/owner Further penetration Functionality at least as today Continuity for services and easy migration for users

New agreement (august 2008) All citizens can still order and use digital signatures and get competent support free of charge Companies and public authorities can order and use up to three employee certificates free of charge Public authorities can receive certificates for a five year period

OCES 2.0 - NemID Mobility  Security  Penetration  User- Friendly  Frequent Use OCES 2.0 - NemID NemID is the new national digital signature NemID used for log-on, signing and secure e-mail Access to online banking in all Danish Access to a large number of public services NemID use from any computer NemID based on 2-factor security Private service providers use NemID

OCES 2.0 - NemID Centrally securely stored private keys Access with 2-factor authentification independant of pc Something you know (password) Something you have (one time password) CA certificates 2048 – 4096 bits RSA SHA256 End user certificates 2048 bits RSA CRL’s and OCSP

Common use of infrastructure DanID Netbank Tax Larger penetration Larger effiency potential OCES Signatures Frequent use Remember password OTP Server Netbank Signatures Applet

End user registration – based on requirements from law on money laundry and terror funding Identity known - Code card sent to registered CPR-address Netbank Identity unknown - Activation password and code card sent to registered CPR-address CA/DanID NemID.nu Physical presence – On site issuance handover of Activation password and code card Citizen service centres Tax centres

Internet Tax authorities OTP-server Publicly financed Signature server Citizen Signature server HSM Helpdesk

NemID Penetration Penetration status today 3,000,000+ active users Supported by all major government sites Supported by all banks for ebanking Around 1.500 new users per day Around 140 private service provider agreements 1,000,000 transactions per day average More than 450 transactions since 1st July 2010

References and links

??? www.nemid.nu cj@itst.dk