Presentation is loading. Please wait.

Presentation is loading. Please wait.

Joint workshop of Porvoo and GCF hosted by the Porvoo 7 meeting May 26 2005, Reykjavik, Iceland moderated by Jan van Arkel, co–chair Porvoo acting chair.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Joint workshop of Porvoo and GCF hosted by the Porvoo 7 meeting May 26 2005, Reykjavik, Iceland moderated by Jan van Arkel, co–chair Porvoo acting chair."— Presentation transcript:

1 Joint workshop of Porvoo and GCF hosted by the Porvoo 7 meeting May 26 2005, Reykjavik, Iceland moderated by Jan van Arkel, co–chair Porvoo acting chair GCF

2 Shaking hands ……..

3 Porvoo Group  Established in Porvoo in April 2002  A co-operative network of parties in charge of public certificates for citizens  Information exchange on eID experiences and national eID-projects in Europe  Develops the general usage of public certificates in The European Electronic Communication  Promotes the use of certificates and aims at making communication more convenient and offer where possible, a uniform solution for the European Citizen

4 Global Collaboration Forum on world-wide interoperable IAS  Established in 2001 (as follow up of earlier EU-Japan contacts)  Participants: eESC, NICSS, NIST, Global Platform, Maosco, ISO  Regular bi-annual meetings ( Iceland is GCF 8)  Rotating chair (presently held by EU)  Products so far: - Mapping document of GIF/GSC-IS and NICSS Framework - Common Glossary of terms (in line with CWA 15264) - Draft for Common Requirements for eID in eGovernment domain (in line with CWA 15264) - common position on ISO 7816-13 - Individual contributions to ISO 24727

5 eESC - GlF CWA 15264 eAut CEN 224_15 ECC NICSS-Framework V1.0 (NICSS) GSC-Framework V2.1 (NIST) & FIPS 201 The 3 regional frameworks

6 Short-term activities: GCF Long-term and Short-term Scopes of GCF To share the information about participants’ activities and overall short- term activities and to discuss common issues of interest To hold 2 Plenary Meetings annually Activities related to long-term scopes are taken for two years as a start. Afterwards it is decided if these need to be continued. Long-term Activities Short-term Activities Each participant takes leadership in an area of his interest. WG are established as required. The proposing participant is the leader. E-Authentication MRTD DL Scheme for Multi-AP SC Participants ( organizations ): - Global Platform - Eurosmart - MAOSCO - ISO

7  EU update ( J. van Arkel)  US eID development status update, Jim Dray, NIST, USA) - Homeland Security Presidential Directive HSPD No. 12 - status of FIPS 210 standard - status of ISO 24727, - status and plans for deployment  Japan status update - Japanese developments on eID, Hiroshi Shimada, Fujitsu/NICSS - Status of Asian Smart Card Forum, Shoji Miyamoto (Hitachi)  Discussion on a World eID Steering Committee ( by all ) rationale for the joint workshop Agenda for the joint workshop

8 Legal issue Standardisation Deployment EU update

9  Procedure when issuing an eID  Content of eID  Cardholder verification procedures  Data Protection  Liability  Revocation of eID What needs to be regulated?

10  Privacy Directive + implementation in national legislation  E-sign Directive + implementation in national legislation  IAS: Discussion on Thomas Myhr report  EU council regulation on ePassports 15152/04 ; 2252/04 dd 13 Dec. 2004;  Decision of the EC 28 Feb. 2005 (technical specification in relation to standards on security and biometrics for Passports and travel documents) Pending: technical specification on fingerprint in passport What is already in place in the EU?

11  Legal  Standardisation  Deployment Status in eID

12  CEN/ISSS WS eAuthentication (Government requirements, Architectural model, Business models, Legal Framework, Card issuer guidelines, Multi-application environment, Human interface aspects, eID policy vision)  CEN 224 WG 15 European Citizen Card (Policy and rules for CMS, Physical and logical card characteristics, data elements and structures, IAS procedures, Durability aspects) Europe

13  CWA 15264- part 1: Architecture for a European interoperable eID system within a smart card infrastructure  CWA 15264- part 2: Best Practice Manual for card scheme operators exploiting a multi-application card scheme incorporating interoperable IAS services  CWA 15264- part 3: User Requirements for a European interoperable eID system within a smart card infrastructure  eID Strategic Vision Report  Download area: http://www.cenorm.be/cenorm/businessdomains/businessdomains /isss/activity/wseaut.asp Results of WS eAut

14  Workgroup was launched in Feb 2004  Chair: L. Gaston, Axalto, Secretariat: AFNOR  Constituency: 20+ organisations  2 Subgroups are active: SG 1: Physical aspects; SG 2: Logical data aspects  Final meetings on May 11-12, 2005 in Vienna  2 part Technical Standard will be out for voting after CEN 224 approval (additional parts on ECC management & business models and SC durability classes is pending) Status of CEN 224 –WG 15 ECC

15  The eID systems shall support a secure and reliable cardholder electronic signature funtion for the purpose of legal validaty of the signature  For Europe the PKI system elements of the system shall be in complicance with the qualified digital signature as per article 5.1 of the EU directive 1999/93/EC on a Community framework for electronic signatures  The PKI system elements shall be in compliance with ETSI QCP 101456  The PKI system elements shall be in compliance with CWA 14890 parts 1 –2 Electronic signature status

16  ISO/IEC 19784-1 BioAPI, BioAPI specification  ISO/IEC 19785-1 Common Biometric Exchange formats (CBEFF) Part 1: Data Element Specification  ISO/IEC 19794-2 Biometric Data Interchange Format Part 2: Finger Minutiae Data Part 8: Finger Pattern Skeletal Data (Porvoo position?) Part 4: Finger Image Data (Porvoo position?)  SC 17 : ISO/IEC 7816-11 : Personal verification through biometric methods in ID’s Biometrics, SC 37 ISO SC 17

17  SC standard ISO/IEC 24727 part 1: architecture part 2: card interface (card edge) part 3: high level application API (BSI) (will be addressed by Jim Dray)  Deployment will be addressed by US, Japan and EU country updates. ISO SC 17

18 Discussion on a World-wide eID Steering committee

19 Discussion on the concept of a World eID Steering Committee Excerpt from the agenda: The idea was launched at the Smart Card Charter conference in December 2004 in Prague. A first version of a vision paper is downloadable from the Porvoo 7 website. The basic idea being a mandated group of Government representatives on eID, setting World wide common requirements and stimulating the realisation of interoperability (adaptors).

20 World eID forum document draft version 1.1. February 14 2005 Table of Content 1. Rationale 2. Vision 3. Scope 4. Objective 5. Participants 6. Organisation 7. Related organisations 8. Activities and Deliverables 9. Support and funding mechanism

21  global support of eServices (building block for trust, security, and convenience, without e-ID there is no real national and global eGovernment)  global combating of ID Fraud (causes more and more of a problem)  global anti-terrorism measure  Building a more global (European) society (making persons aware to be a –relevant- part of society as well as offering them a seamless experience) Vision: Why global eID?

22 Some inhibitors so far  No strong leadership, no formal cooperation  State of the art of the technology and standardisation (dripping wet)  Costs and benefits, business cases  Not invented here (Scandinavia, GIXEL, DIF, other countries)

23 EU 2004 Report: Rethinking the European ICT agenda (10 ICT-Breakthroughs for reaching Lisbon Goals) The breakthrough that is needed is an increased ICT utilisation by establishing: - Authentication: Pan-European interoperability (minimum) or standardization (preferred) of authentication systems/platforms - Security: Pan-European emphasis on security standards in relation to access, identity theft and secure transactions Policy support of IAS (1)

24  Resolution of the future Information Society policy of the Union adopted on 10 December 2004 by the Council of the European Union (one of the 6 priorities): To create a favourable environment for industry and the public sector to develop, both in Europe and globally, effective and interoperable solutions, in particular for electronic payments, authentication, identity management as well as security. Policy support of IAS (2)

25 Policy support of IAS (3) G8 2004 Summit endorsed the statement “Accelerate development of international standards for the interoperability of government-issued smart chip passports and other government-issued identity documents. We will work for implementation by the 2005 Summit“ http: //www/g8usa.gov/d 060904f.htm

26 There are relevant use cases for IAS (TC224/WG15) 1.E-Mail encryption and digital signature 2.The National Tax Board and administration 3.The National Social Insurance Board 4.Employee ID (physical & logical access) 5.Medical services access 6.Industrial security 7.National archive access 8.Public registries access

27 European ID Management Projects  Modinis Study (operational) Support progress towards a coherent approach in electronic identity management Provide information on eID technologies, related market developments and technical requirements Provide a prospective analysis of possible initiatives and solutions at European level  The GUIDE Project (FP6, operational) Research and develop an open identity management architecture as core technology for e-Government solutions To create a world-class and innovative European e-Government market. To demonstrate and evaluate solutions in the three major areas of e- Government services: A2A, A2B & A2C  CEN/ISSS WS MMUSST (operational)  TIFI project (under evaluation) Porvoo signed declaration of cooperation)

28 E-Sign K CWA 14890 eEpoch WP3 BIKE WSeAut CWA 15264 E-SignGIF CEN/ISSS eEurope SC Charter TC224 WG15 TS ECC SC17 WG4 ISO/IEC 24727

29 Overview of relevant actors  Policy makers on eID in EU and other regions  Standardisation bodies CEN CEN 224/WG 15 ECC CEN/ISSS CWA 15264, CWA 14890 ISO ISO/IEC 24727 Regional standardisation US FIPS 201, Japanese ICSS, Asian Card Forum  EU Industry consortia: Germany:DIF France: GIXEL  Porvoo Common Requirements  Eepoch BIKE  GCF Cooperative Framework  EU projects Guide, Modinis, Impact,  Regional & national deployment

30 Report CEN/ISSS Focus group on eHealth (March 1, 2005) Establishing an Interoperability Platform The Member States, with the Commission, should establish a permanent platform with a mandate, and the necessary resources to promote eHealth interoperability based on standards and to facilitate co-operation between Member States. This eHealth interoperability platform should: establish a Europe-wide view on the requirements for standardisation and its implementation in specific domains, in collaboration with standards organisations, based on input from relevant stakeholders communities; encourage and promote an environment for detailed specifications testing, evaluation or certification, to achieve interoperability of systems based on standards; establish a means for tracking and promoting good practice, and foster pilot implementations in compliance with the aforementioned environment; encourage agreements across national borders and between professional groups; encourage the further development of an appropriate European legal and regulatory framework; promote the establishment of infrastructure services such as for the creation and maintenance of terminology systems and knowledge repositories.

31 World eID Forum  Participants Vision (everyone who shares the vision) Interoperability charter (and signs the IOP charter) Relevant stakeholders (eGovernment representatives) Mandate (is this realistic?)  Organisation New organisation? (preferable not, but how to organise?) No legal entity Chair and secretariat No permanent staff  Activity plan

32 World eID Forum Activity plan Contributing to the legal issue of World wide interoperable eID Setting joint requirements for interoperable World wide eID Information exchange between participants on eID deployment Set-up, maintenance and exploitation of an eID-body of knowledge Exploiting an interoperability demonstrating and test environment, including Open Source solutions Issuance of eID interoperability compliance certificates Development of a eID Implementation and Guidance document offering - best practice information - choices in standards and preferred options in standards (PKCS #11 interface, PKCS #15 profile, harmonised Human Interface etc) - exploitation models - study into basic eID versus role based ID - study in International validation services etc ……….

33 World eID Forum Support and funding mechanisms Option 1: Virtual, non funded organisation, embedded/part of other organisation, like Porvoo, GCF, Modinis project, Guide project Option 2: Separate body with participation fee from participants Option 3: CEN/ISSS Workshop for 2 year period (meaning small participation fee) Option 4: EU funded IST/IP project Other options?

34 Questions for discussion …. 1.Is there a common understanding of the need? 2.Do we support the idea of a joint approach? 3.If yes, how to organise such an activity, in what context, and do we need more mandate? 4.What activities would we like to carry out? 5.………….

Download ppt "Joint workshop of Porvoo and GCF hosted by the Porvoo 7 meeting May 26 2005, Reykjavik, Iceland moderated by Jan van Arkel, co–chair Porvoo acting chair."

Similar presentations

Support for the coordination of activities TECHNOLOGY PLATFORMS Context, Rationale and State of Play Presentation by Julie Sors European Commission Rotterdam,

Support for the coordination of activities TECHNOLOGY PLATFORMS Context, Rationale and State of Play Presentation by Julie Sors European Commission Rotterdam,
European Electronic Identity Practices Country Update of Finland Speaker: Päivi Pösö Date: 26.5.2005.

European Electronic Identity Practices Country Update of Finland Speaker: Päivi Pösö Date:
AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards.

AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards.
Digital Identity Group May 2012. GIXEL  GIXEL is the professional association of electronic component and system industries in France. It brings together.

Digital Identity Group May GIXEL  GIXEL is the professional association of electronic component and system industries in France. It brings together.
FP7 Preparations ISTC meeting 31 March 2004. Content FP7 preparation approach and timetable Context for FP7 and for ICT in FP7 Research in New Financial.

FP7 Preparations ISTC meeting 31 March Content FP7 preparation approach and timetable Context for FP7 and for ICT in FP7 Research in New Financial.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
European Electronic Identity Practices Country Update of …………… Speaker: Date:

European Electronic Identity Practices Country Update of …………… Speaker: Date:
European Electronic Identity Practices Country Update of Belgium Speaker: Maes F. Date: 25 May 2005.

European Electronic Identity Practices Country Update of Belgium Speaker: Maes F. Date: 25 May 2005.
Update on European Citizen Card: Part 4 Kristina Unverricht Consumer Council of DIN, Germany Chairperson of ANEC Information Society Working Group October.

Update on European Citizen Card: Part 4 Kristina Unverricht Consumer Council of DIN, Germany Chairperson of ANEC Information Society Working Group October.
Summary of ETSI/ESI activities Andrea Caccia ETSI/ESI TB member Note: This document expresses only the views of its author.

Summary of ETSI/ESI activities Andrea Caccia ETSI/ESI TB member Note: This document expresses only the views of its author.
Jaroslav Pinkava May 2001 Certification Authority in Praxis. Security Aspects. Conference Security and Protection of Information Ing. Jaroslav Pinkava,

Jaroslav Pinkava May 2001 Certification Authority in Praxis. Security Aspects. Conference Security and Protection of Information Ing. Jaroslav Pinkava,
Developments in cooperation between research and standardization related to security and secure communications Presentation at eMayor clustering event,

Developments in cooperation between research and standardization related to security and secure communications Presentation at eMayor clustering event,
1 Bridge/Gateway CA Project Status Gzim OCAKOGLU European Commission – DG ENTR / IDABC Reykjavik – 27 May 2005.

1 Bridge/Gateway CA Project Status Gzim OCAKOGLU European Commission – DG ENTR / IDABC Reykjavik – 27 May 2005.
Follow up after Porvoo-6 in Rome - The resolutions from Porvoo 6 Tapio Aaltonen Director, CA-services Population Register Centre Finland.

Follow up after Porvoo-6 in Rome - The resolutions from Porvoo 6 Tapio Aaltonen Director, CA-services Population Register Centre Finland.
Towards an European eHealth High Level Governance Michèle THONNET Ministry of Labour, Employment and Health Paris, France eHGI Mainstream &Roadmap chair.

Towards an European eHealth High Level Governance Michèle THONNET Ministry of Labour, Employment and Health Paris, France eHGI Mainstream &Roadmap chair.
European Electronic Identity Practices Country Update of Norway Speaker: Sverre Bauck Date: 2005-05-26.

European Electronic Identity Practices Country Update of Norway Speaker: Sverre Bauck Date:
Www.enisa.europa.eu European Union Agency for Network and Information Security Follow ENISA: ENISA and standards Sławomir Górniak European Union Agency.

European Union Agency for Network and Information Security Follow ENISA: ENISA and standards Sławomir Górniak European Union Agency.
European Electronic Identity Practices Country Update of Spain Date: 26 May 2005.

European Electronic Identity Practices Country Update of Spain Date: 26 May 2005.
COUNTRY XXX 11.5.2006 European Electronic Identity Practices Country Update of XXX Speaker: Date: 11 May 2006.

COUNTRY XXX European Electronic Identity Practices Country Update of XXX Speaker: Date: 11 May 2006.

Similar presentations

Ads by Google