Presentation is loading. Please wait.

Presentation is loading. Please wait.

Estonia – The Country With Identification Infrastructure Tarvi Martens SK.

Published byMaya Richardson Modified over 11 years ago

Similar presentations

Presentation on theme: "Estonia – The Country With Identification Infrastructure Tarvi Martens SK."— Presentation transcript:

1 Estonia – The Country With Identification Infrastructure Tarvi Martens SK

2 E-stonia ? Population: 1.35M Internet usage: 64% Internet banking: 88% Mobile penetration: >100% 1000+ Free Internet Access points PKI penetration: >80%

3 ID-card Project Started in 1997 Law on personal identification documents: Feb, 1999 Digital Signature Act: March, 2000 Government accepted plan for launching ID-card: May, 2000 First card issued: Jan 28, 2002 October 2006: 1 000 000 th card issued

4 The Card Compulsory for all residents Contains: Personal data file Certificate for authentication (along with e-mail address Forename.Surname@eesti.ee) Forename.Surname@eesti.ee Certificate for digital signature

5 Card issuance CMB Regional Offices ( 15 sites ) CA RA RA (bank office) Certification Centre Ltd Public Directory 6. PIN codes sent by courier 2. Request for Personalisation 5. ID Card with Private Keys and Certificates 7. Personalised ID Card with Certificates and PIN envelope handed over 4. Certificates... TRÜB Baltic AS 3. Request for Certificates Citizenship and Migration Board Ministry of Internal Affairs Afterservice 0. Application

6 ID-card as a ticket for public transportation e-Tickets Population Registry Mobile Internet Cash Person must possess and show an ID-card when buying or verifying a ticket Fixed-line

7 Authentication: e-Citizen portal log-in options Log-in with ID-card Log-in via web-bank

8 ID-card for secure e-mail The authentication certificate contains an e-mail address Surname.Lastname[.X]@eesti.ee All S/MIME mailers are usable The eesti.ee server runs a forwarding service Usable for secure C2C, B2C and G2C communication

9 Digital Signature - concepts Public sector is obliged to accept digitally signed documents Digital signature is universal Open user group Any relation – government, business, private Focus on document concept Equivalent to what we are doing on paper Innumerable quantity of applications

10 Uniform platform - DigiDoc Full-scale architecture for digital signatures and documents Document format Program libraries (C, Java, COM) End-user client – DigiDoc Client End-user portal – DigiDoc Portal Webservice Based on international technical standards ETSI TS 101 903 – XML Advanced Electronic Signatures aka XAdES Includes real-time validity confirmation of a certificate (OCSP) Long-term validity of a documents is ensured

11 DigiDoc architecture DigiDoc-library (Win32/Unix/C/Java) CSP PKCS#11 OCSP XML ID card Win32 Client DigiDoc portal Application COM-libraryWebService Application

12 DigiDoc for end-user DigiDoc Client Windows application 5 languages Lets users sign, verify signatures etc ID Card not needed for document verification Available at www.id.eewww.id.ee DigiDoc portal https://digidoc.sk.ee Signing, verification, co-signing by multiple persons

13 Internet voting Happened first in October 2005 First pan-national binding occasion (municipal government elections) Parliament elections is 2007 ID-card as an enabling tool Normal behaviour vs. Rocket Science

14 I-voting: Main Principles All major principles of paper-voting are followed I-voting is allowed during period before Voting Day The user uses ID-card System authenticates the user Voter confirms his choice with digital signature Repeated e-voting is allowed Only last e-ballot is counted Manual re-voting is allowed If vote is casted in paper during absentee voting days, e-vote(s) will be revoked

15 I-voting: The Envelope Scheme Encrypted vote Digital signature E-voters E-votesResults Private key Public key

16 Morale (1) PKI stands for Public Key Infrastructure There are no services nor applications before The Infrastructure is built Roads generate no benefit, transportation does People do not buy cars unless there are roads Infrastructure first

17 Flip side of the coin 1,000,000 ID-cards 55,000 electronic users (2006)

18 Why wont they go e? Habits Strong tradition of banks-provided authentication service Barriers Need for smart-card reader and software No awareness promotion ID-cards are perceived as merely physical documents Unawareness about security benefits

19 Who is driving ? Tax Declarations Public sector service Once in a yearOnce in a week Online banking Private sector service

20 Computer Security 2009 Co-operation program between private and public sector Aims for safe information society in general Special target: ten-fold increase of eID users (400,000 by the end of 2009)

21 Measures for CS09 Availability Alternative PKI-based tokens/methods Redundant service network Wide support and usability Support for alternative platforms (Mac,Linux,..) Awareness and training Pressure by banks Termination of authentication service to 3rd parties Reduction of transaction limits with passwords

22 Reader distribution - card reader - https://installer.id.eehttps://installer.id.ee - Price ca 6 EUR Available at retail stores Sold by banks Giveaways in campaigns

23 Installer.id.ee

24 ID card software Complete rewrite underway Multi-platform Card drivers (CSP/PKCS#11) Card maintenance tool Digital signing Libraries Webservice Desktop client Extpected to launch by the end of 2009 by LGPL terms.

25 Alternative eID - MobileID PKI-capable SIM cards Requires replacement of SIM Instantly ready to use No specific software required Equal legal power and security with ID-card Launched: May 2007 Available from the major GSM operator (EMT – 40%)

26 id.ee

27 CS2009: So far so good...

28 Morale (2) Roads are ready Now we have to teach people about the wonders of transportation Car manufaturing (services) Driving schools (promotion & awareness)

29 Additional Information ID-card issuancewww.pass.eewww.pass.ee PKI & CAwww.sk.eewww.sk.ee ID-card practiceswww.id.eewww.id.ee Digital signature softwarewww.openxades.orgwww.openxades.org Contact point: tarvi@sk.ee

30 Estonian eID – policy aspects and some lessons learned Arvo Ott, PhD, arvo.ott@ega.ee e-Governance Academy www.ega.ee 2009

31 Policy aspects ID cards – simple plastic cards or smart card type? How to explain it to press and people? hen and egg – many eID-s and no services or contrary? Road building is the responsibility of government – what about eID and PKI? Politicians expect fast results – what is the reality?

32 Lessons learned? Yes, infrastructure for all – public sector, private businesses, citizens Keep the tools for eID simple. No need to plan in first stage complicated mechanisms for biometrics, fancy identification mechanisms etc. Technology neutral – use well known technologies and algorithms. This is not something you should invent by yourself. Data protection risk is in most cases in the side of end users – do not record to ID cards information which is not needed for identification of users. Be prepared for honeymoon period of implementation of eID

33 Thank you for your attention! Arvo Ott, PhD eGovernance Academy arvo.ott@ega.ee www.ega.ee

Download ppt "Estonia – The Country With Identification Infrastructure Tarvi Martens SK."

Similar presentations

Universal Electronic Signatures Tarvi Martens ESTONIA.

Universal Electronic Signatures Tarvi Martens ESTONIA.
OpenXAdES & DigiDoc Tarvi Martens Estonia.

OpenXAdES & DigiDoc Tarvi Martens Estonia.
Taxpayers registration and e-services provided by the Estonian Tax and Customs Board Karin Aleksandrov Chief Expert Service Management Department.

Taxpayers registration and e-services provided by the Estonian Tax and Customs Board Karin Aleksandrov Chief Expert Service Management Department.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Estonian ICT Reducing administrative burden Indrek Vimberg.

Estonian ICT Reducing administrative burden Indrek Vimberg.
Residents’ register service under the Ministry of the Interior

Residents’ register service under the Ministry of the Interior
European Electronic Identity Practices Country Update of Finland Speaker: Päivi Pösö Date: 26.5.2005.

European Electronic Identity Practices Country Update of Finland Speaker: Päivi Pösö Date:
E-services in Estonia Nele Leosk e-Governance Academy Program Director Chisinau, Moldova 12.03.2009.

E-services in Estonia Nele Leosk e-Governance Academy Program Director Chisinau, Moldova
Launching Egyptian Root CA and Inaugurating E-Signature Dr. Sherif Hazem Nour El-Din Information Security Systems Consultant Root CA Manager, ITIDA.

Launching Egyptian Root CA and Inaugurating E-Signature Dr. Sherif Hazem Nour El-Din Information Security Systems Consultant Root CA Manager, ITIDA.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Practical Digital Signature Issues. Paving the way and new opportunities. www.oasis-open.org Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.

Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.
Digital Stamps of Companies Tarvi Martens SK, Estonia.

Digital Stamps of Companies Tarvi Martens SK, Estonia.
Research, Development, and Evaluation Commission Department of Information Management Research, Development, and Evaluation Commission The Executive Yuan,

Research, Development, and Evaluation Commission Department of Information Management Research, Development, and Evaluation Commission The Executive Yuan,
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Internet Voting in Estonia Tarvi Martens Project Manager National Electoral Committee.

Internet Voting in Estonia Tarvi Martens Project Manager National Electoral Committee.
The Italian Academic Community’s Electronic Voting System Pierluigi Bonetti Lisbon, May 2000.

The Italian Academic Community’s Electronic Voting System Pierluigi Bonetti Lisbon, May 2000.
ETen E-Poll ID – Strasbourg COE meeting 23-24 November, 2006 Slide 1 E-TEN 29332 E-POLL Project Electronic Polling System for Remote Operation Strasbourg.

ETen E-Poll ID – Strasbourg COE meeting November, 2006 Slide 1 E-TEN E-POLL Project Electronic Polling System for Remote Operation Strasbourg.
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Mobile identity you really trust

Mobile identity you really trust

Similar presentations

Ads by Google