1. chief information office Arno.Hollosi@cio.gv.at austria‘s citizen card conference on interoperable european electronic id 3.-5. april 2002, porvoo, finland

2. chief information office content citizen card motivation concept identification motivation privacy concerns concept status

3. chief information office citzen card: motivation Effective e-government has to address: internal communication external communication (incoming and outgoing) media transitions e-Government needs: identification transaction authenticity confidentiality

4. chief information office citizen card: motivation (2) Ancillary conditions: Infrastructure is expensive, therefore extendability and modularity a must technology independence a must Signature laws/by-laws are very strict applications should be easy to develop and should be ignorant of signature law strict segregation of certification service provider and application developer a must

5. chief information office citizen card: concept Define function profile Do not define concrete technical or physical characteristics Capsule relevant modules into the secure signature creation device Access functions through high-level, open interface only

6. chief information office citizen card: security capsule work station (pc) application security layer security capsule card interface Trusted Viewer CPS components

7. chief information office citizen card: security layer XML over TCP/IP simple request/response protocol high level Functions signing documents verifying signed documents storing/retrieving data utility functions Different transport protocol bindings TCP, TLS, HTTP, HTTPS

8. chief information office identification: motivation Need to accurately identify a person Certificate data (usually only person name) is not enough Use high-quality, life-constant number to identify a person Privacy?

9. chief information office identification: privacy concerns Bad connotation of „Big Brother“ Id-number allows easy matching of unrelated databases (e.g. health care with income tax) Fear of losing privacy Controversial, emotional, and political issue there is no technical solution as such

10. chief information office identification: context dependant id Use id-number as base key for context dependant id-numbers (cd-ids) Advantages: different numbers for different areas doesn‘t allow correlating databases still only one number to maintain/verify

11. chief information office identification: cd-id (2) base id number context dependant id one way function (e.g. hash) e.g. health care e.g. driver license no conversion possible context dependant id no back-conversion possible

12. chief information office status Security layer defined (prototype available) (currently, specification available only in German) Coming cards e-card (social security card) roll-out by end of 2002 8 million cards / 100% coverage uses elliptic curves identity card roll-out by 3q 2002 about 70000 cards/year student cards, bank cards,.... prototypes by end of 2002 first roll-outs expected by end of 2003

13. chief information office summary Define function rather than form Separate key players relieve burden of application developers Use open, high level interfaces Take privacy concerns into account unrelated data should remain unrelated

14. chief information office end Arno Hollosi Operative Unit Chief Information Office Austria Arno.Hollosi@cio.gv.at