EGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) OBSERVATORY ON INTEROPERABLE eGOVERNMENT SERVICES eGov-Interop'05 Annual Conference 23 -24 February.

  • Published on
    27-Dec-2015

  • View
    213

  • Download
    1

Embed Size (px)

Transcript

<ul><li> Slide 1 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) OBSERVATORY ON INTEROPERABLE eGOVERNMENT SERVICES eGov-Interop'05 Annual Conference 23 -24 February 2005 Geneva (Switzerland) Hungarian Electronic Public Administration Interoperability Framework (MEKIK) Technical Standards Catalogue Csaba Krasznay Budapest University of Technology and Economics Centre of Information Technology Hungary </li> <li> Slide 2 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 2 Contents Preliminary research Initial statements Realization of methodology Security framework </li> <li> Slide 3 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 3 Background EU expectations for one-window administration Hungarian Ministry of Informatics and Communications realized the lack of interoperability The project Hungarian Electronic Public Administration Interoperability Framework (MEKIK) began </li> <li> Slide 4 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 4 Aims The scope of project was: Declaration of the necessary standards Definition of work-flows Experts should bear in mind the EU funded Interchange of Data between Administrations (IDA) project, focusing on: Accessibility Multilingualism Security Protection of private data Subsidiarity Usage of open standards Usage of open source code application </li> <li> Slide 5 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 5 Initial statements During the preparatory work, the project team examined the solutions, standards and best practices of the United Kingdom, Sweden, Germany, France, Denmark, Australia and the EU This work resulted some technical suggestions: The interoperability framework shall be based on XML (SOAP protocol, XML Signature, XML Encryption, XSD Schemas) Security features are based on Public Key Infrastructure Future technologies, such as WSDL and UDDI are mentioned A portal for standard catalogue and middleware is a must </li> <li> Slide 6 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 6 Sources of the catalogue Second step for developing the standard catalogue is to sort the technical standards Experts took into consideration the German and British examples, SAGA and e-GIF Two main categories were made: Data structures, message structure standards, that can be different in each countries, All other (mainly open and accessible) international technical standards Developers of systems for public administration shall design their product by using these standards </li> <li> Slide 7 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 7 Metadata Experts should make a choice about the form of the standard catalogue: One document with the whole standard catalogue (British model)? Browsable and searchable portal (Danish model)? The final decision was to make both of them Documents in the portal shall be classified with metadata Best metadata structure for that purpose is Management Information Resources for eGovernment (MIReG) which based on Dublin Core </li> <li> Slide 8 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 8 Middleware The middleware must be able to communicate and process messages based on the standards listed in the catalogue It has the following functions: Identification Authentication Authorization Managing message transfer Making entries in the logfile Converting data Managing security services </li> <li> Slide 9 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 9 Security in public administration Security is emphatic part of the interoperability project which was controlled by the Ministry of Informatics and Communications, the Prime Ministers Office and the Ministry of Interior Main topics were: Security framework CA requirements Application requirements System requirements Access control management Smart card specification Mobile phone authentication </li> <li> Slide 10 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 10 Security framework Defines the levels and categories of security aspects in A2A, A2B and A2C communication Experts established 5 functional and 1 assurance requirements: Registration Authentication Integrity Confidentiality Non-repudiation Conformance </li> <li> Slide 11 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 11 Electronic signatures in public administration 3 + 1 electronic signature security levels were also laid down: level 0: no expectation (there is no need to use electronic signature), level 1: low expectations (advanced electronic signature is needed with software token), level 2: average expectations (advanced electronic signature is needed with hardware token), level 3: high expectations (qualified electronic signature is needed with secure signature-creation device). </li> <li> Slide 12 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 12 Certificate Authority requirements CAs have distinguished role in the security framework 6 types of different CAs are necessary to serve electronic public administration: issuing secure signature-creation device with qualified certificate, issuing secure signature-creation device with authentication certificate for citizens, secure signature-creation device with authentication and encryption certificate for civil servants, issuing hardware token with signature and encryption certificate, issuing software token with signature and encryption certificate, time-stamping service provider. Key recovery rules were also created for public servants encrypting keys </li> <li> Slide 13 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 13 Smart card specification Hungarian eID card is called HUNEID It is a public key enabled smart card Based on CEN CWA 14890 Environment of these cards is also defined This is the basis of all A2B and A2C services Sample application exists </li> <li> Slide 14 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 14 Legal aspects This technical framework can be successful if it is demanded for all e-governmental development Legislation work is needed to establish the legal environment for the framework Experiences of the United Kingdom and Austria were assimilated Still under development The Hungarian Government will accept the legal background of the framework in April </li> <li> Slide 15 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 15 PPP Real interoperability is just a dream without the private sector The Hungarian Electronic Signature Association has a standardization work to comply the frameworks specifications All Hungarian certificate authorities and software developers participate in this work We hope that we can make real interoperability with this work in the field of certificate profiles and XML signatures </li> <li> Slide 16 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 16 SWOT Strengths Complex framework based on international experiences All parts were created by the best experts in Hungary Weaknesses Most fields are not yet widely used, the technical implementations are missing Its still not complete Opportunities Interoperability between governmental services Guide for private implementations Threats Lack of funds Low level of awareness </li> <li> Slide 17 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 17 References [1]Hungarian documents of MEKIK project are accessible at the following URL: http://www.itktb.hu/engine.aspx?page=elka_oldal [2]Common list of basic public services http://europa.eu.int/information_society/eeurope/2002/action_pla n/pdf/basicpublicservices.pdf </li> <li> Slide 18 </li> <li> eGov Interop'05 - Feb 23-24, 2005 - Geneva (Switzerland) Csaba Krasznay 18 Questions? Thank you for your attention! </li> </ul>