An Electronic Signature Service Infrastructure for the European Commission

Similar documents
CEF Building blocks. Informatics. Joao Rodrigues Frade DIGIT.B4. CEF Project and Architecture Office Directorate-General for Informatics

COMMISSION OF THE EUROPEAN COMMUNITIES

STANDARDISIERUNG FÜR EIDAS IM MANDATE/460

ETSI SECURITY WEEK EIDAS Overview CEN/ETSI esignature Standardization including standards for TSP Compliance. ETSI All rights reserved

NIST-Workshop 10 & 11 April 2013

DS : Trust eservices. The policy context: eidas Regulation

Commission s proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market

LEGAL FRAMEWORK FOR E-SIGNATURE IN LITHUANIA AND ENVISAGED CHANGES OF THE NEW EU REGULATION

an EU perspective Interoperability Solutions for European Public Administrations

Standardisation Efforts in Electronic Invoicing

Electronic signature and compliance assurance: what s new?

ETSI TR V0.0.3 ( )

Electronic public procurement in the EU

esignature building block Introduction to the Connecting Europe Facility DIGIT Directorate-General for Informatics

View from a European Trust Service Provider Server Signing: Return of experience and certification strategy

UNCITRAL United Nations Commission on International Trade Law Introduction to the law of electronic signatures

ROADMAP. A Pan-European framework for electronic identification, authentication and signature

Dr. Vangelis OUZOUNIS Senior Expert Security Policies ENISA.

The new 2015 EU VAT rules on the place of supply - the overview

Qualified Time Stamping and eregistered Delivery Services Overall considerations

Public Procurement of Innovation

eidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke

A. Document repository services for EU policy support

Submitted to the EC on 03/06/2012. COMPETITIVENESS AND INNOVATION FRAMEWORK PROGRAMME ICT Policy Support Programme (ICT PSP) e-codex

Implementation of eidas through Member States Supervisory Bodies

This is a training module for Maximo Asset Management V7.1. In this module, you learn to use the E-Signature user authentication feature.

E-Signatures and E-Procurement

Widespread Deployment of Telemedicine Services in Europe

The EU digital libraries initiative: Europeana (and more)

ehealth in support of safety, quality and continuity of care within and across borders

SSLPost Electronic Document Signing

ELECTRONIC PRESENTATION AND E-SIGNATURE FOR ELECTRONIC FORMS, DOCUMENTS AND BUSINESS RECORDS ALPHATRUST PRONTO ENTERPRISE PLATFORM

Security framework. Guidelines for trust services providers Part 1. Version 1.0 December 2013

H2020 Grant preparation and signature

Study on Mutual Recognition of esignatures: update of Country Profiles Analysis & assessment report

DISCUSSION PAPER ON SEMANTIC AND TECHNICAL INTEROPERABILITY. Proposed by the ehealth Governance Initiative Date: October 22 nd, 2012

Rules for the Public Administration

ETSI TC ESI PRESENTATION TO CAB FORUM. ETSI All rights reserved

COMMITTEE ON STANDARDS AND TECHNICAL REGULATIONS (98/34 COMMITTEE)

FOR A PAPERLESS FUTURE. Petr DOLEJŠÍ Senior Solution Consultant SEFIRA Czech Republic

European Commission DIRECTORATE GENERAL. European Commission, B-1049 Brussels Belgium, Telephone: (32-2)

Automation for Electronic Forms, Documents and Business Records (NA)

The Open PEPPOL e-id & e-signature

Best prac*ces in Cer*fying and Signing PDFs

A7-0365/133

ISA Work Programme SECTION I

Securing Identities & Trust

Ergon Workflow Tool White Paper

EUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL

Implementation: Single European Market for eidentity

Sofware Engineering, Services and Cloud Computing

European Commission s Document Management (Policy, IT, Security & Privacy) by Natalia Aristimuño-Pérez EC.DIGIT.B1

A. Trusted Exchange Platform (e-trustexchange)

National Authority for Electronic Certification. Electronic Signature in Albania by Eris Asllani- Head of Department

Position Paper Ecommerce Europe. E-Payments 2012

CONNECTing to the Future


Digital Signature Verification using Historic Data

The problem of cloud data governance

European Commission initiatives on e- and mhealth

European Commission Agenda for Quality and Innovation in Public Administration

OASIS Standard Digital Signature Services (DSS) Assures Authenticity of Data for Web Services

Khalil ROUHANA Director. Directorate-General for Information Society European Commission

EUROPEAN COMMISSION SERVICE SPECIFIC PRIVACY STATEMENT (SSPS) 1. Online services on the Participant Portal

European Cloud. Computing Strategy. State of play: Ken Ducatel DG CONNECT

COMMISSION RECOMMENDATION. of

Digital Signature: Efficient, Cut Cost and Manage Risk. Formula for Strong Digital Security

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 114 thereof,

ENISA and Cloud Security

EUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL. Space, Security and GMES Security Research and Development

Explanatory notes VAT invoicing rules

VAT and Taxation of the Digital Economy. David O'Sullivan DG TAXUD

Electronic Signatures in Norway Supervision and Legal Aspects

Directorate-General for Informatics (DIGIT) Annual Activity Report 2010

Summary Project Fiche

COMMISSION IMPLEMENTING DECISION. of

ENISA and Cloud Security

ERC/DEC/(96)01 EUROPEAN RADIOCOMMUNICATIONS COMMITTEE

Research Infrastructures in Horizon 2020

Validation of legal entities

16094/14 MM/mj 1 DG E - 1C

Transcription:

An Electronic Signature Service Infrastructure for the European Commission ETSI, 3 December 2013 Philippe Schneider European Commission, DG Informatics I.T.

Contents t What is ESSI ESSI offering and orientation Generic services ESSI front-end web application Current applications Challenges 2

What is ESSI? In some aspects, the European Commission is an administration for some 29th member state in EU Regarding esignature, the European Commission must eat its own dogfood Decision 2004/563/EC on electronic and digitised documents and its implementing rules SEC(2009)1643 provide the legal basis for electronic signatures at EC DIGIT.A (Corporate Infrastructure IT Solutions & Services) was put in charge of setting up an Electronic Signature Service Infrastructure to facilitate the integration of electronic signature in the Information Systems of the European Commission. 3

ESSI orientations ti Wherever a choice is possible, favor - standard vs. ad-hoc signature formats - open-source software components - corporate (generic) vs. ad-hoc solutions Keep up with EU legal context and state of the art. 4

COMMON TRUST SCHEME External signatory EC as relying party EC as signatory External Relying party 5

Could the same esignature work with all parties? in all (EU) countries? and in all sectors of activity? 6

Comparing signature contexts t For member state administrationsations Public initiatives usually lead the deployment of nationwide trust schemes But (cross-border) interoperability was not a primary concern For EC Deployment of similar (ad-hoc) trust scheme not conceivable Leveraging of MS-level trust schemes conditioned by their interoperability 7

Support for interoperable esignatures (formats and trust schemes) isconsidered essentialat at ESSI for the rationalisation of EC's own processes 8

ESSI offering to EC system owners: from common signature software to corporate signature services 9

Components of the ESSI service Geared to support AdES formats for the most demanding business processes expert consultancy Redundant HSMs central signature creation services E S S I central validation & extension services EU TSLs ETSI policies Preconfigured for baseline profiles client-side toolkit trusted timestamping services Redundant providers 10

4 generic e services for esignatures es @ EC: Physical person outgoing signatures => create QES Legal person outgoing signatures => create AdES QC Physical person internal signatures => create AdES EC Received signatures => validate QES, AdES QC or AdES EC 11

ESSI generic signature policy Sets out the responsibility of the various actors in each type of generic signature flow To avoid the proliferation of variants in trust models and formats, esignature projects are asked to examine early the adoption or adaptation of existing generic services. To help business process owners figure out key features of these services and AdES formats, a web application front-end with tutorial features is offered. 12

Some ESSI applications Qualified outgoing signatures MARKT - List of trusted lists SG Day Note OP - Official Journal OLAF ecase-handling EC signing as a legal person (AdES/QC) MARKT - IMI (Professional certificate) DIGIT - eprior-preaward ARES ERIS seals Validation of received signatures OP - Official Journal DIGIT eprior-preaward TAXUD UUM&DS DIGIT esig 16

Challenges A business owner is required signature policy board is required A corporate certificate management system is required The generic esignature challenge is more organisational and legal than technical 17

Thank you! 18

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information