eid/authentication/digital signatures in Denmark



Similar documents
Introduction to NemID and the NemID Service Provider Package

Terms and conditions of business for a NemID administrator of commercial NemID

D.I.M. allows different authentication procedures, from simple confirmation to electronic ID.

eauthentication in Estonia and beyond Tarvi Martens SK

Global eid Developments. Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa

You can also find the conditions at

esign Online Digital Signature Service

End-User Manual. for. e-pramaan: A National e-authentication Service. Submitted to

Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration

OECD workshop on digital identity management BELGIAN approach

A Conceptual Model of Practitioner Authentication Prior to Providing Telemedicine Services in Developing Countries

Open Source Software and the Public Sector

ONE SINGLE ADDRESS FOR ALL YOUR ONLINE PROCEDURES. as part of your professional activity. Business Portal

Secure and simple authentication via mobile phone

COMMISSION OF THE EUROPEAN COMMUNITIES

French Justice Portal. Authentication methods and technologies. Page n 1

How much do you pay for your PKI solution?

Mobile OTPK Technology for Online Digital Signatures. Dec 15, 2015

secure user IDs and business processes Identity and Access Management solutions Your business technologists. Powering progress

Identity and Access Management

LEGAL FRAMEWORK FOR E-SIGNATURE IN LITHUANIA AND ENVISAGED CHANGES OF THE NEW EU REGULATION

One-Time Password Contingency Access Process

European Electronic Identity Practices

Certificate Policy for OCES Employee Certificates (Public Certificates for Electronic Services) Version 5

ISA Work Programme SECTION I

Processo civile telematico «on line civil trial»

Revised edition. OIO Web SSO Profile V2.0.8 (also known as OIOSAML 2.0.8) Includes errata and minor clarifications

CONCEPT. International Comparison eid Means

Feasibility Study for a EU Pension Fund for Researchers. European Commission Research Directorate-General

Modinis Study on Identity Management in egovernment

A KIND OF IMPLEMENT ABOUT MOBILE SIGNATURE SERVICE BASED ON MOBILE TELEPHONE TERMINAL

Identity, Credential, and Access Management. Open Solutions for Open Government

Sign-On projektet. HL7-CCOW Context Management: A National Sign-on Profile

Securing Identities & Trust

KNPC esourcing Portal. Getting Started - Registration & Authentication. KNPC esourcing Registration & Authentication

OIO Web SSO Profile V2.0.5

esign FAQ 1. What is the online esign Electronic Signature Service? 2. Where the esign Online Electronic Signature Service can be used?

Using big data in product design. Executive Director Jesper N. Pedersen

EDI legal aspects in Estonia

Articles of Association of Bang & Olufsen a/s CVR no

The Government Gateway UK Best Practice on Infrastructure and Identity Management. Chris Haynes Director of the EDT Cabinet Office UK Government

esignature building block Introduction to the Connecting Europe Facility DIGIT Directorate-General for Informatics

KEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS

Working and living in Denmark A brief introduction to tax, social security and immigration. Tax 2015

Hungarian Electronic Public Administration Interoperability Framework (MEKIK) Technical Standards Catalogue

Corporate Governance in the ATP Group

Offer to the shareholders for the buy-back of Class B shares

MULTI-FACTOR AUTHENTICATION SET-UP

Encryption-based 2FA for Server-side Qualified Signature Creation

Congratulations on starting a business in Denmark

Questions/Answers about NemID, mandatory digital self-service and Digital Post. NemID FAKTAARK HJÆLP TIL KOMMUNIKATIONEN MED BORGEREN

VASCO: Compliant Digital Identity Protection for Healthcare

Government of India Ministry of Communications & Information Technology Department of Electronics & Information Technology (DeitY)

Serge Novaretti IDABC DIGIT European Commission

Revised edition. OIO Web SSO Profile V2.0.9 (also known as OIOSAML 2.0.9) Includes errata and minor clarifications

The value of Danish address data:

ACH fraud: The problem Why ACH? Why now? Security evolution How to protect ACH. Combating the Newest Attack Method ACH Fraud Webinar agenda

CoSign by ARX for PIV Cards

COMESA Guidelines on Free and Open Source Software (FOSS)

e. House Tax / Urban Development Tax (Paid) Receipt.

How To Use Pki On A Pc (For A Non-Profit)

Digital signature and e-government: legal framework and opportunities. Raúl Rubio Baker & McKenzie

Strong Authentication for Secure VPN Access

End-to-end security with advanced biometrics technology

End-to-end security with advanced biometrics technology

Overview of the national laws on electronic health records in the EU Member States National Report for Lithuania

Standard Summary Project Fiche IPA centralised programmes

Transcription:

eid/authentication/digital signatures in Denmark 8. July 2008 Nikolas Triantafyllidis / Charlotte Jacoby Special Advisors Centre for Digital Signatures National IT- and Telecom Agency

Authentication and eid Services Def.: Authentication (including eid) constitutes the process of verifying a person s identity to be authentic. In e-government authentication is an essential mechanism ensuring that a user is the person he claims to be. No national eid in Denmark under the notion of a national identification card Instead a national digital signature infrastructure based on PKI National digital signature standard called OCES (Public Certificates for Electronic Services) Based on the national central personal register (CPR) Based on the national central company register (CVR)

Background History: EU Electronic Signatures Directives December 13, 1999 Act on Electronic Signatures October 1, 2000 Public tender on security solutions May 2001 Barriers for the usage of Electronic Signatures Lack of Standardisation Demand for Personal Presence for Identification Expensive and Difficult Accessible Hardware Solutions Lack of Electronic Services using Electronic Signatures Lack of a Feasible Business Case and Business Models

Goal and foundation of the OCES project OCES: Public Certificates to Electronic Services Goal: Establishing a general open, scalable and transparent security infrastructure based on PKI, controlled by the state and operated by private Certificate authorities (CA) Foundation: Defining a state-owned Certificate Policies (CP) and an open architecture based on international standards called OCES CP EU-Tender with a public private partnership in mind Establishing a non-discrimination approval process for potential OCES CA Broad dialogue with relevant partners

Security Level: OCES I (2003-2009) Software based digital signature (with mandatory password usage) Issued without the demand of personal presence for identification CA responsibility: Extended responsibility towards citizens Private businesses may rely on separate agreements Authorisation and controlling as in the Danish Act on Electronic Signatures Issued as: Personal certificates PID (a unique number related to civil registration number) Employee certificates RID/CVR (Employee number/central company number) Business certificates CVR (Central company number) Function certificates CVR/deviceID Other relevant information: EU-tender (Total funding: 6,7 million) Contract with TDC February 6, 2003 The contract between the Ministry and TDC will be in force 2003 2007 with an option for one more year Business model: The receiving partner is paying a flat rate: 0.5 1.0 per certificate per year free of charge for citizens Corporate agreement covering receiving certificates for all public institutions in central government, counties and municipalities

OCES II (2009 2014) Centrally stored private keys (mobility) Real 2-factor security solution (enhanced security) Username + personal password OTP (One-time password) card Fully independent of PC (user-friendliness) Acquisition of smartcard/etoken/mobile phone possible Joint infrastructure with the Danish banks Consistent user experience regardless where the signature is used The public sectors share in the infrastructure: 27,3 million over 5 years (1/3 state institutions, 1/3 municipalities, 1/3 regions) Free of charge for citizens

Number of digital signatures issued (8. July 2008) Personal signatures: 1.004.612 Employee signatures: 172.772 Business signatures: 5.484 Function signatures: 115 Total: 1.182.983

Examples of electronic services using digital signatures Sundhed.dk the public sector s health portal The National Tax Authority The State Education Fund The City of Copenhagen Borger.dk A portal for citizen used by all local authorities TDC On-line online telecom resource (potential 700,000 users) danmark the private Danish health insurance company (1.7 million customers) Virk.dk the common public sector portal for companies (potential 250.000 companies) ATP - the Danish supplementary labour market pension fund (1.9 million customers) The Ministry of Education: Central Education Admission Portal (60,000 people per year) Many more

Key success factors in the implementation of the project Establishing a standard (CP etc.) Easy rollout and usability Balancing security and cost Public/private partnership The business model The public sector as a driver

Lessons Learned It takes time to establish an open infrastructure in large scale for digital signatures and to get people to use it The electronic services are the driver for the rollout of digital signatures Marketing complexity And focus on how to get citizens and companies to use them What is the benefit for the users? PIN-code solutions are still in use and they work Important to get the private sector involved

Challenges on in international perspective Crossborder issues Trust issues Interoperability issues (certificate semantics, national ID s) Different security levels Many different EU-projects with different goalsand focusareas

References and links www.digitalsignatur.dk (only in Danish) www.oces.dk (certificate policies also in English) www.itst.dk (official site for National IT and Telecom Agency)

Charlotte Jacoby (cj@itst.dk) Nikolas Triantafyllidis (nt@itst.dk)

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information