Pan European Proxy Service

och

Autentisering av identitet

Arvid Welin

2012-02-15

Erfarenhetsutbyte kring federativa identitetslösningar

CENTRAL

GOVERNMENT

ONLINE SERVICES

National online services today

with eID

LOCAL GOVERNMENT

ONLINE SERVICES

BUSINESS

ONLINE SERVICES

NON-PROFIT

ORGANISATION

ONLINE SERVICES

CITIZEN

All MS have their own eID

infrastructure

CITIZEN

CITIZEN

CITIZEN

CITIZEN

CITIZEN

Borders will open & National online

services will improve

CITIZEN

CITIZEN

CITIZEN CITIZEN

CITIZEN

Opportunities for public

and private sector

STORK

STORK - Data flow (logical)

spar

STORK – Making Governments to co-operate

Level 1: no or minimal confidence

in the asserted identity, or no

assurance at all.

Identity credentials are accepted with weak or without any

form of verification.

Level 2: medium confidence in the

asserted identity.

- Real world identities must be validated.

- Token issued by governmental bodies or with government

agreement/supervision, and delivered with accuracy

and security guarantees.

- Authentication protocols sufficiently robust.

Level 3: high impact, high damages

in case of an identity misuse.

- Registration processed with methods that unambiguously

identify the claimant (e.g., physical presence).

- ID-tokens are at least soft certificates

- The authentication protocols are those with the highest

robustness.

Level 4: addresses those services

where damage caused by an

identity misuse might have a heavy

impact.

-Registration processed with methods that unambiguously

identify the claimant (e.g., physical presence).

- Registration of facts has to be maintained.

-The ID tokens are hard certificates, qualified certificates or

equivalent

-The authentication protocol must be robust.

STORK QAA Levels

TEST TEST

TEST

PEPS

SE

PEPS

PT

PEPS

EC

Address

Declaration

DIGIT

ISA

Samverkans

grupp, MS

Teknik

partner

Address

Declaration

Feed back

PEPS

IS

PEPS

IT

CIRCABC

IMI, ETS

April 2012

April 2012 – Mars 2015

Hösten 2012

Andra konkurrensutsättning

EFTS

EU

Belgien

Bulgarien

Cypern

Danmark

Estland

Finland

Frankrike

Grekland

Irland

Italien

Lettland

Litauen

Luxemburg

Malta

Nederländerna

Polen

Portugal

Rumänien

Slovakien

Slovenien

Spanien

Storbritannien

Sverige

Tjeckien

Tyskland

Ungern

Österrike

Associerade

Island

Schweiz

Turkiet

Norge

…...

……

STORK 1 & 2

Pilot 1&4

FET – med i STORK 1 o/e 2

Blå - pilot med Sverige

Ny modul Ny modul

TEST TEST

TEST

PEPS

SE

PEPS

PT

PEPS

EC

Address

Declaration

LSP WP4

Utv o test DIGIT

ISA

Samverkans

grupp, MS

Academic

Utv o test

eHealth

Utv o test

eTjänst

Attribut Attribut

eTjänst

Ny modul

Teknik

partner

Address

Declaration

Feed back

PEPS

IS

PEPS

IT

CIRCABC

IMI, ETS

April 2012

Januari 2014

- Mars 2015

April 2012 – Mars 2015

Hösten/Fall 2012

Business registry

Utv o test

2.0

Banking

Utv o test

E-health

CeHIS

Inera AT, BE, IT, SI, SE, CH, TU, UK.

To mandate (patient’s access rights delegation to

i.e. other family members, lawyers or healthcare

legal entities representatives).

Academic

CZ, GR, IS, IT, LT, PT, SI, ES, SE, TU, UK.

SU DSV

Exchange of academic information dealing with the number

of attributes, the type and the content of the attributes.

Business

registry

eID for legal persons and mandates

eBanking Opening a bank account

Logging into e-banking

E-Invoicing (authorisation of payments of

electronic bills)

(fully automated online submission of request

using eID across borders;

Opening a bank account

Logging into e-banking (national eID accepted E-Invoicing (authorisation of payments of electronic bills

for cross-border log on from any pilot country;

E-Invoicing (authorisation of payments of

electronic bills using national eID;

no further authorization required;

eBanking

Aiming to achieve a single European electronic identification & authentication area

Company Dossier

Citizen ID

Cit

ize

n ID

Co

mp

any

ID

Privacy

Transport Infrastructure

STORK 1.0 results

STORK 2.0

Medborgar

e

eLeg

Förlitande

Juridisk

person

Behörighet

Befogenhet

Delegering

InternationelI

infrastruktur

eIDM för

Offentlig och

Privat sektor

SITH

Federation(er) för privata

sektorn

Federations-operatö

r

e-

tjä

nst

e-

lev

era

ntö

r

Federation för offentliga

sektorn

e-

tjän

ste-

lev

era

ntö

r

Nämnden i

rollen

so

Infrastruktur

Nämn

den i

rollen

som

Funktioner

Regler

SVERIGE

Pilot: eUtbildning,

Akademiska meriter

SU Data och

Systemvetenskap

Pilot:

eHealth

Inera

CeHis på SKL

Bolagsverket, Skatteverket, Tillväxtverket

Pan European Proxy Service

och

Autentisering av identitet

Arvid Welin

2012-02-10