stork is an eu co-funded project infso-ict-psp-224993 stork presentation stork egov symposium bern...
TRANSCRIPT
Stork is an EU co-funded project INFSO-ICT-PSP-224993 www.brz.gv.at
STORK PRESENTATION
STORK eGov Symposium Bern09.Nov.2010
Dipl.-Ing. (FH) Klaus J. John
www.brz.gv.at
STORK
To simplify administrative formalities by providing secure online access to public services across EU borders.
To develop and test common specifications for secure and mutual recognition of national electronic identity (eID) between participating countries.
www.brz.gv.at
STORK – Member State involvement
Member States/EEA - STORK
Member States Ref Group
Candidate Countries
www.brz.gv.at
Project Structure
Project Management (ATOS)
Communication and Sustainability (Gov2U)
eID inventory, trust &
application groups
(NL MOI)
eID and upcoming
technologies (AT TUG)
DEFINITION AND ANALYSIS
DESIGN OF INTEROPERABLE FLOWS & ARCHITECTURES
Common specifications
and Stork's eID models
(FEDICT BE; MAP ES)
eID process flows
(UK IPS)
CONSTRUCTION AND IMPLEMENTATION
TESTING &EVALUATION
Pilots
TIME
www.brz.gv.at
Pilots
Pilot 1 – border free authentication√ interoperability of citizen cards between countries in Europe
Pilot 2 – Safer Chat√ secure chat portal√ secure means all user are identified to protect children
Pilot 3 – eID Student Mobility Pilot 4 – eID eDelivery Pilot 5 – Change of Address
www.brz.gv.at
STORK Pilot 1 – cross border authentication
finished√ deviation√ milestone plan√ pilots test plan
functional specification√ member states use cases√ QAA level√ finalised attributes
Use Case Specification
Member State AT
Number AT UC001
Name Authenticated access with Austrian Citizen Card (ACC) at a STORK service in another member state.
Brief description Any holder of an ACC is able to access a STORK service in another member state using his ACC. It does not matter, whether the STORK service is implemented using the PEPS or the middleware architecture.
Identity Provider Credentials
Identification is performed using the Austrian Citizen Card. After the authentication procedure the identity information is provided in form of an SAML-assertion (assertion is electronically signed by the issuing public administration).
Assured Trust Level of the Credential (Registration of the Identity and Credential Authentication)
1: identity-information is taken from governmental base registers and approved by public administration; authentication is performed based on qualified signatures
integration of interoperability
interoperability tests running
www.brz.gv.at
Authentication
Vornamen
Nachname
Gebutsdatum
SP WareAT
PEPS citizen card login into (My)Help-Portal
Source Pin
Register Gateway
Single Sign On
Vornamen
Nachname
Gebutsdatum
Vornamen
Nachname
Gebutsdatum
checkedV-IDP
Vornamen
Nachname
Gebutsdatum
bPK
eSave eDelivery
Additional Register of Natural
Persons (ERnP)Vornamen
Nachname
Gebutsdatum
checkedPEPS
im EU Ausland
Vornamen
Nachname
Gebutsdatum
checkedVornamen
Nachname
Gebutsdatum
PEPSConnector
www.brz.gv.at
Authentication
PEPSConnector
Middle Ware citizen card login into (My)Help-Portal
Source Pin
Register Gateway
Single Sign On
eSave eDelivery
SP WareAT
Vornamen
Nachname
Gebutsdatum
Vornamen
Nachname
Gebutsdatum
Vornamen
Nachname
Gebutsdatum
checked
Vornamen
Nachname
Gebutsdatum
checked
Middle WareeID-Service (DE)
Vornamen
Nachname
Gebutsdatum
V-IDP
Vornamen
Nachname
Gebutsdatum
Vornamen
checked
Gebutsdatum
checkedVornamen
Nachname
Gebutsdatum
SP WareDE
Vornamen
Nachname
Gebutsdatum
bPK
Additional Register of Natural
Persons (ERnP)
www.brz.gv.at
Authentication
Austrian citizen card login into (My)Help-Portal
PEPSConnector
Source Pin
Register Gateway
Single Sign On
Vornamen
Nachname
Gebutsdatum
Vornamen
Nachname
Gebutsdatum
checkedV-IDP
Vornamen
Nachname
Gebutsdatum
bPK
SP WareAT
eSave eDelivery
Register of Natural Persons
(ZMR)
Vornamen
Nachname
Gebutsdatum
MOA-ID
STORK
MOA-ID-STORK
www.brz.gv.at
What can happend if you go life
certificate error in production system – when tests were executed in the test system every thing was fine
certificates did not have a service function or administrational indicator, this had to be added
wave of influenza, developer and their substitute have shortly become ill (substitute and their substitute ...)
shift of the go life appointment into production system now we do only portal login tests with foreign citizen cards instead of portal
test as planed into (My)Help focus has moved never expected an execution time of up to 2 days per test case with a
member state - (distance) distributed development extended execution time for tests
www.brz.gv.at
STORK – getting involved
has been set up as an open forum where industry stakeholders can remain informed of developments throughout the project and feed back their comments to the Consortium
includes large, medium and small companies and associations in the ICT sector that manufacture, supply and consult on infrastructure and end user related products for electronic ID
www.brz.gv.at
STORK – getting involved
All public administrations of all European (EU member, associated and candidate) States are welcome to join.
Allows governments and institutions from the EU to remain fully informed of developments throughout the duration of the project and to feedback their comments to the Consortium