Designing and Implementing Secure ID Management Systems: BELGIUM’s Experience Washington -...

Designing and Implementing Secure ID Management Systems: BELGIUM’s Experience

Washington - September 27th, 2010

Frank LEYMAN

© fedict 2010. All rights reserved

Citizen CentricityCOMM

ON BACK-OFFICE

COMMON

PROCESS FLOW

COMMON KEY

MODULES

E-APPLICATIONS

TOOLS

MandatesAt

tribu

tes

Deleg

atio

n

Roles


ONE COMMON BACK-OFFICE


SECURITY LAYER

…Ministr

yA

MinistryB

MinistryC

MinistryZ

FEDMANFederal Service Bus

National Portal Website

Building Blocks


ONE UNIQUE ELECTRONIC KEY: THE BELGIAN eID


Electronic identity card (eID)

Children <12 years old

Foreign residents

Belgian citizens >12 years old


eID Security


eID Digital Information

Use without PIN

IDID ADDRESSADDRESS

RRN SIGN

RRN SIGN

RRN SIGN

RRN SIGN

IDENTITY“PIN

protected”

authentication

digital signature

PKI

privatepublic

privatepublic


LOTS OF e-APPLICATIONS


Lots of applications of the eID card

student cards

Healthcare

e-commerce

Driver’s license

Proof of membership

SSO, etc.

Home banking


Vending machines

No alcohol under 18 year...


Lots of TOOLS at your disposal


Quick Install

1. Install the eID software

2. Connect the card reader to the computer

3. Consult your data


http://www.belgium.be


05/05/2009 | Bruxelles

Direct access to more than70 on-line transactions

eID Middleware Reading of the data – Certificates - Card & PIN


https://mondossier.rrn.fgov.be


www.checkdoc.be A website to verify whether Belgian identity documents are valid or

not: passport identity card residence permit with chip

Registration the first time

Sources authentiques


Fiscality


More Information?

>www.eid.belgium.be


http://map.eid.belgium.be


Lots of MODULES at your disposal


MODULES FAS:

Federal Authentication Service via eID

e-LOKET: Tool to allow municipalities to offer electronic services to its citizen in a secure way

e-DEPOT: Service to allow notaries to faster register acts

PersonService: Webservice to allow fast query about physical persons in the public registers

DIGIFLOW: User interface the Public Sector uses to get access to the FSB

IAM: Identity and Access Management

MAGMA: Delegation of powers between two legal entities in order to allow the second to operate

on-line transactions in the name of the first (accountants, social reprenstatives, ...)

e-PAYMENT: Service package to allow public authorities to introduce electronic transactions


Standard usageStandard Process Flows


Standard approach

WEB

FSB

FEDMAN network

Authentic Sources


Example1: citizen files a complaint “theft”

e-FORM

FAS

FSB

Police

Ticket #

Push

e-LOKET


Future developments


Identity and Access Management

IDENTITY

NAME

DATE of BIRTH

PLACE of BIRTH

GENDER

ADDRESS

NATIONALITY

FAMILY STATUS

CEO of COMPANY

LAWYER

FATHER

MEMBER OF SERVICE CLUB

ACCOUNTANT

MEMBER of BOARD

SOCIAL SECURITY

DRIVING LICENSE


This is for Belgium, but what about the rest of Europe?


SECURITY LAYER

FEDMANFederal Service Bus

National Portal Website

…MinistryA

MinistryB

MinistryC

MinistryZ

Gateway to EU

Region A

Region B

Region C

Region Z

Municipality A

Municipality B

Municipality C

Municipality Z

……

Country1

Country2

Country3

CountryX

…


Room for improvement...

Communication & Education

Card readers

Prices of internet

Prices of PC’s

# of Applications

http://welcome-to-e-belgium.be/en/


http://www.zonhoven.be/86045.img

Th@nk you!

FRANK LEYMANManager International Relations

Maria-Theresiastraat 1/3Bruxelles 1000 Brussel

TEL +32 2 212 96 24FAX +32 2 212 96 99

[email protected]

www.belgium.be/fedict


Designing and Implementing Secure ID Management Systems: BELGIUM’s Experience Washington -...

Documents

Transcript of Designing and Implementing Secure ID Management Systems: BELGIUM’s Experience Washington -...