E-residency, data embassy and the Cloud
-
Upload
andres-kuett -
Category
Government & Nonprofit
-
view
137 -
download
0
description
Transcript of E-residency, data embassy and the Cloud
![Page 1: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/1.jpg)
E-residency, data embassy and the CloudAndres Kütt Estonian Information System Authority / Architect
20.11.2014
![Page 2: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/2.jpg)
Estonia in perspective
Population1 Labor force PPP gross national income per capita
Estonia 1 690 391 23.280Latvia 2 1 046 220 21.820Russian Federation 144 76 872 229 22.800
Singapore 5 3 021 715 71.900United States 314 158 666 072 52.610
1 - In millions, rounded to 1
Estonia is so tiny a quarter of our population can become a rounding error.
![Page 3: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/3.jpg)
GNI per capita
0
20 000
40 000
60 000
80 000
1995 1998 2001 2004 2007 2010
Estonia Singapore USA LatviaRussian Federation
The graph shows that no only is our GNI considerably smaller than that of more advanced countries, it is also growing at the same pace. Ergo, we shall be relatively cash-strapped for the foreseeable future.
![Page 4: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/4.jpg)
The solution? Go paperless. Replace the expensive paper-based services with electronic government services that are easier to scale and do not create the feedback loop of bureaucracy creating more bureaucracy.
![Page 5: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/5.jpg)
690 391Our prime-minister-to-citizen ratio is too high.
![Page 6: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/6.jpg)
GAASGovernment as a service. We are already building these web services, why not provide them to others?
![Page 7: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/7.jpg)
10 000 000
This is radical. Illustrates the lengths to which this country is willing to go. Because we have very few other options.
![Page 8: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/8.jpg)
Digital continuity becomes a problem
! We cannot switch back to paper ! For the reasons we went digital in the first place ! Also because we no longer know how
! Digital is built deep into all aspects of Estonia ! Business processes shaped around requesting data, not
delivering documents ! This does not scale without digital
In the digital world, this is certainly the case. The more digitized one is, the more dangerous digital risks become. Estonia can not go back to paperless simply because we no longer know how. This has been the case for so long, our business processes have adapted. For example, a common practice has companies supplying a certificate of tax status as part of public tender processes to make sure they do not owe taxes to the state. In Estonia one would execute a query against the tax board information system instead asking for the status of a particular company. Issuing a certificate would also be meaningless as companies can go and change their tax declarations at will altering their financial standing with the state.
![Page 9: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/9.jpg)
One solution to this would be to move all the services to the Cloud by using Microsoft, Amazon, Google or other cloud service providers. I’ll talk a bit about the challenges and learnings we have had
![Page 10: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/10.jpg)
Agency Agency AgencyAgencyFina
nce
and
port
folio
man
agem
ent
Info
rmat
ion
secu
rity
Information System Registry
Electronic identity
Citizens/Officials/Enterprises
Delivery channels
Integration
Infrastructure
Architecture of Estonian information system
![Page 11: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/11.jpg)
Agency Agency AgencyAgencyFina
nce
and
port
folio
man
agem
ent
Info
rmat
ion
secu
rity
Information System Registry
Electronic identity
Citizens/Officials/Enterprises
Delivery channels
Integration
Infrastructure
![Page 12: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/12.jpg)
Cloud is not simply an infrastructure problem
It immediately becomes a business problem,
if not sooner then when assessing risks
![Page 13: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/13.jpg)
Whom can you trust?
We make a lot of implicit and explicit decisions on trust, cloud
introduces a lot of complexities to these decisions
![Page 14: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/14.jpg)
Small players are too small
What is their actual ability to honour the collateral?
![Page 15: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/15.jpg)
Big players are too big
Appi
![Page 16: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/16.jpg)
What about democratic change?
A nation democratically decides it is OK to look into
files they consider to be under their jurisdiction
![Page 17: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/17.jpg)
“Lady, I never walk into a place I don't know how to walk out of.”
![Page 18: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/18.jpg)
In the end, nobody can be trusted
Not with really important things
Cryptography to the rescue!
![Page 19: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/19.jpg)
Secure multi-party computation
Ability to share data and computation between untrusted parties
Cryptography to the rescue!
![Page 20: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/20.jpg)
X1 X2 AVG(X1,X2)
Original 12 8 10
Node 1 1 3 2
Node 2 4 2 3
Node 3 7 3 5
![Page 21: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/21.jpg)
Browser-based cryptography
Since the server cannot be trusted, the client must encrypt everything
![Page 22: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/22.jpg)
Challenges with the browser
! Related to encryption itself ! WebCryptoAPI coming to age but clearly inadequate ! Big players reluctant to cooperate on Browser/OS issues
! Related to handling of encrypted data ! How to execute server-based tasks like search on encrypted
data? ! Key management issues
![Page 23: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/23.jpg)
Conclusions
What can we make of it all?
Cryptography to the rescue!
![Page 24: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/24.jpg)
Moving to cloud assumes a high level of maturity from the entire organisation
More so than being either in our out of the cloud
![Page 25: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/25.jpg)
Trust decisions need to get explicit
Questions of trust have profound business implications and must thus be made explicitly
![Page 26: E-residency, data embassy and the Cloud](https://reader033.fdocuments.in/reader033/viewer/2022060121/559441ac1a28abf3248b45d7/html5/thumbnails/26.jpg)
Cryptography seems to be a solution
Although it is not entirely clear, how exactly