Tutorial 3 peter kustor

Kopfzeile

29.09.2011Fußzeile Seite 1

eID and interoperability

- The Austrian Experience

Peter Kustor27th September [email protected]

eID and interoperability | 27.9.2011 2 |

Table of contents

� Citizen Card Concept

� eID-innovation: Mobile Phone Signature

� eID interoperability in Austria

� STORK and lessons learned

� Future Challenges

Kopfzeile



Citizen Card - Major Milestones

� November 2000: Austrian Cabinet Council decision

– … to employ chip-card technology to improve citizen’s access to public services; to supplement the planned health insurance card with electronic signatures

� February 2003: 1st Citizen Card

– Austrian Computer Society membership card

� March 2004: E-Government Act

– Legal basis of the Identity Management System

� 2005 - 2010

– Several private-sector and public-sector borne Citizen Card initiatives


A valid legal basis – the main ingredient

E-Government Act

citizen

card

identity-link

mandates source PINsector

specificeID

source PINREGISTER

supplementREGISTER

standard-documentREGISTER

officialsignature

Kopfzeile



Citizen card (concept)

� The Austrian citizen card is a concept, not a specific technology

� The Citizen Card combines– electronic signature/

declaration of intent

� Authentication

– Unique electronic identity

� Identification

– data on representation, mandates

� Representation

Identity-Link


Trust Center: Certification Service Provider(CSP)

public sector registries

Online Identity = CSP + public register

CRRBMI

Electronic Identity

CSPA-Trust

CSP…

SupplementaryRegister

Kopfzeile



eID Austria : Overview

LEGAL

PUBLIC PRIVATE

DATA PROTECTION

QUALIFIEDSIGNATURE

IDENTITYLINK

+

only on the card (HSM)

Identity = sourcepin cryptographically bound to certificate

any private sectorCA for qualified signatures

openly available in a directory

SECTOR SECTOR SECTORSECTOR

one way mapping into sectors


Identity Link

� XML data structure stored in the

Card or in the hardware secure module

that holds:

– personal data: name, date of

birth

– unique ID “sourcePIN”

– public keys of the

certificates

signed by the

authority

...

<saml:SubjectConfirmationData>

<pr:Person xsi:type="pr:Physical

<pr:Identification>

<pr:Value>123456789012</pr:V

<pr:Type>http://reference.e-g

</pr:Identification>

<pr:Name>

<pr:GivenName>Herbert</pr:Given

<pr:FamilyName>Leitold</pr:Fami

</pr:Name>

...

<saml:Attribute

AttributeName="CitizenPublicKey"

... <dsig:RSAKeyValue>

<dsig:Modulus>snW8OLCQ49qNefems

sourcePIN

Kopfzeile



Electronic identity of natural persons

Central Residents RegisterNumber (CRRegNo)

Central Residents RegisterNumber (CRRegNo)

Source PINSource PIN

ssPIN

education

ssPIN

Soc. Sec.

ssPIN

taxation

ssPIN

…

Base

RegistersSupplementary Register Number for non-residentsSupplementary Register Number for non-residents


ssPIN: Generation

Conversion impossible!

ssPIN a

e.g. taxes & dutiese.g. constructing &

living

ssPIN b

irreversiblederivation

Source PINSource PIN

Kopfzeile



Citizen Cards

Cards:

•Health insurance cards: 100 % coverage,

activation free of charge for citizens

• official’s service card

• Certification service provider signature cards

• student service cards, etc.

Mobile phone signatures:

• Start 2009

• free of charge for citizens


eID citizen card function

Access to e-business:• eBanking

• eBilling

• eProcurement

• CyberDoc

• Archivium

• eDelivery

Within

administration:• eSignature

• eRegisters

• eFile System

Access to e-gov:• eForms

• eHealth

• eDelivery

• eDocument-Safe

• eUniversity

• eVoting

Kopfzeile



Server Side – Open Source Programme

� Basic modules for integration into

applications

– Open Source, free for public &

private sector

� MOA – Module for On-line

Applications

– Identification (MOA-ID)

– Signature validation / creation

(MOA-SS/SP)

– Electronic delivery (MOA-ZS)

– Representation (MOA-VV)

– Official signatures (MOA-AS)


Variants

Local installation

Mobile Phone

Minimum-footprint

Kopfzeile



Table of contents







Demo

� Log On at

HELPONLINE

Kopfzeile



mobile phone signature

� server-based citizen card solution for

� qualified electronic signatures via mobile phone

� familiar technology and comfortable alternative to the

current smartcards

� important step towards usability and dissemination of

modern eGovernment services because

– no software installation on the local PC,

– no special computer skills and

– no card readers are needed for use.


Mobile phone signature

� Core Aspects

– Operated by a Certification Service Provider (CSP) for qualified certificates

– Signature-creation data (cryptographic keys) kept at CSP but controlled by the signatory

• 2-factor authentication (knowledge &

possession) as known from smartcards

– Secure Signature-Creation Device

• 1999/93/EC Annex III, confirmed by a

notified body

Kopfzeile



Features of mobile phone signature

� No requirement on the mobile phone or SIM

– Just receiving SMS

� Zero-footprint: no local installation, just the browser

� Revocation of a certificate is definite – the signature-creation data are destroyed (unlike with signature cards)

– Actually, revocation checking could be omitted, if relying on that fact

� Identity data is communicated from the operator directly to the application

– Reduces verification needs and residual risks


Features of mobile phone signature

� Free of charge for users

� Alternative to card-based eID

� Platform- and location independent

� Trustworthy and secure

� User-friendly

� High-potential also in private sector applications

Kopfzeile



Registration possibilities

� „self registration“ using a qualified

signature (existing citizen card):

https://www.handy-signatur.at/

� Registration authorities/ registration

officers at various institutions (expanding: finance

authorities, post offices…)

https://www.a-trust.at/Aktivierung/ro/OfficerData.aspx?t=mobile

� Using „trusted systems“ (currently e.g. FinanzOnline,

registration via online banking in cooperation with telecom providers)


Table of contents






Kopfzeile



Integration of foreign eIDs

� Framework for the legal equality of

foreign signature cards with the

Austrian citizen card concept:

§ 6 Abs. 5 E-GovG and „equality

regulation“

� Registration in the Supplementary

Register without explicit proof of

registration data, if

– an Application contains a qualified

signature, that

– is based on an equivalent proof of

unique identity (§ 2 Z 2 E-GovG) in the

country of origin.

� Currently the eIDs of Belgium,

Estonia, Finland, Iceland, Italy,

Liechtenstein, Lithuania, Portugal,

Sweden, Slovenia and Spain meet

these requirements.


Table of contents






Kopfzeile



EU “Large Scale” pilots

LargeLarge ScaleScale PilotPilot PEPPOLPEPPOL

LargeLarge ScaleScale PilotPilot STORKSTORK

Electronic Identity

www.peppol.eu

www.eid-stork.eu

LargeLarge ScaleScale PilotPilot SPOCSSPOCS

Service Directive

www.eu-spocs.eu

LargeLarge ScaleScale PilotPilot epSOSepSOS

eHealth

www.epsos.eu

Electronic Procurement

LargeLarge ScaleScale PilotPilot ee--CODEXCODEX

e-Justice Communication

www.e-codex.eu


STORK-Outcome: it works…� www.eesti.ee

� https://circabc.europa.eu

� www.myhelp.gv.at

� www.meinbrief.at

� https://abnahme.service-bw.de/idm-web-

portal/page/protected/index/index.faces?action=init&stor

k=true

� http://saferchat.eid.is/

Kopfzeile



Electronic delivery (www.meinbrief.at)



Kopfzeile





STORK - mission complete?

STORK is about making it happen - i.e. PILOTS

Kopfzeile





we currently prepare for STORK 2.0

Kopfzeile



Table of contents








we learned what is to be done

Kopfzeile




Digital Agenda - the next step

Kopfzeile



eID - essential challenges

� Non-natural Persons (e.g. companies)

– where time equals money and

– where identity and privacy (e.g. IP protection ..) really counts

� Mobility - eID with and through mobile devices

– convenience

– availability

– simplicity

– we have to go to the citizen - not vice versa

� Impacts of Cloud Computing on eID

– cloud is opening up an ample set of security questions

– it is a chance and a challenge

– while not a technology by itself it changes assumptions


how to extend take-up and use

� reduce complexity

– Amend (simplify!) legal framework and create legally secure

conditions

– public opinion still assigns high complexity with eID

– technology is high up in barriers

– these barriers are also perceived by application providers

which is hampering services

� easier access to technology

– people who used eID once stay with it

� the user must see the need

Kopfzeile


Thank youfor your attention!

Peter Kustor

Federal Chancellery of Austria

Ballhausplatz 2

1014 Vienna

Phone: +43 53115 2554

[email protected]

http://digitales.oesterreich.gv.at or

http://digital.austria.gv.at

Components

Mobile phone

User

Kopfzeile


Components

Signature key DB

Signature-creation data

(private keys) are encrypted

under

- Citizen password

- Mobile number

- Secret HSM key

SMS Gateway

HSM

- Creation of crypto-keys

- Decryption of signature

creation data

- Creation of qualified

electronic signatures

Web-Frontend

Registration

Kopfzeile


Registration

Enter mobile number

Choose password

PasswordPassword

Identification

Mob-Nr.Mob-Nr.Needs to verify possession

Generate one-time code

(OTC)

Send OTC via SMS

OTCOTC

Registration II

CodeCode

Co

de

Co

de

Generate signature-

creation data (private

keys) and encrypt under

- Citizen password

- Mobile number

- Secret HSM key

Encrypted storage in DB

Possession verified

CodeCode

Verify possession

Kopfzeile


Registration II

CodeCode

Co

de

Co

de

CodeCodeSignature-creation data (private keys) only

a) inside the HSM or

b) encrypted storage

(under key (HSM, mobile number ...)

Generate signature-

creation data (private

keys) and encrypt under

- Citizen password

- Mobile number

- Secret HSM key

Encrypted storage in DB

Possession verified

Signature-creation

Kopfzeile


Signature-creation

Application prepares a

signature request

Application redirects to

signature website

passwordpassword

Enter mobile number

Mob-Nr.Mob-Nr.

Enter password

RequestRequest

Signature-creation I

Generate hash-value

Generate SMS one-time

code (OTC)

Send OTC and hash-value

via SMS CodeCode

ConfirmConfirm

DisplayDisplay

Kopfzeile


Signature-creation II

Enter OTC, verify hash

CodeCode

Co

de

Co

de

Load and decrypt the

signature-creation data to

HSM using

- Citizen password

- Mobile number

- Secret HSM key

Signature-creation in the

HSM

Possession verified

CodeCode

Verify possession

Signature-creation II

Enter OTC

CodeCode

Co

de

Co

de

Wiederherstellen der

Signaturerstellungsdaten

aus Datenbank mit- Schlüssel des HSM- Schlüssel aus Kennwort

Signaturerstellung mit

Signaturerstellungsdaten

Besitz verifiziert

CodeCode

Verify possession

The one-time code (OTC) verifies possession of the phone

Using the signature-creation data (private keys) only

a) inside the HSM and

b) after having entered the user password

c) linked to the mobile number

Load and decrypt the

signature-creation data to

HSM using

- Citizen password

- Mobile number

- Secret HSM key

Signature-creation in the

HSM

Possession verified

Kopfzeile


Signature-creation III

Signature returned to the

applicationSignatureSignatureReturning the XML

signature

Mobile Phone Signature – Legal Assessment

� Mobile Phone Signature = Citizen Card?

� Citizen Card = qualified signature + identity link

� Mobile Phone Signature = qualified signature?

� Qualified Signature = advanced electronic signature

+ qualified certificate

+ SSCD

Kopfzeile


Advanced Electronic Signature

� is uniquely linked to the signatory

� it is capable of identifying the signatory

� it is created using means that the signatory can maintain

under his sole control

� it is linked to the data to which it relates in such a manner

that any subsequent change of the data is detectable








Kopfzeile


„is uniquely linked to the signatory“

� the signature-creation-data used for signature

generation (and the corresponding signature

verification data) can practically occur only once








Kopfzeile


„ it is capable of identifying the signatory “

Authenticity

� practically impossible to create the same key pair twice

� ensured that a signature that is verifiable using signature verification data (public key in the certificate) has been created with the corresponding signature-creation data (private key)

� practically impossible that signature-creation data can be derived








Kopfzeile


„using means that the signatory can maintain under his sole control “

� Signature-creation authorised only by the signatory

� Multifactor authentication: knowledge and possession

Does “can maintain under sole control” mean that it must be ensured by hardware means? NO!

„…to be assumed that ‘sole control’ can be achieved with appropriate technical or organisational means even with software certificates […] … security measures need to be in place providing that the signatory can enforce his sole control…“ (RV 293 BlgNR 23. GP)

– see also FESA - working paper on advanced electronic signatures and “Public Statement on Server Based Signature Services”: “…FESA members believe that sole control at least of the signature creation data can be achieved and that advanced electronic signatures can be created by a server based signature service…“!








Kopfzeile


„it is linked to the data to which it relates in such a manner that any

subsequent change of the data is detectable “

Integrity

� practically impossible that different electronic data result in

the same signature or can be created from a given

electronic signature.








Kopfzeile


Qualified Signature?

Qualified Signature = advanced el. signature


+ SSCD

Qualified Certificate

Qualified

Certficate

Certificate content Annex I

1999/93/EC

Requirements Annex II

1999/93/EC

Kopfzeile


Certificate Content (Annex I)

� indication that the certificate is issued as a qualified certificate

� identification of the CSP and the State in which it is established

� name of the signatory (or a pseudonym identified as such)

� signature-verification data which correspond to signature-creation data under the control of the signatory

� beginning and end of the period of validity of the certificate

� identity code of the certificate

� advanced electronic signature of the CSP issuing it

� Further options: limitations on scope, value of transaction, specific attributes of the signatory

Requirements on the CSP (Annex II)

� reliability necessary for providing certification services

� secure directory and a secure and immediate revocation service

� precise date and time when a certificate is issued or revoked

� verify identity and, if applicable, specific attributes of the signatory

� personnel with expert knowledge, experience, and qualifications (managerial level, electr. signature technology, security procedures)

� trustworthy systems and products - protected against modification and ensuring the technical and cryptographic security;

� measures against forgery of certificates, and, in cases where the CSP generates signature-creation data, guarantee its confidentiality

� sufficient financial resources (to bear the risk of liability for damages)

� etc.

Kopfzeile





+ SSCD

SSCD

� Confirmation by a designated body (Art. 3(4) of

1999/93/EC)

� § 6 Abs. 3 Signature Order 2008: Organisational

security measures possible, if components are

operated in a “controlled environment” (e.g., qualified

and reliable personnel, appropriate physical and

logical access control).

� A-SIT conformity certificate: 2.11.2009

� According to Art. 3 para 4 second subpara of the

Directive, this attestation (“determination of

conformity with the requirements laid down in Annex

III”) is to be recognised by all Member States.

Kopfzeile





+ SSCD

Mobile Phone Signature – Legal Assessment

� Mobile Phone Signature = Citizen Card?

� Citizen Card = qualified signature + identity link

� Mobile Phone Signature = qualified signature?

� Qualified Signature = advanced electronic signature


+ SSCD

Tutorial 3 peter kustor

Education

Transcript of Tutorial 3 peter kustor