1. Kopfzeile
eID and interoperability
- The Austrian Experience
Peter Kustor
27th September 2011
peter.kustor@bka.gv.at
Table of contents
Citizen Card Concept
eID-innovation: Mobile Phone Signature
eID interoperability in Austria
STORK and lessons learned
Future Challenges
eID and interoperability | 27.9.2011 2|
Fußzeile Seite 1 29.09.2011
2. Kopfzeile
Citizen Card - Major Milestones
November 2000: Austrian Cabinet Council decision
– … to employ chip-card technology to improve
citizen’s access to public services; to supplement
the planned health insurance card with electronic
signatures
February 2003: 1st Citizen Card
– Austrian Computer Society membership card
March 2004: E-Government Act
– Legal basis of the Identity Management System
2005 - 2010
– Several private-sector and public-sector
borne Citizen Card initiatives
eID and interoperability | 27.9.2011 3|
A valid legal basis – the main ingredient
E-Government Act
sector
citizen identity-
mandates source PIN specific
card link
eID
standard-
source PIN supplement official
document
REGISTER REGISTER signature
REGISTER
eID and interoperability | 27.9.2011 4|
Fußzeile Seite 2 29.09.2011
3. Kopfzeile
Citizen card (concept)
The Austrian citizen card is
a concept, not a specific
technology
The Citizen Card combines Identity-Link
– electronic signature/
declaration of intent
Authentication
– Unique electronic identity
Identification
– data on representation,
mandates
Representation
eID and interoperability | 27.9.2011 5|
Online Identity = CSP + public register
Trust Center: public sector registries
Certification Service Provider
(CSP)
Supplementary
CSP Register
CSP CRR
…
A-Trust BMI
Electronic Identity
eID and interoperability | 27.9.2011 6|
Fußzeile Seite 3 29.09.2011
4. Kopfzeile
eID Austria : Overview
LEGAL QUALIFIED
SIGNATUR
+ IDENTIT
Y
E LINK
any private sector Identity = source
PUBLIC PRIVATE CA for qualified pin cryptographically
signatures bound to certificate
only on
DATA PROTECTION openly available the card
in a directory (HSM)
SECTOR SECTOR SECTOR SECTOR
one way mapping into sectors
eID and interoperability | 27.9.2011 7|
Identity Link
XML data structure stored in the
Card or in the hardware secure module
that holds: ...
<saml:SubjectConfirmationData>
– personal data: name, date of <pr:Person xsi:type="pr:Physical
<pr:Identification>
birth source
<pr:Value>123456789012</pr:V
<pr:Type>http://reference.e-g
</pr:Identification>
– unique ID “sourcePIN” PIN <pr:Name>
<pr:GivenName>Herbert</pr:Given
– public keys of the <pr:FamilyName>Leitold</pr:Fami
</pr:Name>
certificates ...
<saml:Attribute
signed by the AttributeName="CitizenPublicKey"
... <dsig:RSAKeyValue>
authority <dsig:Modulus>snW8OLCQ49qNefems
eID and interoperability | 27.9.2011 8|
Fußzeile Seite 4 29.09.2011
5. Kopfzeile
Electronic identity of natural persons
Base
Central Residents Register Supplementary Register
Number (CRRegNo) Number for non-residents Registers
Source PIN
ssPIN ssPIN ssPIN ssPIN
education Soc. Sec. taxation …
eID and interoperability | 27.9.2011 9|
ssPIN: Generation
irreversible Source PIN
derivation
ssPIN a ssPIN b
e.g. constructing &
e.g. taxes & duties
living
Conversion impossible!
eID and interoperability | 27.9.2011 10 |
Fußzeile Seite 5 29.09.2011
6. Kopfzeile
Citizen Cards
Cards:
•Health insurance cards: 100 % coverage,
activation free of charge for citizens
• official’s service card
• Certification service provider signature cards
• student service cards, etc.
Mobile phone signatures:
• Start 2009
• free of charge for citizens
eID and interoperability | 27.9.2011 11 |
eID citizen card function
Access to e-gov:
• eForms Access to e-business:
• eHealth • eBanking
Within • eDelivery • eBilling
• eDocument-Safe • eProcurement
administration:
• eUniversity • CyberDoc
• eSignature
• eVoting • Archivium
• eRegisters
• eDelivery
• eFile System
eID and interoperability | 27.9.2011 12 |
Fußzeile Seite 6 29.09.2011
7. Kopfzeile
Server Side – Open Source Programme
Basic modules for integration into
applications
– Open Source, free for public &
private sector
MOA – Module for On-line
Applications
– Identification (MOA-ID)
– Signature validation / creation
(MOA-SS/SP)
– Electronic delivery (MOA-ZS)
– Representation (MOA-VV)
– Official signatures (MOA-AS)
eID and interoperability | 27.9.2011 13 |
Variants
Minimum-footprint
Mobile Phone
Local installation
eID and interoperability | 27.9.2011 14 |
Fußzeile Seite 7 29.09.2011
8. Kopfzeile
Table of contents
Citizen Card Concept
eID-innovation: Mobile Phone Signature
eID interoperability in Austria
STORK and lessons learned
Future Challenges
eID and interoperability | 27.9.2011 15 |
Demo
Log On at
HELP
ONLINE
eID and interoperability | 27.9.2011 16 |
Fußzeile Seite 8 29.09.2011
9. Kopfzeile
mobile phone signature
server-based citizen card solution for
qualified electronic signatures via mobile phone
familiar technology and comfortable alternative to the
current smartcards
important step towards usability and dissemination of
modern eGovernment services because
– no software installation on the local PC,
– no special computer skills and
– no card readers are needed for use.
eID and interoperability | 27.9.2011 17 |
Mobile phone signature
Core Aspects
– Operated by a Certification Service
Provider (CSP) for qualified certificates
– Signature-creation data (cryptographic
keys) kept at CSP but controlled by the
signatory
• 2-factor authentication (knowledge &
possession) as known from smartcards
– Secure Signature-Creation Device
• 1999/93/EC Annex III, confirmed by a
notified body
eID and interoperability | 27.9.2011 18 |
Fußzeile Seite 9 29.09.2011
10. Kopfzeile
Features of mobile phone signature
No requirement on the mobile phone or SIM
– Just receiving SMS
Zero-footprint: no local installation, just the browser
Revocation of a certificate is definite – the signature-creation
data are destroyed (unlike with signature cards)
– Actually, revocation checking could be omitted, if relying on
that fact
Identity data is communicated from the operator directly to the
application
– Reduces verification needs and residual risks
eID and interoperability | 27.9.2011 19 |
Features of mobile phone signature
Free of charge for users
Alternative to card-based eID
Platform- and location independent
Trustworthy and secure
User-friendly
High-potential also in private sector applications
eID and interoperability | 27.9.2011 20 |
Fußzeile Seite 10 29.09.2011
11. Kopfzeile
Registration possibilities
„self registration“ using a qualified
signature (existing citizen card):
https://www.handy-signatur.at/
Registration authorities/ registration
officers at various institutions (expanding: finance
authorities, post offices…)
https://www.a-trust.at/Aktivierung/ro/OfficerData.aspx?t=mobile
Using „trusted systems“ (currently e.g. FinanzOnline,
registration via online banking in cooperation with telecom providers)
eID and interoperability | 27.9.2011 21 |
Table of contents
Citizen Card Concept
eID-innovation: Mobile Phone Signature
eID interoperability in Austria
STORK and lessons learned
Future Challenges
eID and interoperability | 27.9.2011 22 |
Fußzeile Seite 11 29.09.2011
12. Kopfzeile
Integration of foreign eIDs
Framework for the legal equality of
foreign signature cards with the
Austrian citizen card concept:
§ 6 Abs. 5 E-GovG and „equality
regulation“
Registration in the Supplementary
Register without explicit proof of
registration data, if
– an Application contains a qualified
signature, that
– is based on an equivalent proof of
unique identity (§ 2 Z 2 E-GovG) in the
country of origin.
Currently the eIDs of Belgium,
Estonia, Finland, Iceland, Italy,
Liechtenstein, Lithuania, Portugal,
Sweden, Slovenia and Spain meet
these interoperability | 27.9.2011
eID and requirements. 23 |
Table of contents
Citizen Card Concept
eID-innovation: Mobile Phone Signature
eID interoperability in Austria
STORK and lessons learned
Future Challenges
eID and interoperability | 27.9.2011 24 |
Fußzeile Seite 12 29.09.2011
13. Kopfzeile
EU “Large Scale” pilots
Electronic Procurement
Large Scale Pilot PEPPOL
www.peppol.eu
Electronic Identity
Large Scale Pilot STORK
www.eid-stork.eu
Service Directive
Large Scale Pilot SPOCS
www.eu-spocs.eu
eHealth
Large Scale Pilot epSOS www.epsos.eu
e-Justice Communication
Large Scale Pilot e-CODEX www.e-codex.eu
eID and interoperability | 27.9.2011 25 |
STORK-Outcome: it works…
www.eesti.ee
https://circabc.europa.eu
www.myhelp.gv.at
www.meinbrief.at
https://abnahme.service-bw.de/idm-web-
portal/page/protected/index/index.faces?action=init&stor
k=true
http://saferchat.eid.is/
eID and interoperability | 27.9.2011 26 |
Fußzeile Seite 13 29.09.2011
14. Kopfzeile
Electronic delivery (www.meinbrief.at)
eID and interoperability | 27.9.2011 27 |
Electronic delivery (www.meinbrief.at)
eID and interoperability | 27.9.2011 28 |
Fußzeile Seite 14 29.09.2011
15. Kopfzeile
Electronic delivery (www.meinbrief.at)
eID and interoperability | 27.9.2011 29 |
STORK - mission complete?
STORK is about making it happen - i.e. PILOTS
eID and interoperability | 27.9.2011 30 |
Fußzeile Seite 15 29.09.2011
16. Kopfzeile
eID and interoperability | 27.9.2011 31 |
STORK - mission complete?
we currently prepare for STORK 2.0
eID and interoperability | 27.9.2011 32 |
Fußzeile Seite 16 29.09.2011
17. Kopfzeile
Table of contents
Citizen Card Concept
eID-innovation: Mobile Phone Signature
eID interoperability in Austria
STORK and lessons learned
Future Challenges
eID and interoperability | 27.9.2011 33 |
STORK - mission complete?
we learned what is to be done
eID and interoperability | 27.9.2011 34 |
Fußzeile Seite 17 29.09.2011
18. Kopfzeile
eID and interoperability | 27.9.2011 35 |
Digital Agenda - the next step
eID and interoperability | 27.9.2011 36 |
Fußzeile Seite 18 29.09.2011
19. Kopfzeile
eID - essential challenges
Non-natural Persons (e.g. companies)
– where time equals money and
– where identity and privacy (e.g. IP protection ..) really counts
Mobility - eID with and through mobile devices
– convenience
– availability
– simplicity
– we have to go to the citizen - not vice versa
Impacts of Cloud Computing on eID
– cloud is opening up an ample set of security questions
– it is a chance and a challenge
– while not a technology by itself it changes assumptions
eID and interoperability | 27.9.2011 37 |
how to extend take-up and use
reduce complexity
– Amend (simplify!) legal framework and create legally secure
conditions
– public opinion still assigns high complexity with eID
– technology is high up in barriers
– these barriers are also perceived by application providers
which is hampering services
easier access to technology
– people who used eID once stay with it
the user must see the need
eID and interoperability | 27.9.2011 38 |
Fußzeile Seite 19 29.09.2011
20. Kopfzeile
Thank you
for your attention!
Peter Kustor
Federal Chancellery of Austria
Ballhausplatz 2
1014 Vienna
Phone: +43 53115 2554
Peter.Kustor@bka.gv.at
http://digitales.oesterreich.gv.at or
http://digital.austria.gv.at
Components
User
Mobile phone
Fußzeile Seite 20 29.09.2011
21. Kopfzeile
Components
Web-Frontend
HSM
- Creation of crypto-keys
- Decryption of signature
creation data
- Creation of qualified SMS Gateway
electronic signatures
Signature key DB
Signature-creation data
(private keys) are encrypted
under
- Citizen password
- Mobile number
- Secret HSM key
Registration
Fußzeile Seite 21 29.09.2011
22. Kopfzeile
Registration
Password
Enter mobile number
Mob-Nr.
Needs to verify possession
Choose password
Generate one-time code
(OTC) Identification
Send OTC via SMS
OTC
Registration II
Possession verified Code
Generate signature-
creation data (private
keys) and encrypt under
Code
- Citizen password Verify possession
- Mobile number
- Secret HSM key
Encrypted storage in DB Code
Fußzeile Seite 22 29.09.2011
23. Kopfzeile
Registration II
Possession verified Code
Generate signature-
creation data (private
keys) and encrypt under
Code
- Citizen password
- Mobile number
- Secret HSM key
Encrypted storage in DB Signature-creation data (private keys) only
Code
a) inside the HSM or
b) encrypted storage
(under key (HSM, mobile number ...)
Signature-creation
Fußzeile Seite 23 29.09.2011
24. Kopfzeile
Signature-creation
Request
password Enter password
Mob-Nr.
Enter mobile number
Application redirects to
signature website
Application prepares a
signature request
Signature-creation I
Display
Generate hash-value Confirm
Generate SMS one-time
code (OTC)
Send OTC and hash-value
via SMS Code
Fußzeile Seite 24 29.09.2011
25. Kopfzeile
Signature-creation II
Possession verified
Code
Load and decrypt the Enter OTC, verify hash
signature-creation data to
HSM using
Code
- Citizen password Verify possession
- Mobile number
- Secret HSM key
Signature-creation in the Code
HSM
Signature-creation II
Possession verified
Besitz verifiziert
Code
Load and decrypt the Enter OTC
Wiederherstellen der to
signature-creation data
Signaturerstellungsdaten
HSM using
Code
aus Datenbank mit
- Citizen password Verify possession
- Schlüssel des HSM
-- Schlüsselnumber
Mobile aus Kennwort
- Secret HSM key
Signature-creation in
Signaturerstellung mitthe
HSM
Signaturerstellungsdaten
The Code
one-time code (OTC) verifies possession of the phone
Using the signature-creation data (private keys) only
a) inside the HSM and
b) after having entered the user password
c) linked to the mobile number
Fußzeile Seite 25 29.09.2011
26. Kopfzeile
Signature-creation III
Returning the XML Signature returned to the
Signature
signature application
Mobile Phone Signature – Legal Assessment
Mobile Phone Signature = Citizen Card?
Citizen Card = qualified signature + identity link
Mobile Phone Signature = qualified signature?
Qualified Signature = advanced electronic signature
+ qualified certificate
+ SSCD
Fußzeile Seite 26 29.09.2011
27. Kopfzeile
Advanced Electronic Signature
is uniquely linked to the signatory
it is capable of identifying the signatory
it is created using means that the signatory can maintain
under his sole control
it is linked to the data to which it relates in such a manner
that any subsequent change of the data is detectable
Advanced Electronic Signature
is uniquely linked to the signatory
it is capable of identifying the signatory
it is created using means that the signatory can maintain
under his sole control
it is linked to the data to which it relates in such a manner
that any subsequent change of the data is detectable
Fußzeile Seite 27 29.09.2011
28. Kopfzeile
„is uniquely linked to the signatory“
the signature-creation-data used for signature
generation (and the corresponding signature
verification data) can practically occur only once
Advanced Electronic Signature
is uniquely linked to the signatory
it is capable of identifying the signatory
it is created using means that the signatory can maintain
under his sole control
it is linked to the data to which it relates in such a manner
that any subsequent change of the data is detectable
Fußzeile Seite 28 29.09.2011
29. Kopfzeile
„ it is capable of identifying the signatory “
Authenticity
practically impossible to create the same key pair twice
ensured that a signature that is verifiable using signature
verification data (public key in the certificate) has been
created with the corresponding signature-creation data
(private key)
practically impossible that signature-creation data can be
derived
Advanced Electronic Signature
is uniquely linked to the signatory
it is capable of identifying the signatory
it is created using means that the signatory can maintain
under his sole control
it is linked to the data to which it relates in such a manner
that any subsequent change of the data is detectable
Fußzeile Seite 29 29.09.2011
30. Kopfzeile
„using means that the signatory can maintain under
his sole control “
Signature-creation authorised only by the signatory
Multifactor authentication: knowledge and possession
Does “can maintain under sole control” mean that it must
be ensured by hardware means? NO!
„…to be assumed that ‘sole control’ can be achieved with appropriate
technical or organisational means even with software certificates
[…] … security measures need to be in place providing that the
signatory can enforce his sole control…“ (RV 293 BlgNR 23. GP)
– see also FESA - working paper on advanced
electronic signatures and “Public Statement on Server
Based Signature Services”: “…FESA members believe that
sole control at least of the signature creation data can be achieved
and that advanced electronic signatures can be created by a
server based signature service…“!
Advanced Electronic Signature
is uniquely linked to the signatory
it is capable of identifying the signatory
it is created using means that the signatory can maintain
under his sole control
it is linked to the data to which it relates in such a manner
that any subsequent change of the data is detectable
Fußzeile Seite 30 29.09.2011
31. Kopfzeile
„it is linked to the data to which it relates in such a manner that any
subsequent change of the data is detectable “
Integrity
practically impossible that different electronic data result in
the same signature or can be created from a given
electronic signature.
Advanced Electronic Signature
is uniquely linked to the signatory
it is capable of identifying the signatory
it is created using means that the signatory can maintain
under his sole control
it is linked to the data to which it relates in such a manner
that any subsequent change of the data is detectable
Fußzeile Seite 31 29.09.2011
32. Kopfzeile
Qualified Signature?
Qualified Signature = advanced el. signature
+ qualified certificate
+ SSCD
Qualified Certificate
Qualified
Certficate
Certificate content Requirements
Annex I Annex II
1999/93/EC 1999/93/EC
Fußzeile Seite 32 29.09.2011
33. Kopfzeile
Certificate Content (Annex I)
indication that the certificate is issued as a qualified
certificate
identification of the CSP and the State in which it is
established
name of the signatory (or a pseudonym identified as
such)
signature-verification data which correspond to
signature-creation data under the control of the signatory
beginning and end of the period of validity of the
certificate
identity code of the certificate
advanced electronic signature of the CSP issuing it
Further options: limitations on scope, value of
transaction, specific attributes of the signatory
Requirements on the CSP (Annex II)
reliability necessary for providing certification services
secure directory and a secure and immediate revocation service
precise date and time when a certificate is issued or revoked
verify identity and, if applicable, specific attributes of the signatory
personnel with expert knowledge, experience, and qualifications
(managerial level, electr. signature technology, security
procedures)
trustworthy systems and products - protected against modification
and ensuring the technical and cryptographic security;
measures against forgery of certificates, and, in cases where the
CSP generates signature-creation data, guarantee its
confidentiality
sufficient financial resources (to bear the risk of liability for
damages)
etc.
Fußzeile Seite 33 29.09.2011
34. Kopfzeile
Qualified Signature?
Qualified Signature = advanced el. signature
+ qualified certificate
+ SSCD
SSCD
Confirmation by a designated body (Art. 3(4) of
1999/93/EC)
§ 6 Abs. 3 Signature Order 2008: Organisational
security measures possible, if components are
operated in a “controlled environment” (e.g., qualified
and reliable personnel, appropriate physical and
logical access control).
A-SIT conformity certificate: 2.11.2009
According to Art. 3 para 4 second subpara of the
Directive, this attestation (“determination of
conformity with the requirements laid down in Annex
III”) is to be recognised by all Member States.
Fußzeile Seite 34 29.09.2011
35. Kopfzeile
Qualified Signature?
Qualified Signature = advanced el. signature
+ qualified certificate
+ SSCD
Mobile Phone Signature – Legal Assessment
Mobile Phone Signature = Citizen Card?
Citizen Card = qualified signature + identity link
Mobile Phone Signature = qualified signature?
Qualified Signature = advanced electronic signature
+ qualified certificate
+ SSCD
Fußzeile Seite 35 29.09.2011