Post on 31-Aug-2020
e‐SENSElectronic Simple European Networked Services
e‐SENS Pilots of eID, eSignatures and Trusted Services
Trust in the Digital WorldMadrid, February 26th, 2015
Lefteris Leontaridis, e‐SENS Piloting Manager
The e‐SENS Large Scale Project
Public administration, agencies and private companies from 21 countries
public services in Europe
cross‐border access
interoperable IT solutions
Connecting Europe FacilityTEN‐TELE Regulatione‐IDAS Regulation
Re‐using technical solutions
e‐Deliverye‐Documents
e‐Identity e‐Signatures
e‐Government services in different Domains
e‐Justicee‐Health
e‐Procurement
BusinessLifecycle
E‐ID
27/2/20155
Use of BBs in National Pilots:eID
27/02/2015 e‐SENS GA ‐WP56
UC 5.1.1 eTender
ingUC 5.1.2 VCD
UC 5.1.4 eInvoice/eOrder
UC 5.2.1 ePr/PS
UC 5.2.2 eConfirmation
UC 5.3.1 Matrimonial matters
UC 5.3.4 EAPO
UC 5.4.1 Business
Registration
UC 5.4.2 Activity
RegistrationUse of e‐SENS BBs
eID M/P Y Y Y Y
GermanyAustriaCzech RepDenmark Y YEstonia YSpain Y YFranceGreece M/P Y YIrelandItaly Y YLuxembourg YNetherlands M/PNorway M/PPoland YPortugal YRomaniaSweden M/P YSlovenia YSlovakiaTurkey
MS PILOTS IN EACH DOMAIN (08.02.2015)
5.1 eProcurement 5.2 eHealth 5.3 e‐Justice 5.4 Business Lifecycle
Use of eID in Domain Pilots (1/2)
eProcurement Domain: eTendering• Identification and registration in eTendering platforms• Changes introduced by a 4‐corner model• Federated signing based on eID using STORK cross‐border• Certain personal attributes may need special data
protection treatmenteHealth Domain: Patient Summary/ePrescription• Patient identification using federated eID• “last mile” over other intermediaries e.g. FutureID• Use of eHealth‐specific eIDs – potential for an extended
attribute set to be agreed by MS and carried over STORK• The mobile eID BB may be usable
05.09.20147
Use of eID in Domain Pilots (2/2)
Business Lifecycle Domain• Identification is the start of the registration process• Federated signing using eID• Activity to agree on an extended set of attributes for
“service fulfillment” that may be carried over STORK
Coming up• Citizen lifecycle use cases – same scenario as business
lifecycle but with other administrations• eConfirmation: Can use the eHealth solution (same
trigger in both business processes)
05.09.20148
Ways to use the eID DSI
E‐Services with direct access to STORKUse of national eID/eSign platforms that use STORK in the background• Swedish federated signing• OthersUse of intermediaries that access STORK in the background – among offer other options for authentication and attribute provision• FutureID• Mobile eID (upcoming SBB)New or emerging PEPS (NO, DK)
05.09.20149
E‐SIGNATURES
Use of BBs in National Pilots:eSignatures
27/02/2015 e‐SENS GA ‐WP511
UC 5.1.1 eTender
ingUC 5.1.2 VCD
UC 5.1.4 eInvoice/eOrder
UC 5.2.1 ePr/PS
UC 5.2.2 eConfirmation
UC 5.3.1 Matrimonial matters
UC 5.3.4 EAPO
UC 5.4.1 Business
Registration
UC 5.4.2 Activity
RegistrationUse of e‐SENS BBs
eSignatures Y Y Y Y Y Y Y
Germany Y Y YAustriaCzech RepDenmark M/P M/PEstonia Y YSpain YFrance Y YGreece Y Y YIrelandItaly Y YLuxembourgNetherlands Y Y YNorway Y M/PPoland Y Y Y YPortugal YRomaniaSweden YSlovenia YSlovakiaTurkey
MS PILOTS IN EACH DOMAIN (08.02.2015)
5.1 eProcurement 5.2 eHealth 5.3 e‐Justice 5.4 Business Lifecycle
Sign locally and deliver
Pro• User can use her
signing solution
Con• Incompatibility
wrt. signing policies
• Format variants
Sign at SP user interface
Pro• Integration with
SP environment• SP determines
policies
Con• Needs good
knowledge of all European tokens
• Governance (test tokens for SPs)
Signing Service using federated authentication
Pro• Builds on auth.‐
infrastructure• User can sign
without own infrastructure
Con• User must trust a
foreign sig.‐service• Signing service may
not be deployed by all gvmts.
Trust Library – TrustOK Token
Pro Receiver does not have to validate the signature on the business document
himself• Avoids cross‐border signature verification• Allows to mention unsigned documents to be legally binding within the
borders of the sending MS
Con• Trust model works for closed environments and need sign circle of trust
agreement
Use of eSignatures in Domain Pilots (1/2)
eProcurement Domain: eTendering• Signing tenders, signing contracts, signing individual tender
documentseProcurement Domain: : Virtual Company Dossier• Signing the VCD package, possibly signing ESPDeHealth Domain: Patient Summary/ePrescription• Scoped out at this stage, will be revisitedeHealth Domain : eConfirmation• Signed eConfirmation document from home country (and
outgoing request)• Signing and validation done by competent authorities to
minimize validation scope
05.09.201416
Use of eSignatures in Domain Pilots (2/2)
eJustice Domain• Signed eDdocuments in both use cases• Expected to continue e‐CODEX practice of valdating in
the sender country
Business Lifecycle Domain• Signing at the Single Point of Contact/Business Registry
• National platforms with federated signing using STORK
• Some documents may be signed at the country of origin• Will use validation solutions such as SD‐DSS• The choice of use case (company type – activity type) by MS tries
to minimize this
05.09.201417
Ways to use the eSignature DSI
Some countries adopted or are in process of implementing the SD‐DSS tool• Poland, Greece, France, etc,• Norway, Denmark etc, considering – need to support themNational solutions for signing and validation• Spain: @Firma• Sweden: Federated signingUse of STORK• No concrete declarations so far by administrations in e‐SENSLocal validation promoted for legal reasonsTSL – depending on the trust model and the circle of trust in different domains
18
TRUST MODELS
Direct Trust – Mutual Key Exchange
eJustice, eConfirmation
Community Trust using dedicated PKI
eProcurement, eHealth (pre‐production only)
Trust Federation using Trust Lists
eHealth, perhaps others
Security Toke Services for Trust Brokerage
Interconnecting national eDelivery infrastructures
Multi‐domain Trust Establishment and Brikerage
Trusted Services in a multi‐domain and cross‐border ecosystem Different trust models co‐exist in different domainsA trust meta‐model is necessary for aligned policies
Piloting Opportunities for administrations and industry
Get involved in Pilots
Connect and expand your user base
Use Building Blocks in your products or services
Influence and contribute to new solutions
Contact us: esens.info@lists.esens.eu
Facebook: www.facebook.com/Eu.eSENS
Twitter: twitter.com/eSENS_EU
LinkedIn: http://www.linkedin.com/groups/EU‐eSENS‐4998775
Visit e‐SENS: www.esens.eu
THANK YOU!QUESTIONS?
lld@netsmart.gr
27/02/2015 e‐SENS GA ‐WP526