Electronic identity management for e Government Conceptual framework
- Slides: 7
Electronic identity management for e. Government Conceptual framework and objectives Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public Service for ICT Sint-Pieterssteenweg 375 B-1040 Brussels E-mail: Frank. Robben@ksz. fgov. be Website: http: //www. law. kuleuven. ac. be/icri/frobben
Common conceptual framework ¡ ¡ entity: a physical or legal person identity: a unique number or a set of attributes of an entity that allows to know precisely who the entity is; an entity has only one identity characteristic: a characteristic of an entity, other than an attribute determining its identity, such as a capacity, a function, a professional qualification, . . . ; an entity can have several characteristics mandate: a right granted by an identified entity to another identified entity to perform welldefined legal actions in her name and for her account Frank. Robben@ksz. fgov. be 2
Common conceptual framework ¡ ¡ authentication: the process of checking whether what is being pretended, is true; authentication can relate to identity or to a characteristic; authentication can be done based on the verification of knowledge (e. g. a password), of possession (e. g. an electronic card), of biometrical characteristics or on a combination of those authorization: a permission to an entity to perform a defined action or to use a defined service role: a list of authorizations related to an application profile: a list of roles Frank. Robben@ksz. fgov. be 3
Objectives to be reached ¡ be able to electronically l l l ¡ ¡ ¡ identify a physical or legal person know the relevant characteristics of a physical or legal person know that an entity has been mandated by another entity to perform a legal action in a sufficiently certain and secure way in as much relations as possible (C 2 C, C 2 B, C 2 G, B 2 B, B 2 G, …) using open interoperability standards Frank. Robben@ksz. fgov. be 4
Some issues to be dealt with ¡ ¡ the means by which a physical or legal person can be identified within each country and across countries the way identity management and characteristics management are well separated in order to guarantee the multifunctional use of identity authentication means the quality insurance criteria for the registration procedures that are used to verify the identity, a characteristic or a mandate before linking it to authentication means the quality insurance criteria for authentication means and their use Frank. Robben@ksz. fgov. be 5
Some issues to be dealt with ¡ ¡ ¡ the criteria to securely exchange identity, characteristics, mandate and authentication data in an electronic way between information systems an organizational, functional and technical interoperability framework to exchange identity, characteristics, mandate and authentication data based on open standards the necessary legal framework for identity, characteristics and mandate management and the implications on existing law (e. g. directives on privacy protection and electronic signatures) Frank. Robben@ksz. fgov. be 6
Proposed method ¡ ¡ ¡ to work out a common conceptual framework, a common vision and common basic principles to translate these principles in common, measurable objectives to ask every Member State to develop an action plan to achieve these objectives to elaborate an architecture and guidebooks to implement the principles to create a forum for the exchange of best practices Frank. Robben@ksz. fgov. be 7