Hungarian Electronic Public Administration Interoperability Framework (MEKIK) – Technical Standard...
Download
1 / 18

Hungarian Electronic Public Administration Interoperability Framework (MEKIK) – Technical Standards Catalogue - PowerPoint PPT Presentation


Hungarian Electronic Public Administration Interoperability Framework (MEKIK) – Technical Standards Catalogue. Csaba Krasznay Budapest University of Technology and Economics Centre of Information Technology Hungary. Contents. Preliminary research Initial statements

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha

Download Presentation

Hungarian Electronic Public Administration Interoperability Framework (MEKIK) – Technical Standards Catalogue

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Slide1 l.jpg
Hungarian Electronic Public Administration Interoperability Framework (MEKIK) – Technical Standards Catalogue

Csaba Krasznay

Budapest University of Technology and Economics Centre of Information Technology

Hungary


Contents l.jpg
Contents Framework (MEKIK) – Technical Standards Catalogue

  • Preliminary research

  • Initial statements

  • Realization of methodology

  • Security framework


Background l.jpg
Background Framework (MEKIK) – Technical Standards Catalogue

  • EU expectations for „one-window administration”

  • Hungarian Ministry of Informatics and Communications realized the lack of interoperability

  • The project „Hungarian Electronic Public Administration Interoperability Framework (MEKIK)” began


Slide4 l.jpg
Aims Framework (MEKIK) – Technical Standards Catalogue

  • The scope of project was:

    • Declaration of the necessary standards

    • Definition of work-flows

  • Experts should bear in mind the EU funded Interchange of Data between Administrations (IDA) project, focusing on:

    • Accessibility

    • Multilingualism

    • Security

    • Protection of private data

    • Subsidiarity

    • Usage of open standards

    • Usage of open source code application


Initial statements l.jpg
Initial statements Framework (MEKIK) – Technical Standards Catalogue

  • During the preparatory work, the project team examined the solutions, standards and best practices of the United Kingdom, Sweden, Germany, France, Denmark, Australia and the EU

  • This work resulted some technical suggestions:

    • The interoperability framework shall be based on XML (SOAP protocol, XML Signature, XML Encryption, XSD Schemas)

    • Security features are based on Public Key Infrastructure

    • Future technologies, such as WSDL and UDDI are mentioned

    • A portal for standard catalogue and middleware is a must


Sources of the catalogue l.jpg
Sources of the catalogue Framework (MEKIK) – Technical Standards Catalogue

  • Second step for developing the standard catalogue is to sort the technical standards

  • Experts took into consideration the German and British examples, SAGA and e-GIF

  • Two main categories were made:

    • Data structures, message structure standards, that can be different in each countries,

    • All other (mainly open and accessible) international technical standards

  • Developers of systems for public administration shall design their product by using these standards


Metadata l.jpg
Metadata Framework (MEKIK) – Technical Standards Catalogue

  • Experts should make a choice about the form of the standard catalogue:

    • One document with the whole standard catalogue (British model)?

    • Browsable and searchable portal (Danish model)?

  • The final decision was to make both of them

  • Documents in the portal shall be classified with metadata

  • Best metadata structure for that purpose is Management Information Resources for eGovernment (MIReG) which based on Dublin Core


Middleware l.jpg
Middleware Framework (MEKIK) – Technical Standards Catalogue

  • The middleware must be able to communicate and process messages based on the standards listed in the catalogue

  • It has the following functions:

    • Identification

    • Authentication

    • Authorization

    • Managing message transfer

    • Making entries in the logfile

    • Converting data

    • Managing security services


Security in public administration l.jpg
Security in public administration Framework (MEKIK) – Technical Standards Catalogue

  • Security is emphatic part of the interoperability project which was controlled by the Ministry of Informatics and Communications, the Prime Minister’s Office and the Ministry of Interior

  • Main topics were:

    • Security framework

    • CA requirements

    • Application requirements

    • System requirements

    • Access control management

    • Smart card specification

    • Mobile phone authentication


Security framework l.jpg
Security framework Framework (MEKIK) – Technical Standards Catalogue

  • Defines the levels and categories of security aspects in A2A, A2B and A2C communication

  • Experts established 5 functional and 1 assurance requirements:

    • Registration

    • Authentication

    • Integrity

    • Confidentiality

    • Non-repudiation

    • Conformance


Electronic signatures in public administration l.jpg
Electronic signatures in public administration Framework (MEKIK) – Technical Standards Catalogue

  • 3 + 1 electronic signature security levels were also laid down:

    • level 0: no expectation (there is no need to use electronic signature),

    • level 1: low expectations (advanced electronic signature is needed with software token),

    • level 2: average expectations (advanced electronic signature is needed with hardware token),

    • level 3: high expectations (qualified electronic signature is needed with secure signature-creation device).


Certificate authority requirements l.jpg
Certificate Authority requirements Framework (MEKIK) – Technical Standards Catalogue

  • CA’s have distinguished role in the security framework

  • 6 types of different CAs are necessary to serve electronic public administration:

    • issuing secure signature-creation device with qualified certificate,

    • issuing secure signature-creation device with authentication certificate for citizens,

    • secure signature-creation device with authentication and encryption certificate for civil servants,

    • issuing hardware token with signature and encryption certificate,

    • issuing software token with signature and encryption certificate,

    • time-stamping service provider.

  • Key recovery rules were also created for public servant’s encrypting keys


Smart card specification l.jpg
Smart card specification Framework (MEKIK) – Technical Standards Catalogue

  • Hungarian eID card is called HUNEID

  • It is a public key enabled smart card

  • Based on CEN CWA 14890

  • Environment of these cards is also defined

  • This is the basis of all A2B and A2C services

  • Sample application exists


Legal aspects l.jpg
Legal aspects Framework (MEKIK) – Technical Standards Catalogue

  • This technical framework can be successful if it is demanded for all e-governmental development

  • Legislation work is needed to establish the legal environment for the framework

  • Experiences of the United Kingdom and Austria were assimilated

  • Still under development

  • The Hungarian Government will accept the legal background of the framework in April


Slide15 l.jpg
PPP Framework (MEKIK) – Technical Standards Catalogue

  • Real interoperability is just a dream without the private sector

  • The Hungarian Electronic Signature Association has a standardization work to comply the framework’s specifications

  • All Hungarian certificate authorities and software developers participate in this work

  • We hope that we can make real interoperability with this work in the field of certificate profiles and XML signatures


Slide16 l.jpg
SWOT Framework (MEKIK) – Technical Standards Catalogue

  • Strengths

    • Complex framework based on international experiences

    • All parts were created by the best experts in Hungary

  • Weaknesses

    • Most fields are not yet widely used, the technical implementations are missing

    • It’s still not complete

  • Opportunities

    • Interoperability between governmental services

    • Guide for private implementations

  • Threats

    • Lack of funds

    • Low level of awareness


References l.jpg
References Framework (MEKIK) – Technical Standards Catalogue

  • [1]Hungarian documents of MEKIK project are accessible at the following URL:

    http://www.itktb.hu/engine.aspx?page=elka_oldal

  • [2]Common list of basic public services

    http://europa.eu.int/information_society/eeurope/2002/action_plan/pdf/basicpublicservices.pdf


Questions l.jpg
Questions? Framework (MEKIK) – Technical Standards Catalogue

Thank you for your attention!


ad
  • Login