Hungarian Electronic Public Administration Interoperability Framework (MEKIK) – Technical Standard...
Download
1 / 18

Hungarian Electronic Public Administration Interoperability Framework MEKIK - PowerPoint PPT Presentation


  • 322 Views
  • Uploaded on

Hungarian Electronic Public Administration Interoperability Framework (MEKIK) – Technical Standards Catalogue. Csaba Krasznay Budapest University of Technology and Economics Centre of Information Technology Hungary. Contents. Preliminary research Initial statements

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Hungarian Electronic Public Administration Interoperability Framework MEKIK ' - Sharon_Dale


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Slide1 l.jpg

Hungarian Electronic Public Administration Interoperability Framework (MEKIK) – Technical Standards Catalogue

Csaba Krasznay

Budapest University of Technology and Economics Centre of Information Technology

Hungary


Contents l.jpg
Contents Framework (MEKIK) – Technical Standards Catalogue

  • Preliminary research

  • Initial statements

  • Realization of methodology

  • Security framework


Background l.jpg
Background Framework (MEKIK) – Technical Standards Catalogue

  • EU expectations for „one-window administration”

  • Hungarian Ministry of Informatics and Communications realized the lack of interoperability

  • The project „Hungarian Electronic Public Administration Interoperability Framework (MEKIK)” began


Slide4 l.jpg
Aims Framework (MEKIK) – Technical Standards Catalogue

  • The scope of project was:

    • Declaration of the necessary standards

    • Definition of work-flows

  • Experts should bear in mind the EU funded Interchange of Data between Administrations (IDA) project, focusing on:

    • Accessibility

    • Multilingualism

    • Security

    • Protection of private data

    • Subsidiarity

    • Usage of open standards

    • Usage of open source code application


Initial statements l.jpg
Initial statements Framework (MEKIK) – Technical Standards Catalogue

  • During the preparatory work, the project team examined the solutions, standards and best practices of the United Kingdom, Sweden, Germany, France, Denmark, Australia and the EU

  • This work resulted some technical suggestions:

    • The interoperability framework shall be based on XML (SOAP protocol, XML Signature, XML Encryption, XSD Schemas)

    • Security features are based on Public Key Infrastructure

    • Future technologies, such as WSDL and UDDI are mentioned

    • A portal for standard catalogue and middleware is a must


Sources of the catalogue l.jpg
Sources of the catalogue Framework (MEKIK) – Technical Standards Catalogue

  • Second step for developing the standard catalogue is to sort the technical standards

  • Experts took into consideration the German and British examples, SAGA and e-GIF

  • Two main categories were made:

    • Data structures, message structure standards, that can be different in each countries,

    • All other (mainly open and accessible) international technical standards

  • Developers of systems for public administration shall design their product by using these standards


Metadata l.jpg
Metadata Framework (MEKIK) – Technical Standards Catalogue

  • Experts should make a choice about the form of the standard catalogue:

    • One document with the whole standard catalogue (British model)?

    • Browsable and searchable portal (Danish model)?

  • The final decision was to make both of them

  • Documents in the portal shall be classified with metadata

  • Best metadata structure for that purpose is Management Information Resources for eGovernment (MIReG) which based on Dublin Core


Middleware l.jpg
Middleware Framework (MEKIK) – Technical Standards Catalogue

  • The middleware must be able to communicate and process messages based on the standards listed in the catalogue

  • It has the following functions:

    • Identification

    • Authentication

    • Authorization

    • Managing message transfer

    • Making entries in the logfile

    • Converting data

    • Managing security services


Security in public administration l.jpg
Security in public administration Framework (MEKIK) – Technical Standards Catalogue

  • Security is emphatic part of the interoperability project which was controlled by the Ministry of Informatics and Communications, the Prime Minister’s Office and the Ministry of Interior

  • Main topics were:

    • Security framework

    • CA requirements

    • Application requirements

    • System requirements

    • Access control management

    • Smart card specification

    • Mobile phone authentication


Security framework l.jpg
Security framework Framework (MEKIK) – Technical Standards Catalogue

  • Defines the levels and categories of security aspects in A2A, A2B and A2C communication

  • Experts established 5 functional and 1 assurance requirements:

    • Registration

    • Authentication

    • Integrity

    • Confidentiality

    • Non-repudiation

    • Conformance


Electronic signatures in public administration l.jpg
Electronic signatures in public administration Framework (MEKIK) – Technical Standards Catalogue

  • 3 + 1 electronic signature security levels were also laid down:

    • level 0: no expectation (there is no need to use electronic signature),

    • level 1: low expectations (advanced electronic signature is needed with software token),

    • level 2: average expectations (advanced electronic signature is needed with hardware token),

    • level 3: high expectations (qualified electronic signature is needed with secure signature-creation device).


Certificate authority requirements l.jpg
Certificate Authority requirements Framework (MEKIK) – Technical Standards Catalogue

  • CA’s have distinguished role in the security framework

  • 6 types of different CAs are necessary to serve electronic public administration:

    • issuing secure signature-creation device with qualified certificate,

    • issuing secure signature-creation device with authentication certificate for citizens,

    • secure signature-creation device with authentication and encryption certificate for civil servants,

    • issuing hardware token with signature and encryption certificate,

    • issuing software token with signature and encryption certificate,

    • time-stamping service provider.

  • Key recovery rules were also created for public servant’s encrypting keys


Smart card specification l.jpg
Smart card specification Framework (MEKIK) – Technical Standards Catalogue

  • Hungarian eID card is called HUNEID

  • It is a public key enabled smart card

  • Based on CEN CWA 14890

  • Environment of these cards is also defined

  • This is the basis of all A2B and A2C services

  • Sample application exists


Legal aspects l.jpg
Legal aspects Framework (MEKIK) – Technical Standards Catalogue

  • This technical framework can be successful if it is demanded for all e-governmental development

  • Legislation work is needed to establish the legal environment for the framework

  • Experiences of the United Kingdom and Austria were assimilated

  • Still under development

  • The Hungarian Government will accept the legal background of the framework in April


Slide15 l.jpg
PPP Framework (MEKIK) – Technical Standards Catalogue

  • Real interoperability is just a dream without the private sector

  • The Hungarian Electronic Signature Association has a standardization work to comply the framework’s specifications

  • All Hungarian certificate authorities and software developers participate in this work

  • We hope that we can make real interoperability with this work in the field of certificate profiles and XML signatures


Slide16 l.jpg
SWOT Framework (MEKIK) – Technical Standards Catalogue

  • Strengths

    • Complex framework based on international experiences

    • All parts were created by the best experts in Hungary

  • Weaknesses

    • Most fields are not yet widely used, the technical implementations are missing

    • It’s still not complete

  • Opportunities

    • Interoperability between governmental services

    • Guide for private implementations

  • Threats

    • Lack of funds

    • Low level of awareness


References l.jpg
References Framework (MEKIK) – Technical Standards Catalogue

  • [1] Hungarian documents of MEKIK project are accessible at the following URL:

    http://www.itktb.hu/engine.aspx?page=elka_oldal

  • [2] Common list of basic public services

    http://europa.eu.int/information_society/eeurope/2002/action_plan/pdf/basicpublicservices.pdf


Questions l.jpg
Questions? Framework (MEKIK) – Technical Standards Catalogue

Thank you for your attention!


ad