Introduction to the european model of regulation for electronic signatures
This presentation is the property of its rightful owner.
Sponsored Links
1 / 23

Introduction to the European model of regulation for electronic signatures PowerPoint PPT Presentation


  • 57 Views
  • Uploaded on
  • Presentation posted in: General

Introduction to the European model of regulation for electronic signatures. Dr. Szilveszter Ádám Chair of FESA. Contents. Brief introduction of the EU Directive 1999/93/EC (Electronic Signatures Directive) EU Action Plan on e-Signatures and e-Identification

Download Presentation

Introduction to the European model of regulation for electronic signatures

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Introduction to the european model of regulation for electronic signatures

Introduction to the European model of regulation for electronic signatures

Dr. Szilveszter Ádám

Chair of FESA

Tirana, Albania


Contents

Contents

  • Brief introduction of the EU Directive 1999/93/EC (Electronic Signatures Directive)

  • EU Action Plan on e-Signatures and e-Identification

  • Introduction of FESA (Forum of European Supervisory Authorities for Electronic Signatures)

Tirana, Albania


The directive 1999 93 ec on a community framework for electronic signatures

The Directive 1999/93/EC on a Community Framework for electronic signatures

  • Aim: To facilitate the cross-border use of electronic signatures with legal validity within the EU

  • Technology-neutral

  • Establishes a minimal framework for the acceptance of electronic signatures and signature certificates.

  • Also concerns the free movement of services and goods connected with electronic signatures

Tirana, Albania


The directive 1999 93 ec on a community framework for electronic signatures1

The Directive 1999/93/EC on a Community Framework for electronic signatures

  • Key terms:

    • „Simple” electronic signature

    • Advanced electronic signature (Art. 2.2)

      • Is uniquely linked to the signatory

      • Is capable of identifying the signatory

      • Is created with means under the sole control of the signatory

      • Any subsequent change of the signed data is detectable

      • Legal validity: must not be denied admissibility as evidence solely because it is in electronic form and is not a qualified signature.

Tirana, Albania


The directive 1999 93 ec on a community framework for electronic signatures2

The Directive 1999/93/EC on a Community Framework for electronic signatures

  • Key terms:

    • Qualified electronic signature (Art. 5.1)

      • An advanced electronic signature that is based on a qualified certificate and

      • Created with a Secure Signature Creation Device (SSCD)

      • Legal effect: Has the same legal effect as a handwritten signature on a paper document in all EU Member States

    • Basic requirements for qualified certificate and SSCD are included in the Annexes of the Directive.

Tirana, Albania


The directive 1999 93 ec on a community framework for electronic signatures3

The Directive 1999/93/EC on a Community Framework for electronic signatures

  • Key terms:

    • Services related to electronic signatures:

      • Issuing of signature certificates (CA services)

      • Time-stamping services

      • Other services (electronic archival, consultancy etc.)

    • Electronic signature products

      • Hardware or software or component intended to be used by a service provider for electronic signature services or intended to be used for the creation or verification of signatures.

Tirana, Albania


The directive 1999 93 ec on a community framework for electronic signatures4

The Directive 1999/93/EC on a Community Framework for electronic signatures

  • Market access:

    • No prior authorisation scheme is allowed for the start of service providers.

    • Service providers established in an EU country may freely operate in the Internal Market.

    • Signature products (including SSCDs) may also circulate freely within the Internal Market. (Certifications for SSCDs are also valid in all EU Member States)

Tirana, Albania


The directive 1999 93 ec on a community framework for electronic signatures5

The Directive 1999/93/EC on a Community Framework for electronic signatures

  • Control measures for electronic signature services

    • Member States must operate an effective system of supervision at least for CAs issuing qualified certificates to the public

    • The use of electronic signatures in the public sector (e-government) may be restricted by further requirements

    • Voluntary accreditation schemes

Tirana, Albania


The directive 1999 93 ec on a community framework for electronic signatures6

The Directive 1999/93/EC on a Community Framework for electronic signatures

  • Equivalence of certificates issued in countries outside of the EU with qualified certificates issued in the EU:

    • CA must fulfill the requirements of the Directive and be accredited under a voluntary accreditation scheme in a Member State

    • Another CA established in a Member State and fulfilling the requirements guarantees the certificate

    • The certificate or its issuer is recognised under a bilateral or multilateral agreement between the EU and third countries or international organisations

Tirana, Albania


The directive 1999 93 ec on a community framework for electronic signatures7

The Directive 1999/93/EC on a Community Framework for electronic signatures

  • Other measures:

    • Minimum liability rules for service providers issuing qualified certificates to the public

    • Data protection rules

    • Role of the EU Commission, Article 9 Committee

    • List of Generally Recognised Standards to ease interoperability

Tirana, Albania


The directive 1999 93 ec on a community framework for electronic signatures8

The Directive 1999/93/EC on a Community Framework for electronic signatures

  • Connection with technical standardisation

    • EESSI (initiative of EU Commission)

    • ETSI (TC ESI) -> documents related to policy, operation of electronic signature services

    • CEN -> documents related to trustworthy systems

    • Common Criteria Protection Profiles for electronic signature products

    • ISO (documents pertaining to eg smart cards, information security management system)

Tirana, Albania


Operation of pki hierarchies for electronic signatures in practice

Operation of PKI hierarchies for electronic signatures in practice

  • The Directive only regulates the most important aspects, the rest is left to the Member States

  • There is no unified European PKI hierarchy, and no European Root CA.

  • Each country has its own model:

    • National Root CA: Germany, Austria

    • Special Purpose Root CA: Hungary

    • Signed list of CAs: Italy

Tirana, Albania


Practical example hungary

Practical example: Hungary

  • PKI hierarchy:

    • No national Root CA

    • Public Administration Root CA:

      • At the peak of the hierarchy for certificates that may be used with e-government services (issued to authorities and to citizens)

    • Each CA has its own root (in one case, several roots)

  • System of supervision:

    • Extends to all CAs issuing certificates to the public

    • Also to time-stamping and archival services

    • Operated by the National Communications Authority

Tirana, Albania


Action plan of the eu commission on e signatures and e identification

Action Plan of the EU Commission on e-Signatures and e-Identification

  • Adopted by the Commission on 28th November 2008.

  • Aim: To offer a framework for the cross-border use of electronic signatures and electronic identification in the EU

  • Motivation:

    • Services Directive (e-government services)

    • Public Procurement (cross-border bidding)

    • Electronic Invoicing (financial information exchange)

Tirana, Albania


Action plan of the eu commission on e signatures and e identification1

Action Plan of the EU Commission on e-Signatures and e-Identification

  • Complements existing instruments (Electronic Signatures Directive, i2010 e-Government Action Plan)

  • Part of the Lisbon Strategy

Tirana, Albania


Action plan of the eu commission on e signatures and e identification2

Action Plan of the EU Commission on e-Signatures and e-Identification

  • Actions related to electronic signatures

    • Update of the list of „Generally Recognised Standards” (Commission Decision 2003/511/EC)

    • Creation of Trusted Lists for easy and automated retrieval of information related to supervision systems, service providers and certificates (qualified certificates)

    • Adoption of guidelines to help implementation of qualified signatures and advanced signatures based on qualified certificates in an interoperable way.

Tirana, Albania


Action plan of the eu commission on e signatures and e identification3

Action Plan of the EU Commission on e-Signatures and e-Identification

  • Actions related to electronic signatures

    • Update of the country profiles on the use of electronic signatures in e-government applications

    • Feasibility study about a federated validation service for advanced electronic signatures not based on a qualified certificate.

    • Linking the results with tests of the validation service established in PEPPOL project (Public Procurement Online)

Tirana, Albania


Action plan of the eu commission on e signatures and e identification4

Action Plan of the EU Commission on e-Signatures and e-Identification

  • Actions related to electronic identification

    • Update of country profiles about the use of e-ID in e-government applications

    • Specific surveys about the use of e-ID in the Member States

    • Cooperation with the STORK Project (interoperability of e-identification for public services)

    • Possibility of further actions if needed.

Tirana, Albania


Action plan of the eu commission on e signatures and e identification5

Action Plan of the EU Commission on e-Signatures and e-Identification

  • Document is available (in English) on the Europa server:

    http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2008:0798:FIN:EN:PDF

Tirana, Albania


Recent developments

Recent developments

  • Digital Agenda for Europe adopted in May 2010

    • Key Action 3: Revision of the e-Signatures Directive to provide interoperability and cross-border recognition to secure e-Authentication systems.

    • The document is available here:

      http://ec.europa.eu/information_society/digital-agenda/index_en.htm

Tirana, Albania


Introduction of fesa

Introduction of FESA

  • Founded in 2002

  • Membership:

    • Full members: Authorities responsible for supervision of electronic signature services and organisations responsible for voluntary accreditation schemes in EU Member States, Candidate Countries and EEA Member States

    • Associate members: Similar organisations from other countries that have an interest in discussing the matters within the scope of FESA

  • Scope:

    • Facilitation of cooperation between members, harmonisation of their activities, adoption of common points of view in the dialog with other concerned institutions

Tirana, Albania


Introduction of fesa1

Introduction of FESA

  • Meetings of the Assembly are held at least twice a year

  • Board of FESA:

    • Consists of three members (Chair and two Secretaries)

    • Is elected by the Assembly for a period of two years (possibility of renewal)

  • Between meetings, work is conducted using the mailing lists and the website of the organisation.

  • No fixed seat or secretariat

  • Public information available at http://www.fesa.eu/

Tirana, Albania


Thank you for your interest

Thank you for your interest!

[email protected]

Tirana, Albania


  • Login