slide1
Download
Skip this Video
Download Presentation
Hungarian Electronic Public Administration Interoperability Framework (MEKIK) – Technical Standards Catalogue

Loading in 2 Seconds...

play fullscreen
1 / 18

Hungarian Electronic Public Administration Interoperability Framework (MEKIK) – Technical Standards Catalogue - PowerPoint PPT Presentation


  • 324 Views
  • Uploaded on

Hungarian Electronic Public Administration Interoperability Framework (MEKIK) – Technical Standards Catalogue. Csaba Krasznay Budapest University of Technology and Economics Centre of Information Technology Hungary. Contents. Preliminary research Initial statements

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Hungarian Electronic Public Administration Interoperability Framework (MEKIK) – Technical Standards Catalogue' - Sharon_Dale


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Hungarian Electronic Public Administration Interoperability Framework (MEKIK) – Technical Standards Catalogue

Csaba Krasznay

Budapest University of Technology and Economics Centre of Information Technology

Hungary

contents
Contents
  • Preliminary research
  • Initial statements
  • Realization of methodology
  • Security framework
background
Background
  • EU expectations for „one-window administration”
  • Hungarian Ministry of Informatics and Communications realized the lack of interoperability
  • The project „Hungarian Electronic Public Administration Interoperability Framework (MEKIK)” began
slide4
Aims
  • The scope of project was:
    • Declaration of the necessary standards
    • Definition of work-flows
  • Experts should bear in mind the EU funded Interchange of Data between Administrations (IDA) project, focusing on:
    • Accessibility
    • Multilingualism
    • Security
    • Protection of private data
    • Subsidiarity
    • Usage of open standards
    • Usage of open source code application
initial statements
Initial statements
  • During the preparatory work, the project team examined the solutions, standards and best practices of the United Kingdom, Sweden, Germany, France, Denmark, Australia and the EU
  • This work resulted some technical suggestions:
    • The interoperability framework shall be based on XML (SOAP protocol, XML Signature, XML Encryption, XSD Schemas)
    • Security features are based on Public Key Infrastructure
    • Future technologies, such as WSDL and UDDI are mentioned
    • A portal for standard catalogue and middleware is a must
sources of the catalogue
Sources of the catalogue
  • Second step for developing the standard catalogue is to sort the technical standards
  • Experts took into consideration the German and British examples, SAGA and e-GIF
  • Two main categories were made:
    • Data structures, message structure standards, that can be different in each countries,
    • All other (mainly open and accessible) international technical standards
  • Developers of systems for public administration shall design their product by using these standards
metadata
Metadata
  • Experts should make a choice about the form of the standard catalogue:
    • One document with the whole standard catalogue (British model)?
    • Browsable and searchable portal (Danish model)?
  • The final decision was to make both of them
  • Documents in the portal shall be classified with metadata
  • Best metadata structure for that purpose is Management Information Resources for eGovernment (MIReG) which based on Dublin Core
middleware
Middleware
  • The middleware must be able to communicate and process messages based on the standards listed in the catalogue
  • It has the following functions:
    • Identification
    • Authentication
    • Authorization
    • Managing message transfer
    • Making entries in the logfile
    • Converting data
    • Managing security services
security in public administration
Security in public administration
  • Security is emphatic part of the interoperability project which was controlled by the Ministry of Informatics and Communications, the Prime Minister’s Office and the Ministry of Interior
  • Main topics were:
    • Security framework
    • CA requirements
    • Application requirements
    • System requirements
    • Access control management
    • Smart card specification
    • Mobile phone authentication
security framework
Security framework
  • Defines the levels and categories of security aspects in A2A, A2B and A2C communication
  • Experts established 5 functional and 1 assurance requirements:
    • Registration
    • Authentication
    • Integrity
    • Confidentiality
    • Non-repudiation
    • Conformance
electronic signatures in public administration
Electronic signatures in public administration
  • 3 + 1 electronic signature security levels were also laid down:
    • level 0: no expectation (there is no need to use electronic signature),
    • level 1: low expectations (advanced electronic signature is needed with software token),
    • level 2: average expectations (advanced electronic signature is needed with hardware token),
    • level 3: high expectations (qualified electronic signature is needed with secure signature-creation device).
certificate authority requirements
Certificate Authority requirements
  • CA’s have distinguished role in the security framework
  • 6 types of different CAs are necessary to serve electronic public administration:
    • issuing secure signature-creation device with qualified certificate,
    • issuing secure signature-creation device with authentication certificate for citizens,
    • secure signature-creation device with authentication and encryption certificate for civil servants,
    • issuing hardware token with signature and encryption certificate,
    • issuing software token with signature and encryption certificate,
    • time-stamping service provider.
  • Key recovery rules were also created for public servant’s encrypting keys
smart card specification
Smart card specification
  • Hungarian eID card is called HUNEID
  • It is a public key enabled smart card
  • Based on CEN CWA 14890
  • Environment of these cards is also defined
  • This is the basis of all A2B and A2C services
  • Sample application exists
legal aspects
Legal aspects
  • This technical framework can be successful if it is demanded for all e-governmental development
  • Legislation work is needed to establish the legal environment for the framework
  • Experiences of the United Kingdom and Austria were assimilated
  • Still under development
  • The Hungarian Government will accept the legal background of the framework in April
slide15
PPP
  • Real interoperability is just a dream without the private sector
  • The Hungarian Electronic Signature Association has a standardization work to comply the framework’s specifications
  • All Hungarian certificate authorities and software developers participate in this work
  • We hope that we can make real interoperability with this work in the field of certificate profiles and XML signatures
slide16
SWOT
  • Strengths
    • Complex framework based on international experiences
    • All parts were created by the best experts in Hungary
  • Weaknesses
    • Most fields are not yet widely used, the technical implementations are missing
    • It’s still not complete
  • Opportunities
    • Interoperability between governmental services
    • Guide for private implementations
  • Threats
    • Lack of funds
    • Low level of awareness
references
References
  • [1] Hungarian documents of MEKIK project are accessible at the following URL:

http://www.itktb.hu/engine.aspx?page=elka_oldal

  • [2] Common list of basic public services

http://europa.eu.int/information_society/eeurope/2002/action_plan/pdf/basicpublicservices.pdf

questions
Questions?

Thank you for your attention!

ad