1 / 14

Findings from the eProcurement study

Findings from the eProcurement study. Arnd Weber Security of eGovernment , European Parliament, Brussels 2013. Public p rocurement in EU. 19% of GDP Prone to bid rigging , corruption. Source: Wikimedia. Electronic p rocurement. < 10% is e Procurement

shae
Download Presentation

Findings from the eProcurement study

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Findings from the eProcurement study Arnd Weber Security of eGovernment, European Parliament, Brussels 2013

  2. Public procurement in EU • 19% of GDP • Pronetobidrigging, corruption Source: Wikimedia Arnd Weber

  3. Electronic procurement • <10% iseProcurement • Confidentialinformation, such as: • Prices • Content • Passwords Arnd Weber

  4. Case study on securityofeProcurement • Will presenttwoover-archingissues • More available in report Arnd Weber

  5. Issue 1: Vulnerabilityofcomputersystems • Attacks such as • Zero-dayattacks • Craftedattacks • Wekeeppatching • Reuters on Commissionreport: Spyware in Chinese hardware • Issue also in eHealth etc. = Not a solid foundationforeGovernment Arnd Weber

  6. Issue 1: Vulnerabilityofcomputersystems Policy option: • Requirecomputersystemswithreliableisolation • Isolate sensitive ones • Isolate riskyapplications Arnd Weber

  7. Issue 1: Vulnerabilityofcomputersystems Useofisolation: • Whatsecurityistechnicallyfeasible? • Whatisusable? • Whatiseconomic? • Howcanpolicy push forisolation? • Require exhaustive analysis? • Requireprovensystems? • Topic ofsession on „Protectingagainstattacks“ = A startof a debate on policies Arnd Weber

  8. Issue 2: Varietyofsystems & tools FlorisAmpe, http://de.slideshare.net/Nicolas_Loozen/golden-book-presentation-challenges-and-opportunities Arnd Weber

  9. Issue 2: Varietyofsystems & tools • Hundredsofplatforms • Varietyoftoolsusedforauthentication, encryption, non-repudiation • Reluctancetouseplatforms: 50% ofpublicauthoritiesrejectconceptofmandatoryeProcurement Arnd Weber

  10. Issue 2: Varietyofsystems & tools • Policy option: European lead • Processes not efficient, go back to1990ies • Trans-borderprocessesneedtobeidentified, implemented, tested, theircost-efficiency estimated, androlled-out • Topic ofafternoonsession on thevariety in „27 Member States“ Arnd Weber

  11. Thanks! Tointerviewedexperts Toco-author Christian Henrich of Forschungszentrum Informatik Arnd Weber

  12. Backup Arnd Weber

  13. DrafteProcurementDirective 896 Key content: • MakeeProcmandatory • Commissioncanimposetechnicalstandards Comments: • Considerthatbiddersubmitsdecryptionkey after submissiondeadline • Reliance on centralsystemsmayleadtorisksandcosts • Have upgrade pathifsignaturesgethacked Arnd Weber

  14. Source: PEPPOL project Arnd Weber

More Related