logging in or signing up 07 eID Sanchez Reillo Savina Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 67 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: October 31, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Pan-European Interoperability Solutions: Experiences from eEpoch Pilot Sites: Pan-European Interoperability Solutions: Experiences from eEpoch Pilot Sites © Raul Sanchez-Reillo GUTI – Universidad Carlos III MadridContents: Contents Interoperable eID? What for? Levels of eID IOP Bottlenecks Technical Political / Organizational eEpoch Pilot Sites Bologna Issy-les-Moulineaux Jerusalem Rome Sheffield SpainInteroperable eID: Interoperable eID It seems that everyone has a clear idea of what eID is, what is for, and the need of interoperability But those clear ideas could be very different among each of the people involved Among countries A different ID culture Customers / companies / governments A clear different “what for”Interoperable eID: Interoperable eID Lets play with some examples: Having a “legal” ID in some countries is: Something normal (even we can think of how could people live without that!!!) e.g. Spain Something intrusive to their own privacy (why must I have to be identified?) e.g. UK About commercial perspectives: Companies want to ID all the people for reasons such as marketing, etc. Clients are tired of giving their data to companies (spam suffering, what are they going to do with my data?, “I really do not want to be identified!”)Interoperable eID: Interoperable eID Then: eID must handle these situations Interoperability must consider not only the perspectives from the “service providers” but mainly the “clients” Once the “services” are clarified, and the “clients” are positive about them: Agreements at different levels must be reached Situations for Interoperability need must be identified Interoperabilty design Bottlenecks avoidingLevels of eID IOP: Levels of eID IOP Usually a bottom-up strategy is usually followed: Technical IOP Storage Media Algorithms Data Definition This seems to be mandatory, and the reason to reach IOP A lot of fighting for commercial, economical, strategy, etc. reasons Non-Technical IOP With who am I going to be IOP? What for? Am I aproving an eID from a third party? All services need the same level of eID? The eID has to be the “legal eID”? ...Levels of eID IOP: Levels of eID IOP In this sense, GIF support some clarifying ideas But mainly technical or really near to the technical sideBottlenecks: Bottlenecks Typically bottlenecks are identified with “technological reasons” Different kind of cards Different readers Different databases Different certificate structures Different CAs ... Most of the “technological reasons” (if not all) could be solved Building a more or less complicated “middleware” Building a “middle-infraestructure” Being devoted to reach an agreement!!!Bottlenecks: Bottlenecks An example outside this world: Who knows which video card is installed in his/her computer? Is it the same as the one of your collegue at your side? Do you both are able to use your software? An example inside this world: Using Propietary OS cards, or JavaCards, or MultOS could be the same as far as an IOP set of APDUs is defined (full and realistic) or as far as an API is built so that applications could used that API, instead of accessing directly to the card The bottleneck now is “who is/want to build that?”Bottlenecks: Bottlenecks Much more difficult is to solve “the other” bottlenecks Political Commercial Previous agreements Economical etc. But much more important is also answering the previous mentioned questions: With who am I going to be IOP? What for? Am I approving an eID from a third party? All services need the same level of eID IOP? The eID has to be “the legal eID”?eEpoch Pilot Sites: eEpoch Pilot Sites In eEpoch, we are devoted to reach IOP Solving the technical bottlenecks Solving “some” non-technical bottlenecks Through a set of Pilot Projects in different areas and countries in Europe Bologna Issy-les-Moulineaux Jerusalem Rome Sheffield City Council Spain Different concepts of eID, different services, different levels of IOPBologna: Bologna Bologna offers for the pilot two browser based services: A service for entrepreneurs wanting to establish a company in Bologna, A service for owners of actual properties in Bologna, wanting to handle their local taxes. Accepted by Spain Rome IssyIssy-les-Moulineaux: Issy-les-Moulineaux The e-service that is offered by Issy is on ‘e-ticketing’. Announcements of cultural events takes place via internet technology. It requires authentication and qualified signature when e-payment. Accepted by Bologna SpainRome: Rome Rome offers for the pilot that authenticated citizens, who use the service of INSP online access to their data in the INSP database Accepted by Bologna IsraelIsrael: Israel Israel offers three services National Insurance Form, to be signed by on-us cards via not-on-us infrastructure Tourist application, with order to be signed, by not on us cards via not-on-us infrastructure E-voting, with e-authentication to prevent double voting per person, for on-us and not-on-us cards, via on-us and not-on-us infrastructure Accepted by Rome SpainSheffield: Sheffield Sheffield wants to provide an eID to their citizens to allow them to use different electronic services eVoting Housing Tenants etc. Accepted by: To be defined in following weeksSpain: Spain Spain makes a browser based document available to formalise denounces, and offers that it will be signed with not-on-us certificate. Accepted by Bologna Issy RomeHow to handle it in eEpoch: How to handle it in eEpoch 2003 2004 Knowledge Research Knowledge Transfer IOP Specifications Demonstrations Evaluation Thank you.: Thank you. More info in www.eepoch.net You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
07 eID Sanchez Reillo Savina Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 67 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: October 31, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Pan-European Interoperability Solutions: Experiences from eEpoch Pilot Sites: Pan-European Interoperability Solutions: Experiences from eEpoch Pilot Sites © Raul Sanchez-Reillo GUTI – Universidad Carlos III MadridContents: Contents Interoperable eID? What for? Levels of eID IOP Bottlenecks Technical Political / Organizational eEpoch Pilot Sites Bologna Issy-les-Moulineaux Jerusalem Rome Sheffield SpainInteroperable eID: Interoperable eID It seems that everyone has a clear idea of what eID is, what is for, and the need of interoperability But those clear ideas could be very different among each of the people involved Among countries A different ID culture Customers / companies / governments A clear different “what for”Interoperable eID: Interoperable eID Lets play with some examples: Having a “legal” ID in some countries is: Something normal (even we can think of how could people live without that!!!) e.g. Spain Something intrusive to their own privacy (why must I have to be identified?) e.g. UK About commercial perspectives: Companies want to ID all the people for reasons such as marketing, etc. Clients are tired of giving their data to companies (spam suffering, what are they going to do with my data?, “I really do not want to be identified!”)Interoperable eID: Interoperable eID Then: eID must handle these situations Interoperability must consider not only the perspectives from the “service providers” but mainly the “clients” Once the “services” are clarified, and the “clients” are positive about them: Agreements at different levels must be reached Situations for Interoperability need must be identified Interoperabilty design Bottlenecks avoidingLevels of eID IOP: Levels of eID IOP Usually a bottom-up strategy is usually followed: Technical IOP Storage Media Algorithms Data Definition This seems to be mandatory, and the reason to reach IOP A lot of fighting for commercial, economical, strategy, etc. reasons Non-Technical IOP With who am I going to be IOP? What for? Am I aproving an eID from a third party? All services need the same level of eID? The eID has to be the “legal eID”? ...Levels of eID IOP: Levels of eID IOP In this sense, GIF support some clarifying ideas But mainly technical or really near to the technical sideBottlenecks: Bottlenecks Typically bottlenecks are identified with “technological reasons” Different kind of cards Different readers Different databases Different certificate structures Different CAs ... Most of the “technological reasons” (if not all) could be solved Building a more or less complicated “middleware” Building a “middle-infraestructure” Being devoted to reach an agreement!!!Bottlenecks: Bottlenecks An example outside this world: Who knows which video card is installed in his/her computer? Is it the same as the one of your collegue at your side? Do you both are able to use your software? An example inside this world: Using Propietary OS cards, or JavaCards, or MultOS could be the same as far as an IOP set of APDUs is defined (full and realistic) or as far as an API is built so that applications could used that API, instead of accessing directly to the card The bottleneck now is “who is/want to build that?”Bottlenecks: Bottlenecks Much more difficult is to solve “the other” bottlenecks Political Commercial Previous agreements Economical etc. But much more important is also answering the previous mentioned questions: With who am I going to be IOP? What for? Am I approving an eID from a third party? All services need the same level of eID IOP? The eID has to be “the legal eID”?eEpoch Pilot Sites: eEpoch Pilot Sites In eEpoch, we are devoted to reach IOP Solving the technical bottlenecks Solving “some” non-technical bottlenecks Through a set of Pilot Projects in different areas and countries in Europe Bologna Issy-les-Moulineaux Jerusalem Rome Sheffield City Council Spain Different concepts of eID, different services, different levels of IOPBologna: Bologna Bologna offers for the pilot two browser based services: A service for entrepreneurs wanting to establish a company in Bologna, A service for owners of actual properties in Bologna, wanting to handle their local taxes. Accepted by Spain Rome IssyIssy-les-Moulineaux: Issy-les-Moulineaux The e-service that is offered by Issy is on ‘e-ticketing’. Announcements of cultural events takes place via internet technology. It requires authentication and qualified signature when e-payment. Accepted by Bologna SpainRome: Rome Rome offers for the pilot that authenticated citizens, who use the service of INSP online access to their data in the INSP database Accepted by Bologna IsraelIsrael: Israel Israel offers three services National Insurance Form, to be signed by on-us cards via not-on-us infrastructure Tourist application, with order to be signed, by not on us cards via not-on-us infrastructure E-voting, with e-authentication to prevent double voting per person, for on-us and not-on-us cards, via on-us and not-on-us infrastructure Accepted by Rome SpainSheffield: Sheffield Sheffield wants to provide an eID to their citizens to allow them to use different electronic services eVoting Housing Tenants etc. Accepted by: To be defined in following weeksSpain: Spain Spain makes a browser based document available to formalise denounces, and offers that it will be signed with not-on-us certificate. Accepted by Bologna Issy RomeHow to handle it in eEpoch: How to handle it in eEpoch 2003 2004 Knowledge Research Knowledge Transfer IOP Specifications Demonstrations Evaluation Thank you.: Thank you. More info in www.eepoch.net