Date post: | 16-Dec-2015 |
Category: |
Documents |
Upload: | lee-edwards |
View: | 214 times |
Download: | 1 times |
E-government: the approach of the Belgian federal administration
Frank RobbenGeneral manager Crossroads Bank for Social SecurityStrategic advisor Federal Public Service for ICTSint-Pieterssteenweg 375B-1040 BrusselsE-mail: [email protected]: http://www.law.kuleuven.ac.be/icri/frobben
Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
2 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
What is E-government ?
E-government is a continuous optimization of service delivery and governance by transforming internal and external relationships through technology, internet and new media
external relationships- government <-> citizen
- government <-> business internal relationships
- government <-> government
- government <-> employees all relationships
- are bidirectional
- can be within a country or border-crossing
3 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Government
not monolithic- EU- in every country
• federal level• regions• communities• provinces• municipalities• parapublic institutions• private instutions participating in delivery of public services• …
integrated E-government is based upon common strategy, multilateral agreements and interoperability
E-government contains the opportunity to realize one virtual electronic government with full respect for every specific competence
4 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Advantages
efficiency gains- in terms of costs: same services at lower total costs, e.g.
• unique information collection using co-ordinated notions and administrative instructions
• less re-encoding of information by electronic information exchange
• less contacts
• functional task sharing concerning information management, information validation and application development (distributed information systems)
- in terms of quantity: more services at same total cost, e.g.• all services are available at any time, from anywhere and from any device
• integrated service delivery
- in terms of speed: same services at same total cost in less time• reduction of waiting and travel time
• direct interaction with competent governmental institution
• real time feedback for the user
5 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Advantages (ctd)
effectiveness gains- in terms of quality: same services at same total cost in same
time, but to a higher quality standard, e.g.• more correct service delivery• personalized and participative service delivery• more transparant and comprehensive service delivery• more secure service delivery• possibility of quality control on service delivery process by customer
- in terms of type of services: new types of services, e.g.• push system: automatic granting of or information about services• active search of non-take-up using datawarehousing techniques• controlled management of own personal information• personalized simulation environments
6 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
E-government: a structural reform process
ICT is only a means by which a result may be obtained
E-government requires- change of basic mindset: from government centric to
customer centric- re-engineering of processes and end-to-end integration of
these processes- considering information as a strategic resource for all
government activity
7 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
E-government: a structural reform process (ctd)
E-government requires (ctd)- co-operation between
• governmental institutions: one virtual electronic government, with respect for mission and core tasks of each governmental institution and government level
• government and private sector
- adequate legal environment elaborated at the correct level- interoperability framework: ICT, security, unique identification
keys, harmonized concepts- implementation with a decentralized approach, but with co-
ordinated planning and program management (think global, act local)
- adequate measures to prevent a digital divide
8 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
9 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Customer centric
unique declaration of every event during the life cycle/business episode of a customer and automatic granting of all related services
delivery of services that cannot be granted automatically to a customer- in an integrated way (information, interaction, transaction)- re-using all available information- in a personalized way (look & feel and interface, content,
personalized support)- or at least based on the way of thinking of the customer
group (life events, business episodes, life styles, target groups)
10 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Customer centric (ctd)
declaration of events and service delivery via an access method chosen by the customer- application to application- file transfer- various end-user devices
• PC, GSM, PDA, digital TV, kiosks, …
- use of intermediaries- accessible to disabled
use of integrated customer relation management tools contact center
11 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Re-engineering and integration of processes
need for re-engineering of processes- within each government institution
- within each government level
- across government levels
- between government and his customers need for end-to-end integration of processes: concept of value
chains for the customers- lack of integration leads to
• overloading of the citizens/companies
– multiple collection of the same information by several governmental institutions
– no re-use of available information
– avoidable contacts with citizens/companies due to multiple, unco-ordinated quality checks
• waste of efficiency and time
• suboptimal support of the policy made by government
• higher possibilities of fraud
12 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Information as a strategic resource
respect of basic principles concerning- information modelling- unique collection and re-use of information- management of information- electronic exchange of information- protection of information
13 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Information as resource: implications
information modelling- information is being modelled in such a way that the model
fits in as close as possible with the real world• definition of information elements• definition of attributes of information elements• definition of relations between information elements
- information modelling takes into account as much as possible the expectable use cases of the information
- the information model can be flexibly extended or adapted when the real world or the use cases of the information change
14 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Information as resource: implications (ctd)
unique collection and re-use of information- information is only collected for well-defined purposes and in
a proportional way to these purposes- all information is collected once, as close to the authentic
source as possible- information is collected via a supplier-chosen channel, but
preferably in an electronic way, using uniform basic services (single sign on, arrival receipt of a file, notification for each message, …)
- information is collected according to the information model and on the base of uniform administrative instructions
15 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Information as resource: implications (ctd)
unique collection and re-use of information (ctd)- with the possibility of quality control by the supplier before the
transmission of the information- the collected information is validated once according to an
established task sharing, by the most entitled institution or by the institution which has the greatest interest in a correct validation
- and then shared and re-used by authorized users
16 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Information as resource: implications (ctd)
management of information- information in all forms (e.g. voice, print, electronic or image)
is managed efficiently through its life cycle- a functional task sharing is established indicating which
institution stores which information in an authentic way, manages the information and keeps it at the disposal of the authorized users
- information is stored according to the information model- information can be flexibly assembled according to ever
changing legal notions- all information is subject to the application of agreed
measures to ensure integrity and consistency
17 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Information as resource: implications (ctd)
management of information (ctd)- every institution has to report probable improprieties of
information to the institution that is designated to validate the information
- every institution that has to validate information according to the agreed task sharing, has to examine the reported probable improprieties, to correct them when necessary and to communicate the correct information to every known interested institution
- information will be retained and managed as long as there exists a business need, a legislative or policy requirement, or, preferably anonimized or encoded, when it has historical or archival importance
18 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
electronic exchange of information- once collected and validated, information is stored, managed
and exchanged electronically to avoid transcribing and re-entering it manually
- electronic information exchange can be initiated by• the institution that disposes of information• the institution that needs information• the institution that manages the interoperability framework
- electronic information exchanges take place on the base of a functional and technical interoperabilty framework that evolves permanently but gradually according to open market standards, and is independent from the methods of information exchange
Information as resource: implications (ctd)
19 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Information as resource: implications (ctd)
electronic exchange of information (ctd)- available information is used for the automatic granting of
benefits, for prefilling when collecting information and for information delivery to the concerned persons
20 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Information as resource: implications (ctd)
protection of information- security, integrity and confidentiality of government
information will be ensured by integrating ICT measures with structural, organizational, physical, personnel screening and other security measures according to agreed policies
- personal information is only used for purposes compatible with the purposes of the collection of the information
- personal information is only accessible to authorized institutions and users according to business needs, legislative or policy requirement
- the access authorisation to personal information is granted by an independent institution, after having checked whether the access conditions are met
- the access authorizations are public
21 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Information as resource: implications (ctd)
protection of information (ctd)- every concrete electronic exchange of personal information
is preventively checked on compliance with the existing access authorisations by an independent institution managing the interoperability framework
- every concrete electronic exchange of personal information is logged, to be able to trace possible abuse afterwards
- every time information is used to take a decision, the used information is communicated to the concerned person together with the decision
- every person has right to access and correct his own personal data
22 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Changes of the legal environment
organization of integrated information management and electronic service delivery- functional task sharing on information management- obligation to respect unique data collection from the customer- obligation to exchange information in an electronic way- permission or obligation to use unique identification keys
harmonization of basic concepts ICT-law: only basic principles, technology-neutral, but
not technology unaware- data protection- public access to information- electronic signature- probative value
23 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Interoperability framework
goal: to guarantee the ability of government organizations and customers to share information and integrate information and business processes by use of- interoperable ICT- common security framework- common identification keys/sets for every entity- harmonized concepts and data modelling
24 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
ICT interoperability
examples on- www.govtalk.gov.uk and www.e-government.govt.nz (recent
frameworks based on actual open ICT standards, to be implemented)
- www.ksz.fgov.be (framework started in 1991 and implemented between 2.000 Belgian social security institutions, with unique gateway to foreign social security institutions within the EU, and continuously adapted to evolving and proven ICT standards with backwards compatibility)
tendency to use of open ICT standards but ICT is so dynamic and fast changing that ICT
standards are in an almost constant state of evolution huge need to agreements on how to ensure functional
interoperability, far beyond technical interoperability
25 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Functional ICT interoperability
standardized codification (e.g. institutions, return codes, …) standardized use of objects and attributes standardized layout of header of messages, independent from
information exchange format (EDI, XML, …) and type of information exchange
version management backwards compatibility SLA’s on disponibility and performance of services access autorisation management anonimization rules acceptation and production environments priority management …
26 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Common security framework
issues- confidentiality- integrity- availability- authentication- autorisation- non-repudiation- audit
27 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Common security framework (ctd)
specific points of interest- risk awareness based on risk analysis- security policies - structural and organisational aspects- encryption standards- interoperability of
• PKI• electronic certificates
– procedures (registration authority, certification authority)– difference between identification certificates and attribute
certificates– attributes, optional fields
• revocation lists• directories
- application security
28 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Common identification keys
at least common identification keys and identification sets for every entity- person- company- patch of ground
between nations- unique schemes- conversion tables
regulation of interconnection of information based on unique identification keys
29 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Common identification keys (ctd)
characterictics- unicity
• one entity – one identification key• same identification key is not assigned to several entities
- exhaustivity• every entity to be identified has an identification key
- stability through time• identification key doesn’t contain variable characterics of the identified
entity• identification key doesn’t contain references to the identification key or
characteristics of other entities• identification key doesn’t change when a quality or characteristic of the
identified entity changes
30 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Harmonized concepts and data model
harmonized concepts and datamodel: example on www.socialsecurity.be (best practice of combination of back office integration and e-portal solution in web-based survey on electronic public services by DG Information Society (European Commission) – January 2003)
31 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Harmonized concepts and data model
standard elements- with well defined characteristics
- used within all services OO-oriented, e.g. inheritance in a multilingual environment version management in an ever changing environment define once, use many (different presentations) workflow for validation of standard elements and characteristics multi criteria search
- by element
- by scheme
- by version
- …
32 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
A methodology to harmonize concepts
inventory of all documents (frequently) used for information collection
inventory of collected information classification of collected information using a
clustering methodology decomposition of collected information into “real life”
classes with description of the asked attributes analysis of goals: what is every “real life” classes used
for ? setting up of simplification propositions (e.g.
senseless different treatment of same “real life” object)
33 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
A methodology to harmonize concepts (ctd)
based on the simplification propositions, framing out of an OO information model for information to be collected
design of XML-schema’s for the collecting of the information, corresponding to the OO information model
legislative adaptations in order to introduce the uniform definitions of the information classes
procedures in order to guarantee the consistency of the OO information model in an ever changing legal environment
34 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Preventing digital divide
no creation of information haves and information have-nots
possible measures- promoting automatic granting of services- electronic services are (for the time being) considered as
extra services, tradional services remain- access to electronic services in public places- role of intermediaries and front office organisations- education and life-long learning- promoting usability of portals and websites
35 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Implementation in Belgian federal government
co-operation agreement between government levels network of service integrators towards integrated portal environments unique identification keys for citizens and companies electronic identity card security framework a case study: the Belgian social security sector
36 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Co-operation agreement
co-operation agreement has been signed between federal government, regions and communities- co-ordinated, customer oriented service delivery- guarantee that a citizen/company can use the same tools
• terminal• software• electronic signature
- guarantee of a unique data collection from the citizen/company- with respect for the partition of competences between government
levels- agreements on common standards- mutual tuning of portals, middleware, websites and back offices- use of common identification keys and electronic signature- mutual tuning of business processes when necessary- gradual mutual task-sharing on data storage in authentic form- common policy on SLA’s and security
37 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Network of service integrators
InternetInternet
Extranetregion or
community
Extranetregion or
community
FedMANFedMAN
Servicesrepository
FPS
FPS
FPS
SSI
SSI
Servicesrepository
Extranetsocial security
SSI
R/CPS
R/CPS
Servicesrepository
PublilinkPublilink
Municipality Province
Municipality
Servicesrepository
Serviceintegrator(Fedict)
Serviceintegrator(CBSS)
Serviceintegrator
38 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Network of service integrators (ctd)
type of exchanged information- structured data- documents- images- multimedia- metadata- business processes
using web services
39 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Network of service integrators (ctd)
useful functions of service integrators (FEDICT, CBSS, …)- secure messaging- business logic and work flow support- directory of authorized users and applications
• list of users and applications• definition of authentication means and rules• definition of authorization profiles
– which service is accessible to which type of user/application for which persons/companies in which capacities in which situation and for which periods
- directory of data subjects• which persons/companies in which capacities have personal files in
which institutions for which periods
- subscription table• which users/applications want to receive automatically which services in
which situations for which persons in which capacities
40 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Portal sites: actual situation
41 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Portal sites: actual situation
42 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Portal sites: actual situation
customers•citizens•companies
suppliers
partners
employeesintermediaries
PORTAL A•single sign on•personalization•user groups•multi-channel•aggregation
back-endsystems, e.g.•ERP•groupware•DB’s•applications
businessintelligence
contentmanagement
directory
PORTAL B•single sign on•personalization•user groups•multi-channel•aggregation
back-endsystems, e.g.•ERP•groupware•DB’s•applications
contentmanagement
businessintelligence
directory
43 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Portal sites (ctd)
need to strike the right balance between roles in delivering e-government services: not a single, but many one-stop shops (public and private)
Government ASP’s
Leading portals
Local service providers
Banks
Associations
…
Government own portals
Government-hosted community sites
Content and Services
Public Private
Private
Public
Channel PPP
Source: Andrea Di Maio - Gartner
44 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Portal sites (ctd)
public institutions need to concentrate on core activities, such as- information
• modular• up to date• information blocks concerning public services• with standardized metadata• based on standardized thesauri• in generally accessible content management systems• with separation between content and metadata (reuse, don’t rewrite)• that can be submitted to automatical re-indexation
- transactions• applications that can be easily integrated in private or public portal sites
45 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Portal sites (ctd)
public portals should have added value- integration of services
• information• work flow based on life events of the customers• integration with work flow of customers
- coordinated basic services for own customers• single sign on• ticketing• logging• notification service• …
- multi channel enabling- citizen/company relation management- contact center
46 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Portal sites: to be situation
customers•citizens•companies
suppliers
partners
employeesintermediaries
PORTAL B•single sign on•personalization•user groups•multi-channel•aggregation
back-endsystems, e.g.•ERP•groupware•DB’s•applications
contentmanagement
businessintelligence
PORTAL A•single sign on•personalization•user groups•multi-channel•aggregation
back-endsystems, e.g.•ERP•groupware•DB’s•applications
businessintelligence
contentmanagement
directory directory
47 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Unique identification keys
citizens- generalization of the use of the social security number
(national register number or CBSS-number)- (electronically) readable from the electronic identity card- controlled access to basic identification data in National
Register and CBSS
companies- unique company number (based on VAT-number)- unique number for every plant of business- generalized access to basic identification data in Company
Register
regulation on data interconnection
48 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Electronic identity card
49 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Electronic identity card
retained functions- visual and electronic identification of the holder- electronic authentication of the holder via the technique of
the digital signature- generation of electronic signature via the technique of the
digital signature (non repudiation)- (currently) no encryption certificates- no biometric data (yet)- no electronic purse- only identification data storage
50 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Electronic identity card
from a visual point of view, the same information is visible as on the current identity card- the name- the first two Christian names- the first letter of the third Christian name- the nationality- the birth place and date- the sex- the place of delivery of the card- the begin and end data of the validity of the card- the denomination and number of the card- the photo of the holder- the signature of the holder- the identification number of the National Register
51 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Electronic identity card
from an electronic point of view, the chip contains the same information as printed on the card, filled up with- the authentication and electronic signature keys- the authentication and electronic signature certificates- the accredited certification service furnisher- information necessary for authentication of the card and
securization of the electronic data- the main residence of the holder
SUN JavaCard™
52 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Organization model
government has chosen a card producer and certification authority issuing the identity certificates as a result of a public call for tenders
the municipality calls the holder for the issuing of the electronic identity card
the municipality acts as registration authority for 2 certificates: authentication and electronic signature
2 key pairs are generated within the card at production time and the private keys are stored within the chip of the card
53 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Organization model (ctd)
the 2 certificates are created by the certification authority, but published only when the holder agrees
the use of the private keys within the chip needs an activation of the card by a municipal official using his PUK2 and the PUK1 sent to the holder
first authentication within one session (first private key) and every generation of an electronic signature (second private key) requires the PIN code of the holder
the second private keys and the identity certificate on the electronic identity card can be used to generate an electronic signature within the scope of E-government applications which require such a signature
54 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Organization model (ctd)
the electronic identity card contains the necessary space to store other private keys associated to attribute certificates that holder can obtain at the certification authority of his choice
55 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Authentication
log on to web sites (SSO)
container parklibrary
access control
…
56 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Electronic signature
1. Receive message 3. Check CRL/OCSP 5. Fetch public key 7. Compute reference hash2. Inspect certificate 4. Check certificate 6. Fetch signature 8. Hash, signature, public
key match?
Matching triplet?
CRL
Alice
Alice
hash
Bob
3, 4
2
1 7
6
5
8
1. Compose message 3. Generate signature 5. Collect certificate2. Compute hash 4. Collect signature 6. Send message
Alice
hash
Alice
1
2
3
5 4
6
57 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Labeling procedure
card readers and applications creating
- trust for citizens- a legal basis for the government- branding for enterprises
based on industry standards : currently being worked out in cooperation with CBSS
and Banksys
58 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Electronic identity card toolkits
two toolkits are under development :- GUI + PKCS#11 libraries : reading, printing, validating
and visualising the contents of the chip - authentication proxy : easy authentication on multiple
platforms
purpose is to hide internal card changes labeling should be straightforward if applications use
toolkits both toolkits are free of charge distribution through federal portal
(http://www.belgium.be/fedict Projecten eID)
RELEASED
59 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
The sky is the limit !
home banking, online opening of accounts,
…
proof of membership
SSO, …
healthcare
driver’s licence
student cards, e-learning, …
…
e-commerce
60 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
2897
23622101
9114
13471
4833
1985
2561
1879
4314
3655
0
1000
2000
3000
4000
5000
6000
7000
8000
9000
10000
11000
12000
13000
14000
Marche-en-Femenne
9/ 05/ 2003
Lasne
12/05/ 2003
Seneff e
15/05/ 2003
Seraing
16/05/ 2003
Leuven
02/06/ 2003
Tongeren
03/06/ 2003
Rochefort
10/06/ 2003
J abbeke
11/06/ 2003
Borsbeek
18/06/ 2003
Sint-Pieters-Woluwe
16/07/ 2003
Geraardsbergen
25/07/ 2003
Current status pilot phase (1/6)
Over
49,000 cards
distributed
61 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
PlanningQ1 2004 Q2 2004 Q3 2004 Q4 2004 Q1 2005
D
E
C
I
S
I
O
N
Pilot phaseTarget groupsEvaluation pilot phase
Continuous advise from and support to enterprises, citizens and authorities
Installation in municipalities (578)
Gradual roll-out eID
Elections
Negociations
13/620/3
62 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Security framework
issues- confidentiality- integrity- availability- authentication- autorisation- non-repudiation- audit
measures- institutional measures- organizational and technical measures based on (extended)
ISO 17799- legal measures
63 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Security framework: institutional measures
no central data storage independent Control Committees, assigned by Parliament
- supervision of information security- authorizing the data exchange- complaint handling- information security recommendations- extensive investigating powers- annual activity report
preventive control on legitimacy of data exchange by service integrator according to authorizations of the independent Control Committees
information security department in each government institution specialized information security service providers working party on information security
64 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Security framework: extended ISO 17799 security policy security organization asset classification and control personnel security physical and environmental security computer and operations management access control system development and maintenance specific measures with regard to the processing of personal data business continuity planning compliance communication towards the public opinion concerning the
security policy and the measures with regard to security and privacy protection
65 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Security framework: legal measures
obligations of the controller- principles relating to data quality- criteria for making data processing legitimate- specific rules for processing of sensitive data- information to be given to the data subject- confidentiality and security of processing- notification of the processing of personal data
rights of the data subject- right of information- right of access- right of rectification, erasure or blocking- right of a judicial remedy
penalties
66 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
A case study: Belgian social security sector
principles have been implemented under co-ordination of the Crossroads Bank for Social Security, in co-operation with 2.000 public and private social security institutions
functional and technical interoperability framework is functioning- between these institutions- between these institutions and all employers
every socially insured person has a unique identification key throughout the whole social security sector and an electronically readable social identity card containing this identification key
67 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Interoperability within social security
onem
inami
cimire
onpossom
onva
fmp
fat
adp
onafts
cpsm
inasti
onssaplonss
spfss
spfe & t
fonds de
séc.
exist.
Crossroads Bankfor
Social Security
FEDICT&
NationalRegister
sickness fundsnetwork
68 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Reference directory
serves as a base for organization of information flows structure
- directory of persons: what persons in what capacities have personal files in what social security institutions for what periods
- data availability table: what data are available in what social security institutions for what types of files
- access authorization table: what data may be transmitted to what institutions for what types of files
functions- routing of information- preventive access control- automatic communication of changes to information
69 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Information servers
information servers- directory of persons of the Crossroads Bank- National Register- Crossroads Bank Registers- work force register- wages and working time database (LATG) of the ONSS- employers directory (WGR) of the ONSS- database of contribution certificates- SIS-card and professional card registers
services offered- interactive consultation- batch consultation- automatic communication of updates
70 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
National Register - CBSS Registers - past situation
National Register
Municipalities
71 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
National Register - CBSS Registers –present situation
National Register
Municipalities
72 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Preprocessed messages
preprocessed messages- beginning/end of labour contract, beginning/end of self-employed activity- contribution certificates medical care (employees, self-employed,
beneficiaries of social security allowances)- unemployment benefits – career break- allowances for incapacity for work (health care, accidents at work,
occupational disease)- young unemployed- allowances to the handicapped- guaranteed income – social support- people suffering from long-term illness- social exemption- fiscal exemption- derived rights (e.g. tax reduction/exemption, free public transport, ...)- special contribution for social security- solidarity contribution on old age pensions- migrant workers- …
73 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Preprocessed messages
services offered:- batch consultation- automatic communication of messages
74 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
ONSS INAMI
Employer
Employees
Sickness funds
Control
Contribution certificate health care sector –past situation
75 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
INAMI
Control
KSZ-BCSS
ONSS
Employer
Employees
Sickness funds
Contribution certificate health care sector - present situation
76 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Derived rights in tax affairs
a number of people are entitled to an increased refund of the costs for medical care
moreover, a number of municipalities and provinces grant these persons reductions or even exemptions of the taxes
77 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Sickness fund
Derived rights in tax affairs - past situation
78 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
CBSS
sickness fundsnetwork
Derived rights in tax affairs - present situation
79 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Some figures
339.137.455 exchanged messages in 2003 15,1 million different persons known in directory of
persons on an average, every person is known in 6,6 sectors response time on-line messages
question CBSS question
answer answer96,1 % in < 1 sec99,8 % in < 2 sec
99,2 % in < 4 sec
80 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Interoperability outside social security
Backbone
Internet
FW
R
R
FW
FedMAN
R
R
R
R
FW
R
R
FW
Access servers
Internetservices
RR
FW
R
R
R
FW
R
R
FW
Crossroads bank for social
security
FW
R
R
Other extranets
Publilink
81 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Social security portal
82 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Integrated service delivery
common basic services (e.g. single sign on, notification
information several categories of transactions
- transactions at the beginning or the end of employment (DIMONA)
- quarterly declaration of wages and working time- transactions when a social risk occurs- transactions in order to manage information about yourself- transactions in order to control the quality of the service
delivery process- ...
83 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Integrated service delivery (ctd)
harmonized concepts harmonized data model and XML-schemes self-service and personalization customer relation management contact center
84 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Work forceregister
Data-base
Specialwork force
register
Indivudualdocument
Studentscontract
Inspection
Employmentcontract
SimplificationSimplification
OnOn linelineconsultaticonsultationon
ONSS
Work forceregister
Transactions at beginning/end of employment
85 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Immediate declaration of employment
can only be done electronically via- social security portal- FTP/MQSeries- interbanking network- vocal server
24/7 offers the employer a key to on-line consultation and
correction- of the database on employment- by using a electronic certificate, of the database concerning
wages and working time and other derived databases- concerning his employees and the period of employment
86 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Quarterly declaration wages & working time
ONSS
ONP
ONVA
Employer
old age pension
holiday payCBSS
ONEM
INAMI
ONAFTS
FAT
FMP
SimplificationSimplificationActiviteit 3
Activiteit 2Activiteit 1
one electronicdeclaration
87 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Quarterly declaration wages & working time
can only be done electronically via- social security portal- FTP/MQSeries- interbanking network
24/7 can, by using an electronic certificate
- be consulted and corrected on-line by the employer- concerning his employees and the period of employment
88 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Electronical declaration of social risks
past situation: multiple collection of information by using various, complex, not co-ordinated paper forms
89 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Electronical declaration of social risks
actual situation- limitation of the collected information to the information not
yet available at other public services (abolition or at least significant simplification of forms)
- unique collection of information from the employer- in a standardized way across all social security institutions- can be done on paper or electronically (24/7) via
• social security portal• FTP/MQSeries• interbanking network
- uniform instructions
90 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Operational transactions
quarterly multifunctional declaration of wages and working times to the National Office for Social Security (NOSS)
correction of the quarterly declaration to the NOSS DIMONA-declaration consultation of the work force register consultation of the directory of employers integrated electronical declaration of building yards consultation of overdue payments of social security contributions
by an employer declaration of temporary employment of foreign employees in
Belgium declaration of temporary unemployment consultation of the holiday database declaration of an industrial accident, monthly report and
resumption of work after an industrial accident
91 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Operational transactions declaration of the beginning of a part-time job with retention of rights to
unemployment benefits (unemployment sector)- private sector- education, municipalities or provinces
monthly declaration of part-time work for the calculation of guaranteed income payments (unemployment sector)
- private sector- education, municipalities or provinces
monthly submission of work as an employee employed in a protected workplace (unemployment sector)
monthly submission of work in the framework of an activation programme (unemployment sector)
declaration for the establishment of young people’s vacation rights (unemployment sector)
monthly declaration of young people’s vacation hours (unemployment sector)
annual submission of temporary unemployment monthly submission of hours of temporary unemployment authorized request for the temporary removal of a pregnant employee
(sector of professional diseases)
92 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Further evolution
beginning 2005- application for unemployment benefits- declaration of fulltime or half-time early retirement- declaration of the removal of a pregnant employee
at a date still to be fixed- electronic data exchange between sickness funds and
employers necessary to deal with an application for benefits in case of incapacity for work, maternity leave, complete or partial leave from work as a measure to protect motherhood, leave for fatherhood
- declaration of resumption of work after a period of incapacity for work
- declaration of an employee’s holiday days- declaration of extension post-natal leave
93 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Critical success factors
E-government as a structural reform process- process re-engineering within and across public institutions
- back-office integration for automatic granting of services
- integrated and personalized front-office service delivery support of and access to policymakers at the highest level co-operation between all actors concerned based on repartition
of tasks rather than centralization of tasks quick wins combined with long term vision focus on more efficient and effective service delivery rather than
on the fight against fraud respect for legal repartition of competences between actors legal framework creation of an institution that stimulates and co-ordinates
94 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Most important barriers
privacy and security average public sector project is more complex than
average private sector project, due to- interaction with a larger number of stakeholders (elected
officials, public employees, members of interest groups, voters, tax payers, recipients of public services, other governmental institutions, other government levels, …)
- execution in a less stable environment
complexity of BPR in a government environment race for quick wins (cf surveymania) doesn’t stimulate
development of well conceived systems based on re-engineering
95 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Most important barriers
public sector tends, perhaps for reason of prestige, to favour tailor-made, high-risk, state-of-the-art solutions even when alternative, off-the-shelf, cheap, tried and tested systems are available
in the public sector, there is typically no financial margin of value to be added by innovation
intermediaries often perceive e-government as a threat
skills and knowledge
96 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
Most important barriers
need for radical cultural change within government, e.g.- from hierarchy to participation and team work- meeting the needs of the customer, not the government- empowering rather than serving- rewarding entrepreneurship within government- ex post evaluation on output, not ex ante control of every
input
97 17/06/2004Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)
More info
FEDICThttp://www.fedict.be
Crossroads Bank for Social Securityhttp://www.ksz.fgov.be
portal sites- federal portal: http://www.belgium.be- social security portal: https://www.socialsecurity.be
personal website- http://www.law.kuleuven.ac.be/icri/frobben
Th@nk you !
Crossroads Bank for Social SecurityFederal Public Service for ICT (FEDICT)