Stork is an EU co-funded project INFSO-ICT-PSP-224993 www.brz.gv.at

STORK PRESENTATION

STORK eGov Symposium Bern09.Nov.2010

Dipl.-Ing. (FH) Klaus J. John

www.brz.gv.at

eGovernment objectives (ICT-PSP call 2007)

www.brz.gv.at

STORK

To simplify administrative formalities by providing secure online access to public services across EU borders.

To develop and test common specifications for secure and mutual recognition of national electronic identity (eID) between participating countries.

www.brz.gv.at

STORK – Member State involvement

Member States/EEA - STORK

Member States Ref Group

Candidate Countries

www.brz.gv.at

Project Structure

Project Management (ATOS)

Communication and Sustainability (Gov2U)

eID inventory, trust &

application groups

(NL MOI)

eID and upcoming

technologies (AT TUG)

DEFINITION AND ANALYSIS

DESIGN OF INTEROPERABLE FLOWS & ARCHITECTURES

Common specifications

and Stork's eID models

(FEDICT BE; MAP ES)

eID process flows

(UK IPS)

CONSTRUCTION AND IMPLEMENTATION

TESTING &EVALUATION

Pilots

TIME

www.brz.gv.at

Pilots

Pilot 1 – border free authentication√ interoperability of citizen cards between countries in Europe

Pilot 2 – Safer Chat√ secure chat portal√ secure means all user are identified to protect children

Pilot 3 – eID Student Mobility Pilot 4 – eID eDelivery Pilot 5 – Change of Address

www.brz.gv.at

STORK Pilot 1 – cross border authentication

finished√ deviation√ milestone plan√ pilots test plan

functional specification√ member states use cases√ QAA level√ finalised attributes

Use Case Specification

Member State AT

Number AT UC001

Name Authenticated access with Austrian Citizen Card (ACC) at a STORK service in another member state.

Brief description Any holder of an ACC is able to access a STORK service in another member state using his ACC. It does not matter, whether the STORK service is implemented using the PEPS or the middleware architecture.

Identity Provider Credentials

Identification is performed using the Austrian Citizen Card. After the authentication procedure the identity information is provided in form of an SAML-assertion (assertion is electronically signed by the issuing public administration).

Assured Trust Level of the Credential (Registration of the Identity and Credential Authentication)

1: identity-information is taken from governmental base registers and approved by public administration; authentication is performed based on qualified signatures

integration of interoperability

interoperability tests running

www.brz.gv.at

Authentication

Vornamen

Nachname

Gebutsdatum

SP WareAT

PEPS citizen card login into (My)Help-Portal

Source Pin

Register Gateway

Single Sign On

Vornamen

Nachname

Gebutsdatum

Vornamen

Nachname

Gebutsdatum

checkedV-IDP

Vornamen

Nachname

Gebutsdatum

bPK

eSave eDelivery

Additional Register of Natural

Persons (ERnP)Vornamen

Nachname

Gebutsdatum

checkedPEPS

im EU Ausland

Vornamen

Nachname

Gebutsdatum

checkedVornamen

Nachname

Gebutsdatum

PEPSConnector

www.brz.gv.at

Authentication

PEPSConnector

Middle Ware citizen card login into (My)Help-Portal

Source Pin

Register Gateway

Single Sign On

eSave eDelivery

SP WareAT

Vornamen

Nachname

Gebutsdatum

Vornamen

Nachname

Gebutsdatum

Vornamen

Nachname

Gebutsdatum

checked

Vornamen

Nachname

Gebutsdatum

checked

Middle WareeID-Service (DE)

Vornamen

Nachname

Gebutsdatum

V-IDP

Vornamen

Nachname

Gebutsdatum

Vornamen

checked

Gebutsdatum

checkedVornamen

Nachname

Gebutsdatum

SP WareDE

Vornamen

Nachname

Gebutsdatum

bPK

Additional Register of Natural

Persons (ERnP)

www.brz.gv.at

Authentication

Austrian citizen card login into (My)Help-Portal

PEPSConnector

Source Pin

Register Gateway

Single Sign On

Vornamen

Nachname

Gebutsdatum

Vornamen

Nachname

Gebutsdatum

checkedV-IDP

Vornamen

Nachname

Gebutsdatum

bPK

SP WareAT

eSave eDelivery

Register of Natural Persons

(ZMR)

Vornamen

Nachname

Gebutsdatum

MOA-ID

STORK

MOA-ID-STORK

www.brz.gv.at

What can happend if you go life

certificate error in production system – when tests were executed in the test system every thing was fine

certificates did not have a service function or administrational indicator, this had to be added

wave of influenza, developer and their substitute have shortly become ill (substitute and their substitute ...)

shift of the go life appointment into production system now we do only portal login tests with foreign citizen cards instead of portal

test as planed into (My)Help focus has moved never expected an execution time of up to 2 days per test case with a

member state - (distance) distributed development extended execution time for tests

www.brz.gv.at

STORK – getting involved

has been set up as an open forum where industry stakeholders can remain informed of developments throughout the project and feed back their comments to the Consortium

includes large, medium and small companies and associations in the ICT sector that manufacture, supply and consult on infrastructure and end user related products for electronic ID

www.brz.gv.at

STORK – getting involved

All public administrations of all European (EU member, associated and candidate) States are welcome to join.

Allows governments and institutions from the EU to remain fully informed of developments throughout the duration of the project and to feedback their comments to the Consortium

www.brz.gv.at

STORK – eID Interoperabilität

info@eid-stork.eu

klaus.john@brz.gv.at