The Dutch Enik On Its Way Forward
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View The Dutch Enik On Its Way Forward as PDF for free.
More details
- Words: 1,740
- Pages: 31
The Dutch eNIK on it’s way forward… Workshop Belgian eID Katholieke Universiteit Leuven September 16, 2009 © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
1
Objectives of the eNIK – to – be
1
Like passports, intended for use in public (G2C) and private (B2B, B2C) domain Though expected to be used mostly in private domain (by some of us)
1http://digitaalbestuur.nl/nieuws/vooral-privaat-gebruik-enik-als-hij-er-komt
© TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
2
Objectives G2C (need doubted by government officials) • access to personal records (health database) • access to e-government • electronic signature B2B, B2C (need strongly felt by the market) • access to workplace and tele working • physical security • access to schools and hospitals • access to chat boxes • car and video rentals • identification for financial transactions © TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
3
Introduction postponed By decision of Staatsecretaris Bijleveld, Minister of the Interior and Kingdom Relations d.d. 9 december 2008:
No short term need for High level DigID (read: eNIK) • Needed only for Health Database • No general need
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
4
Context of the eNIK – to – be
eNIK is strongly linked to • DigID • Dutch Travel Documents • Dutch Identity Documents
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
5
Context: eNIK vs DigID DigID – stands for Digital IDentity • Shared between cooperating governmental agencies • Digital authentication of person(s) who apply for a public transaction service via internet • Used in G2G, G2B, G2C
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
6
Context: eNIK vs DigID • DigID security levels 1.
High
– qualified eSignature compliant with EU legislation
2.
Medium – user name & password, SMS ticket /mobile phone
3.
Basic
– user name & password
• eNIK : High level DigID
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
7
Context: eNIK vs DigID DigID Level
G2C
High
eNIK – level 3
Medium
DigID - level 2 / 2+
Basic
DigID - level 1
© TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK Elisabeth de Leeuw, September 2009
8
Context:(e)NIK vs Dutch ID Documents NIK: Travel Document • Limited validity NIK: Identity Document • Just as passport, driving licence • (To be) used in G2C, G2B, B2B, B2C
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
9
Context: (e)NIK ~ Dutch Travel Document • Passport
• NIK
© TopForce B.V., Rotterdam
The Dutch eNIK www.topforce.com
Elisabeth de Leeuw, September 2009
10
Context: (e)NIK ~ Dutch Passport
• High security level • Compliant with international travel document legislation
September 2009 © TopForce B.V., Rotterdam
© TopForce B.V., Rotterdam www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
11
Context: (e)NIK ~ Dutch Passport • Traveldocument, valid in 35 countries, mainly EC • Each citizen legally entitled: – Paspoortwet Artikel 16a - Iedere Nederlander die als ingezetene in
de basisadministratie persoonsgegevens van een gemeente is ingeschreven, of die woonachtig is in een land waarvoor de Nederlandse identiteitskaart geldig is, heeft binnen de grenzen van deze wet bepaald, recht op verstrekking van een Nederlandse identiteitskaart, geldig voor vijf jaren
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
12
Current developments •
Passport
•
ConsumentenID
•
DigID level 2+
•
eHerkenning
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
13
Current development: passport
• Application of biometrics • Face (26.08.2006) • Fingerprint (21.09.2009) • Storage of biometric features in public database © TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
14
Current development: consumentenID
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
15
Current development: consumentenID Principles • Open ID • Single sign on (single authentication) • Federation • Low level of trust • High participation Initiators • ecp.nl • diginotar.nl • holder.nl • evidos.nl © TopForce B.V., Rotterdam
The Dutch eNIK www.topforce.com
Elisabeth de Leeuw, September 2009
16
Current development: DigID level 2+ DigID & SMS+ Validation of cell phone number at location of identity provider
• • •
IDPa sends BSN to DigIDs DigIDs sends unique code to CPn and IDPa IDPe validates CPn in IDPa for Digid level 2+
IDPa IDPe DigIDs CPn
= IDP application = IDP employee = Digid server = Cell Phone number
© TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK Elisabeth de Leeuw, September 2009
17
Current development: DigID level 2+ Authentication for Health Database1: a. Short term: DigID level 2+ b. Long term: eNIK Sub a. DigID level 2+ • DigID & SMS+ Face-to-face authentication of cell phone number used to receive SMS tickets • DigID & RTDA (Remote Travel Document Authentication) Authentication by means of (e) travel documents 1
Beveiligingeisen ten aanzien van identificatie en authenticatie voor toegang zorgconsument tot het Elektronisch Patiëntendossier (EPD),
http://www.minvws.nl/includes/dl/openbestand.asp?File=/images/meva2899251b-_tcm19-176979.pdf
© TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
18
Current development: DigID level 2+ Sub a. DigID & RTDA Authentication at website Health Database
• •
Automatic link from HDw to DigIDW Login at DigIDw level 2 (username, password, sms ticket)
•
Read eTD •
• • •
travel document, chip inside, issue date > 26.08.2006, 100% proliferation > 26.08.2011
Write eTD number and valid through date to DigIDw Authentication of eTD by DigIDw (BSN, eTD number, valid through date) DigIDw authenticates for DigID level 3
eTD = electronic Travel Document HDw = Health Database Web Application DigIDw = DigID Web Application © TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
19
Current development: eHerkenning Primary goal:
e-government G2B access to public e-services electronic signature, non-repudiation
Primary requirements: based on Bedrijvenregister (authentieke registratie) compatible with infrastructures abroad
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
20
Current development: eHerkenning Functions •
Authentication of a natural person (employee, civil servant)
•
Authentication of a legal entity (company, public organisation)
•
Authorization of a natural person representing a legal entity (direct or by delegation)
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
21
Current development: eHerkenning identity providers
identity providers
Authorisations
Authorisations
Organisations
Organisations
Services Government
© TopForce B.V., Rotterdam
Business
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
22
Current development: eHerkenning Functions •
Access / single sign on to public e-services
•
Advanced and qualified electronic signatures in accordance with EU legislation
•
Management of entitlements • •
•
Direct entitlements Delegated entitlements
Assured time stamping
© TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK Elisabeth de Leeuw, September 2009
23
Current development: eHerkenning Public private network
Multiple identity providers, multiple credentials • From both public (Ministry of Finance) and private sector (banking and finance, telecom) • Both new and existing Agreement on framework by the end of 2009
© TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
24
Current development: eHerkenning DigID Level
G2C
G2B
High
eNIK – level 3
Medium
DigID - level 2 / 2+ eHerkenning
Basic
DigID - level 1
© TopForce B.V., Rotterdam
eHerkenning
eHerkenning
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
25
Current development: eHerkenning Framework: public private cooperation, mutual consultation Public domain • Launching customers: Antwoord voor Bedrijven (government communications), de Belastingdienst (Tax Office), Kamer van Koophandel (Chambers of Commerce) • Early adopters: Kadaster (Land Register), UWV (Unemployment Benefits), MinLNV (Ministry of Agriculture), SenterNovem (Innovation) Private domain • ECP- EPN • Het CIO platform • VNO-NCW (Employers Federation) • MKB Nederland (Small and Medium Enterprises) •© TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
Current development: eHerkenning Roles • NP – Natural Person • PR – PRivate party (companies and NGO's) • PU – PUblic party: government organizations offering e-services • IB – Identity Broker: connection between PR, PU and EB • EB – Entitlement Broker: management and judgment of entitlements • CI – Credential Issuer: issuing, management and verification of credentials • R – Router: routing of requests from PR via EB to CI Process sequence • NP –> PR –> PU
–>
IB –> EB
© TopForce B.V., Rotterdam
–>
CI –> PU
www.topforce.com
–>
PR
->
NP
The Dutch eNIK
Elisabeth de Leeuw, September 2009
27
Current development: eHerkenning Considerations • Complex, multi (3*n) parties1, multi solutions, distributed ownership • Focus on government business case • Mixed focus, on both legal entities and natural persons • Authentication of natural persons • Authorization legal entities (represented by natural persons) • Void: national eID (eNIK) for *2C postponed 1 I.e. different instances of Services, Companies and Employees © TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
28
Current development: eHerkenning Considerations • Secure life cycle management multiple credentials • Private initiatives might weaken business case • Public and private business cases not necessarily compatible (security and validity of -, entitlement to credentials) • Link between physical-, legal entity and credential • Complex, distributed, multi party infrastructure • Régie © TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
29
Summary The principal Dutch travel document Paspoort (passport), and it's little brother Nederlandse Identiteits Kaart or NIK, exist since the 19th century. For many years, the Dutch government has been considering plans to turn the NIK into a so called eNIK, an electronic identity card, in order to facilitate G2C and B2C transactions. However, no decision has been taken yet on the introduction of the eNIK. In this presentation, Elisabeth de Leeuw will outline the position of the eNIK-to-be in the future public identity landscape. The eNIK is intended to fulfill the requirements of the Dutch Digital Identity Scheme or Digid. Yet being a travel document, the eNIK has also to comply with laws and regulations on travel documents. Differences in the business cases for travel documents and electronic identity cards are a potential cause of frictions. Meanwhile, as time passes by, the urge for electronic identities is still growing and private initiatives are on their way, which may have an impact on the role and position of the eNIK-to-be.
© TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
30
The Dutch eNIK Thank you for listening!
© TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
31
www.topforce.com
Elisabeth de Leeuw, September 2009
1
Objectives of the eNIK – to – be
1
Like passports, intended for use in public (G2C) and private (B2B, B2C) domain Though expected to be used mostly in private domain (by some of us)
1http://digitaalbestuur.nl/nieuws/vooral-privaat-gebruik-enik-als-hij-er-komt
© TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
2
Objectives G2C (need doubted by government officials) • access to personal records (health database) • access to e-government • electronic signature B2B, B2C (need strongly felt by the market) • access to workplace and tele working • physical security • access to schools and hospitals • access to chat boxes • car and video rentals • identification for financial transactions © TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
3
Introduction postponed By decision of Staatsecretaris Bijleveld, Minister of the Interior and Kingdom Relations d.d. 9 december 2008:
No short term need for High level DigID (read: eNIK) • Needed only for Health Database • No general need
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
4
Context of the eNIK – to – be
eNIK is strongly linked to • DigID • Dutch Travel Documents • Dutch Identity Documents
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
5
Context: eNIK vs DigID DigID – stands for Digital IDentity • Shared between cooperating governmental agencies • Digital authentication of person(s) who apply for a public transaction service via internet • Used in G2G, G2B, G2C
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
6
Context: eNIK vs DigID • DigID security levels 1.
High
– qualified eSignature compliant with EU legislation
2.
Medium – user name & password, SMS ticket /mobile phone
3.
Basic
– user name & password
• eNIK : High level DigID
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
7
Context: eNIK vs DigID DigID Level
G2C
High
eNIK – level 3
Medium
DigID - level 2 / 2+
Basic
DigID - level 1
© TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK Elisabeth de Leeuw, September 2009
8
Context:(e)NIK vs Dutch ID Documents NIK: Travel Document • Limited validity NIK: Identity Document • Just as passport, driving licence • (To be) used in G2C, G2B, B2B, B2C
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
9
Context: (e)NIK ~ Dutch Travel Document • Passport
• NIK
© TopForce B.V., Rotterdam
The Dutch eNIK www.topforce.com
Elisabeth de Leeuw, September 2009
10
Context: (e)NIK ~ Dutch Passport
• High security level • Compliant with international travel document legislation
September 2009 © TopForce B.V., Rotterdam
© TopForce B.V., Rotterdam www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
11
Context: (e)NIK ~ Dutch Passport • Traveldocument, valid in 35 countries, mainly EC • Each citizen legally entitled: – Paspoortwet Artikel 16a - Iedere Nederlander die als ingezetene in
de basisadministratie persoonsgegevens van een gemeente is ingeschreven, of die woonachtig is in een land waarvoor de Nederlandse identiteitskaart geldig is, heeft binnen de grenzen van deze wet bepaald, recht op verstrekking van een Nederlandse identiteitskaart, geldig voor vijf jaren
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
12
Current developments •
Passport
•
ConsumentenID
•
DigID level 2+
•
eHerkenning
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
13
Current development: passport
• Application of biometrics • Face (26.08.2006) • Fingerprint (21.09.2009) • Storage of biometric features in public database © TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
14
Current development: consumentenID
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
15
Current development: consumentenID Principles • Open ID • Single sign on (single authentication) • Federation • Low level of trust • High participation Initiators • ecp.nl • diginotar.nl • holder.nl • evidos.nl © TopForce B.V., Rotterdam
The Dutch eNIK www.topforce.com
Elisabeth de Leeuw, September 2009
16
Current development: DigID level 2+ DigID & SMS+ Validation of cell phone number at location of identity provider
• • •
IDPa sends BSN to DigIDs DigIDs sends unique code to CPn and IDPa IDPe validates CPn in IDPa for Digid level 2+
IDPa IDPe DigIDs CPn
= IDP application = IDP employee = Digid server = Cell Phone number
© TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK Elisabeth de Leeuw, September 2009
17
Current development: DigID level 2+ Authentication for Health Database1: a. Short term: DigID level 2+ b. Long term: eNIK Sub a. DigID level 2+ • DigID & SMS+ Face-to-face authentication of cell phone number used to receive SMS tickets • DigID & RTDA (Remote Travel Document Authentication) Authentication by means of (e) travel documents 1
Beveiligingeisen ten aanzien van identificatie en authenticatie voor toegang zorgconsument tot het Elektronisch Patiëntendossier (EPD),
http://www.minvws.nl/includes/dl/openbestand.asp?File=/images/meva2899251b-_tcm19-176979.pdf
© TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
18
Current development: DigID level 2+ Sub a. DigID & RTDA Authentication at website Health Database
• •
Automatic link from HDw to DigIDW Login at DigIDw level 2 (username, password, sms ticket)
•
Read eTD •
• • •
travel document, chip inside, issue date > 26.08.2006, 100% proliferation > 26.08.2011
Write eTD number and valid through date to DigIDw Authentication of eTD by DigIDw (BSN, eTD number, valid through date) DigIDw authenticates for DigID level 3
eTD = electronic Travel Document HDw = Health Database Web Application DigIDw = DigID Web Application © TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
19
Current development: eHerkenning Primary goal:
e-government G2B access to public e-services electronic signature, non-repudiation
Primary requirements: based on Bedrijvenregister (authentieke registratie) compatible with infrastructures abroad
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
20
Current development: eHerkenning Functions •
Authentication of a natural person (employee, civil servant)
•
Authentication of a legal entity (company, public organisation)
•
Authorization of a natural person representing a legal entity (direct or by delegation)
The Dutch eNIK © TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
21
Current development: eHerkenning identity providers
identity providers
Authorisations
Authorisations
Organisations
Organisations
Services Government
© TopForce B.V., Rotterdam
Business
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
22
Current development: eHerkenning Functions •
Access / single sign on to public e-services
•
Advanced and qualified electronic signatures in accordance with EU legislation
•
Management of entitlements • •
•
Direct entitlements Delegated entitlements
Assured time stamping
© TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK Elisabeth de Leeuw, September 2009
23
Current development: eHerkenning Public private network
Multiple identity providers, multiple credentials • From both public (Ministry of Finance) and private sector (banking and finance, telecom) • Both new and existing Agreement on framework by the end of 2009
© TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
24
Current development: eHerkenning DigID Level
G2C
G2B
High
eNIK – level 3
Medium
DigID - level 2 / 2+ eHerkenning
Basic
DigID - level 1
© TopForce B.V., Rotterdam
eHerkenning
eHerkenning
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
25
Current development: eHerkenning Framework: public private cooperation, mutual consultation Public domain • Launching customers: Antwoord voor Bedrijven (government communications), de Belastingdienst (Tax Office), Kamer van Koophandel (Chambers of Commerce) • Early adopters: Kadaster (Land Register), UWV (Unemployment Benefits), MinLNV (Ministry of Agriculture), SenterNovem (Innovation) Private domain • ECP- EPN • Het CIO platform • VNO-NCW (Employers Federation) • MKB Nederland (Small and Medium Enterprises) •© TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
Current development: eHerkenning Roles • NP – Natural Person • PR – PRivate party (companies and NGO's) • PU – PUblic party: government organizations offering e-services • IB – Identity Broker: connection between PR, PU and EB • EB – Entitlement Broker: management and judgment of entitlements • CI – Credential Issuer: issuing, management and verification of credentials • R – Router: routing of requests from PR via EB to CI Process sequence • NP –> PR –> PU
–>
IB –> EB
© TopForce B.V., Rotterdam
–>
CI –> PU
www.topforce.com
–>
PR
->
NP
The Dutch eNIK
Elisabeth de Leeuw, September 2009
27
Current development: eHerkenning Considerations • Complex, multi (3*n) parties1, multi solutions, distributed ownership • Focus on government business case • Mixed focus, on both legal entities and natural persons • Authentication of natural persons • Authorization legal entities (represented by natural persons) • Void: national eID (eNIK) for *2C postponed 1 I.e. different instances of Services, Companies and Employees © TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
28
Current development: eHerkenning Considerations • Secure life cycle management multiple credentials • Private initiatives might weaken business case • Public and private business cases not necessarily compatible (security and validity of -, entitlement to credentials) • Link between physical-, legal entity and credential • Complex, distributed, multi party infrastructure • Régie © TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
29
Summary The principal Dutch travel document Paspoort (passport), and it's little brother Nederlandse Identiteits Kaart or NIK, exist since the 19th century. For many years, the Dutch government has been considering plans to turn the NIK into a so called eNIK, an electronic identity card, in order to facilitate G2C and B2C transactions. However, no decision has been taken yet on the introduction of the eNIK. In this presentation, Elisabeth de Leeuw will outline the position of the eNIK-to-be in the future public identity landscape. The eNIK is intended to fulfill the requirements of the Dutch Digital Identity Scheme or Digid. Yet being a travel document, the eNIK has also to comply with laws and regulations on travel documents. Differences in the business cases for travel documents and electronic identity cards are a potential cause of frictions. Meanwhile, as time passes by, the urge for electronic identities is still growing and private initiatives are on their way, which may have an impact on the role and position of the eNIK-to-be.
© TopForce B.V., Rotterdam
www.topforce.com
The Dutch eNIK
Elisabeth de Leeuw, September 2009
30
The Dutch eNIK Thank you for listening!
© TopForce B.V., Rotterdam
www.topforce.com
Elisabeth de Leeuw, September 2009
31
Related Documents
The Dutch Enik On Its Way Forward
June 2020 15
The Way Forward 2010
June 2020 14
Agenda_contract The Way Forward
May 2020 14
Cost Cutting - The Way Forward
December 2019 20
Way Forward Network
May 2020 10
Article-voluntary Pensions, The Best Way Forward
June 2020 12More Documents from ""
Privacy Na 911 - Zoektocht Naar Een Juiste Balans
April 2020 15
Final - Idman Call For Papers 2010 - 28 October 2010
June 2020 13
