SIEMENS

DigIDentity
Innovation in Dutch e-ID Landscape
Elisabeth de Leeuw
Business Consultant Security & Identity Management Siemens IT Solutions & Services e-mail elisabeth.de.leeuw@siemens.com skype elisabeth.de.leeuw scribd www.scribd.com/people/view/3513920-elisabeth-de-leeuw
Page 1 December 2010 Confidential / Copyright © Siemens AG 2010. All right reserved. Siemens IT Solutions and Services

DigIDentity
Innovation in Dutch e-ID Landscape

Context: Framework e-Herkenning • Federated identity & access management (SSO) • Public & private sector • Multiple providers, multiple credentials • Both new and existing providers • Primary use G2B; also G2G, G2C • Compatible with international infrastructure
Page 2 de Leeuw Elisabeth
Page 2

December 2010

March 4, 2011

March 2, 2 Page 2011

Siemens ITSiemens IT Solutions and Services B.V., Zoetermeer Solutions and Services B.V., Zoetermeer

Confidential / Copyright © Siemens AG 2010. All right reserved. Siemens IT Solutions and Services

DigIDentity
Innovation in Dutch e-ID Landscape

Partnership Between Digidentity and Siemens IT Solutions & Services • Common market approach • Digidentity: software & services • Siemens IT Solutions & Services: infrastructure

Page 3 de Leeuw Elisabeth
Page 3

December 2010

March 4, 2011

March 2, 3 Page 2011

Siemens ITSiemens IT Solutions and Services B.V., Zoetermeer Solutions and Services B.V., Zoetermeer

Confidential / Copyright © Siemens AG 2010. All right reserved. Siemens IT Solutions and Services

DigIDentity
Innovation in Dutch e-ID Landscape

DigIDentity Roles and Processes Roles
• NP • PR • PU • IB • EB • CI •R Natural Person PRivateparty (companies, NGO's) PUblicparty: government organizations offering e-services Identity Broker: connection between PR, PU and EB Entitlement Broker: management and judgment of entitlements Credential Issuer: issuing, management and verification of credentials Router: routing of requests from PR via EB to CI

Process sequence • NP –> PR –> PU –> IB –> EB –> CI–> PU –> PR -> NP R
Page 4 de Leeuw Elisabeth
Page 4 December 2010

March 4, 2011

March 2, 4 Page 2011

Siemens ITSiemens IT Solutions and Services B.V., Zoetermeer Solutions and Services B.V., Zoetermeer

Confidential / Copyright © Siemens AG 2010. All right reserved. Siemens IT Solutions and Services

DigIDentity
Innovation in Dutch e-ID Landscape

Siemens versus DigIDentity
( )

Page 5 de Leeuw Elisabeth
Page 5

December 2010

March 4, 2011

March 2, 5 Page 2011

Siemens ITSiemens IT Solutions and Services B.V., Zoetermeer Solutions and Services B.V., Zoetermeer

Confidential / Copyright © Siemens AG 2010. All right reserved. Siemens IT Solutions and Services

DigIDentity
Innovation in Dutch e-ID Landscape

DigIDentity

From piles of cards & wallets to a single virtual smart card
Page 6 de Leeuw Elisabeth
Page 6 December 2010

March 4, 2011

March 2, 6 Page 2011

Siemens ITSiemens IT Solutions and Services B.V., Zoetermeer Solutions and Services B.V., Zoetermeer

Confidential / Copyright © Siemens AG 2010. All right reserved. Siemens IT Solutions and Services

DigIDentity
Innovation in Dutch e-ID Landscape

DigIDentity
Passport, vault, visa

Page 7 de Leeuw Elisabeth
Page 7

December 2010

March 4, 2011

March 2, 7 Page 2011

Siemens ITSiemens IT Solutions and Services B.V., Zoetermeer Solutions and Services B.V., Zoetermeer

Confidential / Copyright © Siemens AG 2010. All right reserved. Siemens IT Solutions and Services

DigIDentity
Innovation in Dutch e-ID Landscape

Digidentity Trust Levels
R STO 1 K

Levels of Trust
Level 1 Low
3 2

Registration

Credentials

No or minimal control of identity (e-mail User name + address); check of association with company password at Chamber of Commerce Level 1 + Check of copy of ID, bank transaction; delivery by secure (e-)mail Level 1 + one time password (SMS, token), certificate Level 2 + bank card

2 Medium
4

3 High 4 Very high
Page 8 de Leeuw Elisabeth
Page 8

Level 2 + Distance check of original ID Level 3 + Face to face check of original ID
March 2, 8 Page 2011

December 2010

March 4, 2011

Level 3 + Confidential / Copyright © Siemens AG 2010. All right reserved. Siemens ITSiemens IT Solutions and Services B.V., Zoetermeer Solutions and Services B.V.,qualified (PKI) Zoetermeer Siemens IT Solutions and Services certificates

DigIDentity
Innovation in Dutch e-ID Landscape

DigIDentity
E-mail address + ideal payment = Level 1 + copy passport = Level 2 + certificate = Level 3 + face to face identification

Level 1

Level 2

Level 3

Level 4

Levels of Trust
in agreement with STORK deliverable D2.3 - Chapter 1 and 2
Page 9 de Leeuw Elisabeth
Page 9

December 2010

March 4, 2011

March 2, 9 Page 2011

Siemens ITSiemens IT Solutions and Services B.V., Zoetermeer Solutions and Services B.V., Zoetermeer

Confidential / Copyright © Siemens AG 2010. All right reserved. Siemens IT Solutions and Services

DigIDentity
Innovation in Dutch e-ID Landscape

DigIDentity
Authentication and verification
Verification e-mail mobile phone home address surname passport registry check face to face identification Authentication username and password one time password (SMS) pin code * * * * * * * * * Level 1 Level 2 Level 3 Level 4 * * * * * * * * * * * * * * * * * * * *

Page 10 de Leeuw Elisabeth
Page 10

December 2010

March 4, 2011

March 2, 10 Page 2011

Siemens ITSiemens IT Solutions and Services B.V., Zoetermeer Solutions and Services B.V., Zoetermeer

Confidential / Copyright © Siemens AG 2010. All right reserved. Siemens IT Solutions and Services

DigIDentity
Innovation in Dutch e-ID Landscape

Considerations
Single identity - single point of failure Single source of truth - single point of failure Copy of passport – tamper proof? One identity - multiple business cases Single card – multiple customer liabilities Multiple administrations – synchronization and integrity Electronic authentication – proof of free will? Current robustness in accordance with current threat level – future threats proportional to future utilization
Page 11 de Leeuw Elisabeth
Page 11 December 2010

March 4, 2011

March 2, 11 Page 2011

Siemens ITSiemens IT Solutions and Services B.V., Zoetermeer Solutions and Services B.V., Zoetermeer

Confidential / Copyright © Siemens AG 2010. All right reserved. Siemens IT Solutions and Services

DigIDentity
Innovation in Dutch e-ID Landscape

Elisabeth de Leeuw
Page 12

December 2010

March 4, 2011

Page 12

Confidential / Copyright Siemens Siemens IT Solutions and©Services AG 2010. All right reserved. B.V., Zoetermeer

Siemens IT Solutions and Services

SIEMENS

DigIDentity
Thank you for listening !
Elisabeth de Leeuw
Business Consultant Security & Identity Management Siemens IT Solutions & Services e-mail elisabeth.de.leeuw@siemens.com skype elisabeth.de.leeuw scribd www.scribd.com/people/view/3513920-elisabeth-de-leeuw
Page 13 December 2010 Confidential / Copyright © Siemens AG 2010. All right reserved. Siemens IT Solutions and Services

DigIDentity
Innovation in Dutch e-ID Landscape

Summary
DigIDentity: Innovation in Dutch e-ID Landscape Within the Dutch eID framework a Siemens / Digidentity Consortium offers authentication and authorization services in the cloud, compliant with up to STORK level 4. Virtual smart cards, fit for multi-party authorization and electronic vaults are part of the solution. Short biography Elisabeth de Leeuw Elisabeth has a vast experience in IT- and business consulting. She brings a strategic and innovative approach to the disciplines of information security and identity management, at the cutting edge of business and technology. Besides, she is author and editor of a number of publications, among which IFIP IDMAN Proceedings (published by Springer).
Elisabeth de Leeuw
Page 14 December 2010

March 4, 2011

Page 14

Confidential / Copyright Siemens Siemens IT Solutions and©Services AG 2010. All right reserved. B.V., Zoetermeer

Siemens IT Solutions and Services

Sign up to vote on this title
UsefulNot useful