E-government: from hype to reality

About This Presentation

Title:

E-government: from hype to reality

Description:

life events (birth, marriage, etc.) or business episodes (starting a company, ... backwards compatibility. SLA's on disponibility and performance of services ... – PowerPoint PPT presentation

Number of Views:68

Avg rating:3.0/5.0

Slides: 129

Provided by: frankr5

Category:

more less

Transcript and Presenter's Notes

Title: E-government: from hype to reality

1
E-governmentfrom hype to reality
Frank Robben General manager Crossroads Bank for
Social Security Strategic advisor Federal Public
Service for ICT Sint-Pieterssteenweg 375 B-1040
Brussels E-mail Frank.Robben_at_ksz.fgov.be Website
http//www.law.kuleuven.ac.be/icri/frobben
Crossroads Bank for Social Security Federal
Public Service for ICT (FEDICT)
2
What is E-government ?

E-government is a continuous optimization of
service delivery and governance by transforming
internal and external relationships through
technology, internet and new media
external relationships
government lt-gt citizen
government lt-gt business
internal relationships
government lt-gt government
government lt-gt employees
all relationships
are bidirectional
can be within a country or border-crossing

3
Government

not monolithic
EU
in every country
federal level
regions
communities
provinces
municipalities
parapublic institutions
private instutions participating in delivery of
public services
integrated E-government is based upon common
strategy, multilateral agreements and
interoperability
E-government contains the opportunity to realize
one virtual electronic government with full
respect for every specific competence

4
Advantages

efficiency gains
in terms of costs same services at lower total
costs, e.g.
unique information collection using co-ordinated
notions and administrative instructions
less re-encoding of information by electronic
information exchange
less contacts
functional task sharing concerning information
management, information validation and
application development (distributed information
systems)
in terms of quantity more services at same total
cost, e.g.
all services are available at any time, from
anywhere and from any device
integrated service delivery
in terms of speed same services at same total
cost in less time
reduction of waiting and travel time
direct interaction with competent governmental
institution
real time feedback for the user

5
Advantages (ctd)

effectiveness gains
in terms of quality same services at same total
cost in same time, but to a higher quality
standard, e.g.
more correct service delivery
personalized and participative service delivery
more transparant and comprehensive service
delivery
more secure service delivery
possibility of quality control on service
delivery process by customer
in terms of type of services new types of
services, e.g.
push system automatic granting of or information
about services
active search of non-take-up using
datawarehousing techniques
controlled management of own personal information
personalized simulation environments

6
E-government a structural reform process

ICT is only a means by which a result may be
obtained
E-government requires
considering information as a strategic resource
for all government activity
change of basic mindset from government centric
to customer centric
re-engineering of processes within each
government institution, each government level and
across government levels
clear definition of mission and core tasks of
every governmental institution

7
E-government a structural reform process (ctd)

E-government requires (ctd)
co-operation between governmental institutions
one virtual electronic government, with respect
for mission and core tasks of each governmental
institution and government level
co-operation between government and private
sector
adequate legal environment elaborated at the
correct level
interoperability framework ICT, security, unique
identification keys, harmonized concepts
implementation with a decentralized approach, but
with co-ordinated planning and program management
(think global, act local)
adequate measures to prevent a digital divide

8
Information as resource implications

information modelling
information is being modelled in such a way that
the model fits in as close as possible with the
real world
definition of information elements
definition of attributes of information elements
definition of relations between information
elements
information modelling takes into account as much
as possible the expectable use cases of the
information
the information model can be flexibly extended or
adapted when the real world or the use cases of
the information change

9
Information as resource implications (ctd)

unique collection and re-use of information
information is only collected for well-defined
purposes and in a proportional way to these
purposes
all information is collected once, as close to
the authentic source as possible
information is collected via a supplier-chosen
channel, but preferably in an electronic way,
using uniform basic services (single sign on,
arrival receipt of a file, notification for each
message, )
information is collected according to the
information model and on the base of uniform
administrative instructions

10
Information as resource implications (ctd)

unique collection and re-use of information (ctd)
with the possibility of quality control by the
supplier before the transmission of the
information
the collected information is validated once
according to an established task sharing, by the
most entitled institution or by the institution
which has the greatest interest in a correct
validation
and then shared and re-used by authorized users

11
Information as resource implications (ctd)

management of information
information in all forms (e.g. voice, print,
electronic or image) is managed efficiently
through its life cycle
a functional task sharing is established
indicating which institution stores which
information in an authentic way, manages the
information and keeps it at the disposal of the
authorized users
information is stored according to the
information model
information can be flexibly assembled according
to ever changing legal notions
all information is subject to the application of
agreed measures to ensure integrity and
consistency

12
Information as resource implications (ctd)

management of information (ctd)
every institution has to report probable
improprieties of information to the institution
that is designated to validate the information
every institution that has to validate
information according to the agreed task sharing,
has to examine the reported probable
improprieties, to correct them when necessary and
to communicate the correct information to every
known interested institution
information will be retained and managed as long
as there exists a business need, a legislative or
policy requirement, or, preferably anonimized or
encoded, when it has historical or archival
importance

13
Information as resource implications (ctd)

electronic exchange of information
once collected and validated, information is
stored, managed and exchanged electronically to
avoid transcribing and re-entering it manually
electronic information exchange can be initiated
by
the institution that disposes of information
the institution that needs information
the institution that manages the interoperability
framework
electronic information exchanges take place on
the base of a functional and technical
interoperabilty framework that evolves
permanently but gradually according to open
market standards, and is independent from the
methods of information exchange

14
Information as resource implications (ctd)

electronic exchange of information (ctd)
available information is used for the automatic
granting of benefits, for prefilling when
collecting information and for information
delivery to the concerned persons

15
Information as resource implications (ctd)

protection of information
security, integrity and confidentiality of
government information will be ensured by
integrating ICT measures with structural,
organizational, physical, personnel screening and
other security measures according to agreed
policies
personal information is only used for purposes
compatible with the purposes of the collection of
the information
personal information is only accessible to
authorized institutions and users according to
business needs, legislative or policy requirement
the access authorisation to personal information
is granted by an independent institution, after
having checked whether the access conditions are
met
the access authorizations are public

16
Information as resource implications (ctd)

protection of information (ctd)
every concrete electronic exchange of personal
information is preventively checked on compliance
with the existing access authorisations by an
independent institution managing the
interoperability framework
every concrete electronic exchange of personal
information is logged, to be able to trace
possible abuse afterwards
every time information is used to take a
decision, the used information is communicated to
the concerned person together with the decision
every person has right to access and correct his
own personal data

17
Customer centric

unique declaration of every event during the life
cycle/business episode of a customer and
automatic granting of all related services, e.g.

18
Customer centric (ctd)

delivery of services that cannot be granted
automatically to a customer
in an integrated way
information
interaction
transaction
re-using all available information
harmonized concepts
back-office integration
prefilled information

19
Customer centric (ctd)

delivery of services that cannot be granted
automatically to a customer (ctd)
in a personalized way
look feel and interface
content
only relevant information and transactions
personalized support
contextual help
own language
adapted vocabulary
on-line simulations
or at least based on the way of thinking of the
customer group
life events (birth, marriage, etc.) or business
episodes (starting a company, recruiting
personnel, etc.)
life styles (sport, culture, etc.)
life status (unemployed, retired, etc.) or
business sectors
specific target groups

20
Customer centric (ctd)

declaration of events and service delivery via an
access method chosen by the customer
various end-user devices
PC, GSM, PDA, digital TV, kiosks,
file transfer
use of intermediaries
accessible to disabled
use of integrated customer relation management
tools
service delivery in principle free of charge

21
(No Transcript)
22
(No Transcript)
23
(No Transcript)
24
(No Transcript)
25
(No Transcript)
26
(No Transcript)
27
(No Transcript)
28
(No Transcript)
29
(No Transcript)
30
(No Transcript)
31
(No Transcript)
32
(No Transcript)
33
(No Transcript)
34
(No Transcript)
35
Re-engineering of processes

BPR programs started within every federal
ministry
but need for transversal BPR programs between
federal ministries
institutions of other government levels (e.g.
municipalities, regions, communities, )
parapublic institutions or private institutions
delivering public services (e.g. social security
institutions)
integration is the key
processes (back office and front office)
information management

36
Integration is the key

lack of integration leads to
overloading of the citizens/companies
multiple collection of the same information by
several governmental institutions
no re-use of available information
avoidable contacts with citizens/companies due to
multiple, unco-ordinated quality checks
waste of efficiency and time within the
governmental institutions
suboptimal support of the policy made by
government
higher possibilities of fraud

37
Co-operation between government levels

co-operation agreement has been signed between
federal government, regions and communities
coordinated offer of e-services to
citizens/companies
guarantee that a citizen/company can use the same
tools
terminal
software
electronic signature
guarantee of a unique data collection from the
citizen/company
with respect for the partition of competences
between government levels

38
Co-operation agreement between government levels

co-ordinated, customer oriented service delivery
agreements have to be made on common standards
mutual tuning of portals, middleware, websites
and back offices
use of common identification keys and electronic
signature
mutual tuning of business processes when
necessary
gradual mutual task-sharing on data storage in
authentic form
common policy on SLAs and security

39
Co-operation government and private sector

private companies as service providers (sharing
of investments), e.g.
network and security management
co-sourcing in BPR and development/maintenance/hou
sing of ICT building blocks, e.g.
certification authorities
portals
private companies as partners
integrated work flow with their own information
systems, e.g.
e-procurement
tax declaration
social security declarations

40
Changes of the legal environment

organization of integrated data management and
electronic service delivery legal base for Royal
Decree exists
functional task sharing on information management
obligation to respect unique data collection from
the customer
obligation to exchange information in an
electronic way
permission or obligation to use unique
identification keys
harmonization of basic concepts

41
Changes of legal environment (ctd)

ICT-law
data protection
public access to information
electronic signature
probative value
no overregulation
only basic principles
technology-neutral, but not technology unaware

42
Interoperability framework

goal to guarantee the ability of government
organizations and customers to share information
and integrate information and business processes
by use of
interoperable ICT
common security framework
common identification keys/sets for every entity
harmonized concepts and data modelling

43
ICT interoperability

examples on
www.govtalk.gov.uk and www.e-government.govt.nz
(recent frameworks based on actual open ICT
standards, to be implemented)
www.ksz.fgov.be (framework started in 1991 and
implemented between 2.000 Belgian social security
institutions, with unique gateway to foreign
social security institutions within the EU, and
continuously adapted to evolving and proven ICT
standards with backwards compatibility)
tendency to use of open ICT standards
but ICT is so dynamic and fast changing that ICT
standards are in an almost constant state of
evolution
huge need to agreements on how to ensure
functional interoperability, far beyond technical
interoperability

44
Functional ICT interoperability

standardized codification (e.g. institutions,
return codes, )
standardized use of objects and attributes
standardized layout of header of messages,
independent from information exchange format
(EDI, XML, ) and type of information exchange
version management
backwards compatibility
SLAs on disponibility and performance of
services
access autorisation management
anonimization rules
acceptation and production environments
priority management

45
Common security framework

issues
confidentiality
integrity
availability
authentication
autorisation
non-repudiation
audit

46
Common security framework (ctd)

specific points of interest
risk awareness based on risk analysis
security policies
structural and organisational aspects
encryption standards
interoperability of
PKI
electronic certificates
procedures (registration authority, certification
authority)
difference between identification certificates
and attribute certificates
attributes, optional fields
revocation lists
directories
application security

47
Common identification keys

at least common identification keys and
identification sets for every entity
person
company
patch of ground
between nations
unique schemes
conversion tables
regulation of interconnection of information
based on unique identification keys

48
Common identification keys (ctd)

characterictics
unicity
one entity one identification key
same identification key is not assigned to
several entities
exhaustivity
every entity to be identified has an
identification key
stability through time
identification key doesnt contain variable
characterics of the identified entity
identification key doesnt contain references to
the identification key or characteristics of
other entities
identification key doesnt change when a quality
or characteristic of the identified entity changes

49
Harmonized concepts and data model

harmonized concepts and datamodel example on
www.socialsecurity.be (best practice of
combination of back office integration and
e-portal solution in web-based survey on
electronic public services by DG Information
Society (European Commission) April 2002)

50
Harmonized concepts and data model

standard elements
with well defined characteristics
used within all services
OO-oriented, e.g. inheritance in a multilingual
environment
version management in an ever changing
environment
define once, use many (different presentations)
workflow for validation of standard elements and
characteristics
multi criteria search
by element
by scheme
by version

51
OO-oriented inheritance
52
OO-oriented inheritance
53
OO-oriented inheritance
54
Version management
55
Version management
56
Validation workflow
57
Validation workflow
58
Define once, publish many
59
Define once, publish many
60
Multi criteria search
61
Multi criteria search
62
Multi criteria search
63
A methodology to harmonize concepts

inventory of all documents (frequently) used for
information collection
inventory of collected information
classification of collected information using a
clustering methodology
decomposition of collected information into real
life classes with description of the asked
attributes
analysis of goals what is every real life
classes used for ?
setting up of simplification propositions (e.g.
senseless different treatment of same real life
object)

64
A methodology to harmonize concepts (ctd)

based on the simplification propositions, framing
out of an OO information model for information to
be collected
design of XML-schemas for the collecting of the
information, corresponding to the OO information
model
legislative adaptations in order to introduce the
uniform definitions of the information classes
procedures in order to guarantee the consistency
of the OO information model in an ever changing
legal environment

65
Preventing digital divide

no creation of information haves and information
have-nots
possible measures
promoting automatic granting of services
electronic services are (for the time being)
considered as extra services, tradional services
remain
access to electronic services in public places
role of intermediaries and front office
organisations
education and life-long learning
promoting usability of portals and websites

66
Some interesting Belgian projects

social security sector
network of service integrators
electronic identity card
unique identification keys
portal sites

67
April 2002

Web-based survey on electronic public services
ordered by the European Commission (p. 11)
The website of the social security administration
in Belgium (www.socialsecurity.be) is a good
example of the combination of back-office
integration and an e-portal solution. This site
is a front-office result of a long-term effort
that the Belgian government made last years
linking different databases. The site is a unique
window for social security in Belgium
See http//europa.eu.int/information_society/eeuro
pe/benchmarking/ list/source_data_pdf/2nd_measurem
ent_final_report.pdf

68
Belgian social security sector

principles have been implemented under
co-ordination of the Crossroads Bank for Social
Security, in co-operation with 2.000 public and
private social security institutions
functional and technical interoperability
framework is functioning
between these institutions
between these institutions and all employers
every socially insured person has a unique
identification key throughout the whole social
security sector and an electronically readable
social identity card containing this
identification key

69
Belgian social security sector

protection of information organised by
Control Committee designated by Parliament
preventive authorization of legitimacy of the
exchange of personal data
complaint handling
security policies
Crossroads Bank for Social Security
preventive access control
loggings

70
Interoperability within social security
onss
spf ss
onssapl
inasti
national register
cpsm
spf e t
onafts
Crossroads Bank for Social Security
onem
adp
inami
fat
sickness funds network
cger
fmp
onp
onva
ossom
71
Reference directory

serves as a base for organization of information
flows
structure
directory of persons what persons in what
capacities have personal files in what social
security institutions for what periods
data availability table what data are available
in what social security institutions for what
types of files
access authorization table what data may be
transmitted to what institutions for what types
of files
functions
routing of information
preventive access control
automatic communication of changes to information

72
Information servers

information servers
directory of persons of the Crossroads Bank
National Register
Crossroads Bank Registers
wages and working time database (LATG) of the
ONSS
employers directory (WGR) of the ONSS
consultable database of contribution certificates
- it contains the proofs of ensurability, i.e.
the fact that somebody is entitled to receive
medical treatment
SIS-card registers
services offered
interactive consultation
batch consultation
automatic communication of updates

73
National Register - CBSS Registers - past
situation
National Register
Municipalities
74
National Register - CBSS Registers present
situation
National Register
Municipalities
75
Preprocessed messages

preprocessed messages
beginning/end of labour contract, beginning/end
of self-employed activity
contribution certificates medical care
(employees, self-employed, beneficiaries of
social security allowances)
unemployment benefits career break
allowances for incapacity for work (health care,
accidents at work, occupational disease)
young unemployed
allowances to the handicapped
guaranteed income social support
people suffering from long-term illness
social exemption
fiscal exemption
tax reduction/exemption
special contribution for social security
solidarity contribution on old age pensions
migrant workers

76
Preprocessed messages

services offered
batch consultation
automatic communication of messages

77
Contribution certificate health care sector
past situation
Employees
Employer
Sickness funds
Control
INAMI
ONSS
78
Contribution certificate health care sector -
present situation
79
Derived rights in tax affairs

a number of people are entitled to an increased
refund of the costs for medical care
moreover, a number of municipalities and
provinces grant these persons reductions or even
exemptions of the taxes

80
Derived rights in tax affairs - past situation
Sickness fund
81
Derived rights in tax affairs - present situation
CBSS
sickness funds network
82
Number of exchanged messages
83
Some figures

14,5 million different persons known in person
directory
on an average, every person is known in 5,1
sectors
response time on-line messages

question
question
answer
answer
93,8 in lt 1 sec 99,6 in lt 2 sec
98,8 in lt 4 sec
84
Social security card
name Christian name date of birth sex social
security number period of validity of the
card card number
sickness fund sickness fund registration
number insurance period insurance status social
exemption status
key 1
other data to be added in the future, if useful
85
Social security card - example 1
Social identity card
in chemistries and hospitals
Sickness fund 1
Sickness fund 2
Sickness fund 3
86
Social security card - example 2
EMPLOYER
ONSS
CBSS
87
Social security portal
88
Integrated service delivery

common basic services (e.g. single sign on,
notification
information
several categories of transactions
transactions at the beginning or the end of
employment (DIMONA)
quarterly declaration of wages and working time
transactions when a social risk occurs
transactions in order to manage information about
yourself
transactions in order to control the quality of
the service delivery process
...

89
Transactions at beginning/end of employment
Simplification
Employment contract
Work force register
Special work force register
Indivudual document
Students contract
On line consultation
ONSS
Inspection
Work force register
Data- base
90
Immediate declaration of employment

can only be done electronically via
social security portal
FTP/MQSeries
interbanking network
vocal server
24/24 7/7
offers the employer a key to on-line consultation
and correction
of the database on employment
by using a electronic certificate, of the
database concerning wages and working time and
other derived databases
concerning his employees and the period of
employment

91
Quarterly declaration wages working time
Simplification
Employer
one electronic declaration
ONSS
old age pension
CBSS
holiday pay
92
Quarterly declaration wages working time

can only be done electronically via
social security portal
FTP/MQSeries
interbanking network
24/24 7/7
can, by using an electronic certificate
be consulted and corrected on-line by the
employer
concerning his employees and the period of
employment

93
Electronical declaration of social risks

today multiple collection of information by
using various, complex, not co-ordinated paper
forms

94
Electronical declaration of social risks

tomorrow
limitation of the collected information to the
information not yet available at other public
services (abolition or at least significant
simplification of forms)
unique collection of information from the
employer
in a standardized way across all social security
institutions
possibility of electronical declaration (24/24
7/7) via
social security portal
FTP/MQSeries
interbanking network
uniform instructions

95
Time frame

operational
DIMONA and on-line consultation of work force
register
declaration of temporary employment of foreign
employees in Belgium
declaration of temporary unemployment
declaration of building yards
on-line consultation of overdue payments of
social security contributions by an employer
documentation, instructions, test cases and
XML-schemes concerning transactions that will be
available during the next 2 years

96
Time frame

end 2002
multifunctional declaration of wages and working
time data
electronical declaration of beginning of
part-time job
electronical declaration of accident at work
application for temporary removal from work
because of occupational disease
end 2003
electronical application for allowances in case
of incapacity of work
end 2004
electronical application for unemployment
benefits
electronical application in case of pre-pension
scheme (early retirement)

97
Network of service integrators
Service integrator
R/CPS
R/CPS
Services repository
Extranet region or community
Service integrator (FEDICT)
Services repository
FPS
FPS
FedMAN
Internet
Municipality
SSI
FPS
Publilink
SSI
Extranet social security
Services repository
Service integrator (BCSS)
Province
Municipality
SSI
Services repository
98
Network of service integrators (ctd)

type of exchanged information
structured data
documents
images
multimedia
metadata
business processes
using web services

99
Network of service integrators (ctd)

useful functions of service integrators (FEDICT,
CBSS, )
secure messaging
business logic and work flow support
directory of authorized users and applications
list of users and applications
definition of authentication means and rules
definition of authorization profiles
which service is accessible to which type of
user/application for which persons/companies in
which capacities in which situation and for which
periods
directory of data subjects
which persons/companies in which capacities have
personal files in which institutions for which
periods
subscription table
which users/applications want to receive
automatically which services in which situations
for which persons in which capacities

100
Network of service integrators (ctd)
Information Exchange
ServicesRepository
Interconnection
Services Register ( UDDI)Agreements
( ebXML)PoliciesVocabularia (content
metadata)
TCP/IPSMTPLDAPFTPS/MIME
XMLXSLSOAPWSDLmetadata (RDF, XTM, XMI, )
Security (e.g. PKI)
Open standards
101
Network of service integrators (ctd)

key issues
evolution of standards
collaboration with vendors
not limited to public agencies
national, European international standards
every partner is free to implement internally in
his own way black box philosophy

102
FEDICT TANGO

Target Architecture for Networked Government
Operations

103
Service oriented architecture
Internet
Services
Intranet
Source Peter Strickx - FEDICT
104
Service oriented architecture
Intranet
Source Peter Strickx - FEDICT
105
Electronic identity card

retained functions
visual and electronic identification of the
holder
electronic authentication of the holder via the
technique of the digital signature
generation of electronic signature via the
technique of the digital signature (non
repudiation)
proof of characteristics of the holder via the
technique of the digital signature on the
initiative of the holder
only identification data storage
no electronic purse
no biometry

106
Electronic identity card content

visual
identification data name, first names, sex, date
and place of birth
National Register number
photograph
card number
validity period
electronic
serial number (sn)
National Register number (nrn)
card number (cn)
visual identification data sn nrn cn
(signed by National Register sig1)
address sig1 (signed by National Register
sig2)
photograph sig1 (signed by National Register
sig3)

107
Organization model

government chooses card producer and
certification authority issuing the identity
certificates as a result of a public call for
tenders
the municipality calls the holder for the issuing
of the electronic identity card
the municipality acts as registration authority
for 2 certificates authentication and electronic
signature
2 key pairs are generated within the card at
production time and the private keys are stored
within the chip of the card

108
Organization model (ctd)

the 2 certificates are created by the
certification authority, but published only when
the holder agrees
the use of the private keys within the chip needs
an activation of the card by a municipal official
using his PUK2 and the PUK1 sent to the holder
first authentication within one session (first
private key) and every generation of an
electronic signature (second private key)
requires the PIN code of the holder
the second private keys and the identity
certificate on the electronic identity card can
be used to generate an electronic signature
within the scope of E-government applications
which require such a signature

109
Organization model (ctd)

the electronic identity card contains the
necessary space to store other private keys
associated to attribute certificates that holder
can obtain at the certification authority of his
choice

110
Organization model
1
1
111
No storage of electronic data on the card

why not ?
preventing perception of the card as a big
brother
preventing loss of data, when the card is lost
preventing frequent updates of the card
stimulation of the controlled access to data over
networks, using the card as an access tool,
rather than storage of data on the card
thus, no integration of SIS-card and electronic
identity card

112
Technical characteristics

security policy conform to the BelPIC document
secure infrastructure between National Register
and service providers
smart card
support
format ID-1 (ISO 7816-1)
rainbowprint
fluorescent marks (UV)
an other substrat for impression
printing in OVI
micro-letter
kinegram
photograph
card number

113
Technical characteristics (ctd)

smart card (ctd)
chip ISO 7816-2 to 9 (format, command) and
PKCS15 (structure file and identifier)
protocol T0
functions PKCS11 ISO 7816-4-8-9
certificates X.509 V3
concrete implementation proposal of JavaCard
SLE66CX322P - 32KB
identity certificate status validation OCSP

114
Unique identification keys

citizens
generalization of the use of the social security
number (national register number or CBSS-number)
(electronically) readable from the electronic
identity card
controlled access to basic identification data in
National Register and CBSS
companies
unique company number (based on VAT-number)
unique number for every plant of business
generalized access to basic identification data
in Company Register
regulation on data interconnection