Belgian EID Card - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

Belgian EID Card

Description:

Belgian EID Card – PowerPoint PPT presentation

Number of Views:115
Avg rating:3.0/5.0
Slides: 18
Provided by: downloadM
Category:
Tags: eid | belgian | card

less

Transcript and Presenter's Notes

Title: Belgian EID Card


1
Belgian EID Card
Derette Willy eID program manager
  • 15/12/2004

2
Agenda
  • Role of Steria in the project
  • Actual status of the Roll out
  • Different actors
  • Global planning
  • The Belpic Project
  • Use of the eID card
  • Contents of the EID Card
  • The trusted CA Hierarchy
  • The Trusted Services
  • Mutual Authentication SSL V3
  • Realisations How to Use Quick Scan

3
Identity Card of Steria
8400 employees of which 230 in Belux 987 M
revenue (2003) of which 36 M in Belux
Public Government 30
Manufacturing Utilities Transport 30
Managed Services 50
Consulting 10
Systems Integration 50
Banking Insurance 25
Telecom 15
Core businesses
Markets
Belux MS 34 SI 60 C 6
Belux Public 48, Industry 25 Finance 27
4
BELPIC project role of Steria
  • Design of architecture (central and local)
  • Software Development
  • modifications on mainframe
  • new application servers
  • PCs in the municipalities
  • Infrastructure delivery (central and local)
  • Project management

5
BELPIC project actors / planning
Contract
2002
2003
2004
12/06
2005
Jan


Dec
Jan

Jun

Dec
Jan

Mar

Jul

Jan
7 months
T0
T0 2M
T0 7M
T0 5Y
A
B
C
T0 3M
T0 5M
6
(No Transcript)
7
(No Transcript)
8
BELPIC project
  • Aim of Belpic-project
  • Give Belgian citizens an electronic identity card
    enabling them to authenticate themselves towards
    diverse applications and to put digital
    signatures
  • Chip contains the same information as printed on
    the card (name, first names, nationality, birth
    place and date, sex, validity of the card, photo,
    signature, identification number) filled up with
  • Certificates (signature, authentication)
  • The main residence of the holder
  • No other information on the card is allowed!

9
Use of e-ID
  • Customer identification (data capture)
  • No errors
  • Very fast
  • (Complete) Identity information gt Profiling
  • Strong authentication
  • Universal solution (advantage for the customer)
  • SSO (Single sign on) gt one authentication server
  • State of the art ( Replacement of the token) /
    No pin mailers
  • Signature
  • Anywhere, anytime.
  • Simplicity (? token)
  • Non repudiation
  • Encryption
  • No encryption for the moment (foreseen at a later
    stage)
  • Private key backup archiving issue

10
BELPIC Contents of EID Card
?
?
?
?
Private keys
Certificates
Pin Code Housekeeping
PUK1/2
Activate Unblock
Cert_Cit-Auth
Prik_Cit-Auth
Pin code
PUK1/3
Prik_Cit-Sign
Cert_Cit-Sign
?
eID identity data
Cert_CA-Cit
ID
Cert_RRNAS
S (IDADRPH)
ID Ident)
Cert_CA-Root
ADR
Public keys
?
ADR adres
Role 7
Photo
PubK_CA-Role
PH hash photo
Prik_Base
PuK_Base
WDe/2002
11
The trusted CA hierarchy
Globalsign Top Root CA
Selfsigned
Belgium Root Signed Belgium Self Signed
Selfsigned
eID Citizen CA
Government CA
Administration CA
Forthcoming CA
  • Signature (1024 bits)

- Cert_Role-7
?
- Authentication (1024 b)
- Cert_SAW-Enc
- Cert_SAW-Sign
eID
WDe/2002
12
Trusted Services
  • Registration

Control Registration
Certificate Request
Certification Authority
Municipality
1
  • Authentication

OCSP Or CRL
Authentication Signature
CRL
Validation
2
Secure Sites
Citizens
13
Digitally Signing a Message
Sender
Receiver
Network
Hash
Hash
?
Encryption Senders Private key
13
13
Senders Public Key
WDe/2002
Digital Signature
14
SSL v3 Mutual Authentication
Connect to server (server name) Acknowledge
presence Sending of challenge (RND) Server
encrypts with its Private key Send back with
Certificate chain Check cert. Validity server
name If OK notify server Server sends
challenge Browser encrypts with private key Of
authentication certificate (PIN code) Encrypted
challenge certificate chain (authent.
Certificate only if chain NA) Server checks
(OCSP-CRL) If ok notify user Agree on session
key Browser generates key encrypt with Pub.
Key server. Sent to server.
Secure Store
Secure Store
Cert_Cit-Auth
CertChain_Server
Web Server
User
15
How using?
  • Steria has developed modules / methods for
  • Getting User Identity Name, First Name, Gender,
    Birth date, Birth place, Nationality, National
    Register Number, Address, Photo.
  • Authenticating Card Holder Authentication with
    the authentication private key of the card
    holder.
  • Signing Data Signing data by the Card with the
    non-repudiation private key of the card holder.
  • Applications
  • Stand Alone Application
  • Client/Server Application
  • Light Client Browser application
  • PC Emulation to a central environment

16
Examples Stand-alone application
17
How using?
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Belgian EID Card" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!