Arne Tauber

Cloud Computing in E-Government across Europe

Cloud computing has many advantages which also governments and public authorities can benefit from. Therefore, a couple of European countries have already adopted cloud computing in the public sector or are planning to do so. In this paper, we evaluate eight European countries on their use of cloud computing in e-Government and compare them. As a result, the dominant cloud computing deployment model in those countries is a so-called G-Cloud Governmental Cloud, a private or community cloud especially designed for national governmental use. In addition, no favored cloud service model has emerged, hence all standard cloud service models Infrastructure, Platform, and Software as a Service are adopted by most countries. Finally, half of the evaluated countries have anchored cloud computing in one of their national ICT strategies.

The Public Cloud for e-Government

Cloud computing and its flexible business model of consuming IT resources such as computing power or data storage just on demand promises a lot of benefits and advantages. These advantages also the public sector and governments can benefit from. Hence, cloud computing is already on the agenda of governmental policy and decision makers. Additionally, various countries have already adapted their IT strategies to support cloud computing for their governmental and public services. However, within the public sector the private cloud model currently constitutes the dominant deployed approach. Although this model offers high control it does not take full advantage of the economic benefits of cloud computing. Therefore, based on an evaluation of different cloud models and a comparison of different national cloud computing strategies the authors argue and show that public clouds are worth more than a peek for e-Government because of their tremendous cost savings potential.

A survey of certified mail systems provided on the Internet

Over the last several years, an increasing number of certified mail systems have been put into place on the Internet. Governments, postal operators and private businesses now provide value-added electronic services that match the quality of postal certified mail. So far, there is no common view on the security properties that an electronic certified mail system has to provide. This applies to implementers and, surprisingly, also applies to the research community. All certified mail systems provided on the Internet are autonomous, and most are closed systems. However, recent developments call for cross-border certified mail communications that are similar to what we have become accustomed to in e-mail. This demand is emphasized by the ongoing implementation of the European Union (EU) Services Directive. The interoperability of certified mail systems is a new and challenging research field. The aim of this paper is to assess and discuss various standards and certified mail systems deployed on a large scale by drawing on the literature. This will facilitate interoperability efforts by offering a clearer view on the security properties that are actually applied in practice, as opposed to what is in research. We do this by classifying systems according to the security properties defined to date in the literature. Our findings show that standards and systems provided on the Internet have adopted many aspects of postal certified mail with respect to fairness, non-repudiation services and applied trust models. Nevertheless, there are still differences and incompatibilities, and the community must work toward common and interoperable systems. We encourage research into additional properties that could be applied in practice.

Secure cloud authentication using eIDs

Identification and authentication are essential security functions for regulating access to protected data. Considering that, most cloud service providers rely on weak authentication mechanisms such as username/password schemes. While username/password authentication may be sufficient for simple customized applications, cloud applications in more sensitive areas such as in e-Government require more reliable and secure mechanisms. We close this gap for such cloud applications by applying the STORK framework for secure cloud authentication using eIDs. The STORK framework supports various national eID solutions and will be the relevant eID framework across Europe in future. We demonstrated our approach by enabling eID authentication at two selected public cloud service providers. Finally, we also moved the STORK framework to the cloud to apply the full cloud computing paradigm.

Towards interoperability: an architecture for pan-European eID-based authentication services

In the last years several EU Member States have rolled out smartcard based electronic ID (eID) solutions to their citizens. Not all of these solutions are directly compatible to each other. However, with respect to the i2010 e-Government initiative and the upcoming EU Services Directive, cross-border identification and authentication is now on the agenda of all EU Member States. In this paper we present a smart-card based eID identification and authentication solution, which supports smart-cards from different Member States. The proposed solution can be easily integrated into existing authentication and identity management solutions and does not necessarily require any additional client software to be installed by citizens.

Secure and privacy-preserving eGovernment: best practice Austria

In the past, contact with public authorities often appeared as winding way for citizens. Enabled by the tremendous success of the Internet, public authorities aimed to react on that shortcoming by providing various governmental services online. Due to these services, citizens are not forced to visit public authorities during office hours only but have now the possibility to manage their concerns everywhere and anytime. Additionally, this user friendly approach also decreases costs for public authorities. Austria was one of the first countries that seized this trend by setting up a nation-wide eGovernment infrastructure. The infrastructure builds upon a solid legal framework supported by various technical concepts preserving security and privacy for citizens. These efforts have already been awarded in several international benchmarks that have reported a 100% online availability of eGovernment services in Austria. In this paper we present best practices that have been followed by the Austrian eGovernment and that have paved the way for its success. By virtually following a traditional governmental procedure and mapping its key stages to corresponding online processes, we provide an insight into Austrias comprehensive eGovernment infrastructure and its key concepts and implementations. This paper introduces the most important elements of the Austrian eGovernment and shows how these components act in concert in order to realize secure and reliable eGovernment solutions for Austrian citizens.

Requirements and Properties of Qualified Electronic Delivery Systems in eGovernment: An Austrian Experience

Electronic mailing systems are the dominant communication systems in private and business matters. Public administrations deliver documents to citizens and businesses—subpoenas, legal verdicts, notifications, administrative penalties, and so forth. However, official activities are more strongly bound to legal regulations than in civil law. Delivery of crucial and personal documents raises the demand for qualified identification and non-repudiation services as featured by registered and certified mail in the paper world. Legal requirements for electronic delivery carried out by public administrations (eDelivery) cannot be fulfilled by standard mailing systems. Although the requirements for eDelivery systems may differ due to national legal regulations, this paper discusses common requirements and properties on an abstract level. Moreover, the author shows how these requirements have been addressed by introducing the Austrian eDelivery system for eGovernment applications.

An interoperability standard for certified mail systems

A large number of certified mail systems have been put into operation on the market over the last years. In contrast to standard mailing systems like e-Mail, certified mail systems provide the secure, reliable and evidential exchange of messages with the quality of traditional postal registered or certified mail. Most of these systems are tailored to national laws, policies, needs and technical requirements and are thus closed and only accessible by certain user groups. However, the ongoing globalization and opening of the markets, especially in the European Union, ask for global certified mailing as already known from e-Mail. Interoperability of certified mail systems is a new and challenging research field. This article presents a framework and standard to make arbitrary certified mail systems interoperable. The presented approach uses a federated trust network of so-called electronic delivery gateways for seamless certified mailing across systems. This is achieved by converting protocols and system specifics on different layers using a harmonized interoperability protocol. The presented framework has been standardized by the European Telecommunications Standards Institute (ETSI) as Registered Electronic Mail specification for interoperable certified mail systems.

Secure and privacy-preserving cross-border authentication: The STORK pilot 'SaferChat'

Secure user authentication, provision of identity attributes, privacy preservation, and cross-border applicability are key requirements of security and privacy sensitive ICT based services. The EU large scale pilot STORK provides a European cross-border authentication framework that satisfies these requirements by establishing interoperability between existing national eID infrastructures. To allow for privacy preservation, the developed framework supports the provision of partial identity information and pseudonymization. In this paper we present the pilot application SaferChat that has been developed to evaluate and demonstrate the functionality of the STORK authentication framework. SaferChat makes use of age claim based authentication mechanisms that allow for an online environment where kids and teenagers are able to communicate with their peers in a safe way. We first identify relevant prerequisites for the SaferChat pilot application and then give an introduction to the basic architecture of the STORK authentication framework. We finally show how this framework has been integrated into the SaferChat pilot application to meet the identified requirements and to implement a secure and privacy preserving cross-border user authentication mechanism.

A Systematic Approach to Legal Identity Management – Best Practice Austria

Electronic identity (eID) initiatives have in many cases started with state-issued credentials for secure authentication of natural persons. While citizen eID is a major leap, e-business and e-government processes are in many cases carried out by legal persons or professional representatives. Comprehensive mandate systems that seamlessly integrate with the national identity management (IDM) system are still rare.