“stork / stork 2.0 project overview” are3na workshop, march 17th miguel alvarez rodriguez stork...
TRANSCRIPT
“STORK / STORK 2.0 Project Overview”ARE3NA workshop, March 17th
Miguel Alvarez Rodriguez
Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263
2
Presentation Outline
• STORK eID Interoperability Model• One MS’s view & expectation
• What was achieved in STORK• What wasn’t achieved?
• How is the “wasn’t” tackled• In STORK 2.0
3
STORK Breakthrough eID Interop. Model:European Federated Circle of Trust
Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263
STORKLayer of
Trust
MS A MS B
ATDE
SP
SP
SP
SP
SP
VIDP
VIDP
VIDP
VIDP
VIDP
PEPS
IDP AP
IDP
SPSP
PEPS
VIDP
SP
PEPS / V-IDP hide national specifics
for other countries, guarantee
Scalability & Trust
Communication between PEPSes
and V-IDPs based on common
specs
Communications with SPs, IdPs and
AP‘s can follow national rules
Electronic auth. process takes place at
country where eID was issued:
trustworthy data sources!
STORK connects national trust circles to the European layer of trust
4
STORK: Smarter eID Access! Towards a Single European eID Area
Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263
29+ Portals in 6 pilots 110+ eIDs accepted Succesful integrations: ECAS, PSCs,
ECRN, SEMIRAMIS, eduGAIN…
MW
MW
5
A STORK (1) pilot site
Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263
6
What has been achieved
Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263
• STORK 1 was a success• AT kept pilot WP 6.1 live
• 3 out of 4 that AT piloted still running
• Similar situation in most other MS
• STORK is constantly mentioned in eIDAS
7
But …
Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263
• Many processes are carried out on behalf
• a legal person • a natural person
• MS have (national) solutions as for eID in the pre-STORK era
8
What hasn‘t been achieved so far …
• Representation and mandates; attribute provision– STORK 1 limited to natural persons on their own behalf
• High attack potentials or access to sensitive data – Security addressed, but STORK 1 pilots no valuable targets
• Private sector services and service providers– STORK 1 was eGov services. Not by design, but in fact
• Liability and recognition– STORK 1 had no provisions, if something “goes wrong”
• Standardization and business models– STORK 1 did specifications, but no standards
Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263
9
… is addressed by
• Representation and mandates; attribute provision– Core of STORK 2.0 common specifications and all pilots
• High attack potentials or access to sensitive data – STORK 2.0 will pilot eHealth and Internet banking
• Private sector service providers – … will pilot company services and Internet banking
• Liability and recognition– part of eIDAS, but STORK investigates interim solutions
• Standardization and business models– dedicated work on eID service offerings
Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263
10
Working structure
• Took on, what went well in STORK 1– Overall working mode and collaboration tools – Common specification structure and methodology
• Adapted where we felt room for improvement – Stock taking, as existing mandate and attribute
infrastructure is more complex than “just eID”– Dedicated and continuous legal expertise WP– Strengthened the dissemination and service
offering efforts
Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263
11
eLearning & Academic Qualifications
The Pilots
Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263
eBanking
Public Services for Business eHealth
Thank you for your attention! www.eid-stork2.eu
Stork 2.0 is an EU co-funded project INFSO-ICT-PSP-297263