Secure and Trust worthy eGovernment

1
Secure and Trust worthy eGovernment Panel
Conclusions Alain Esterle
2
Secure and Trust worthy eGovernment

• Trust and security relation is mainly driven by
• usability of the equipment and procedures
• privacy management
• interoperability of applications in different
  environments

09/02/2006
MUMOK Vienna, Austria
2
3
Usability

• usability models are missing in IT security
• usability experts and IT-security experts belong
  to different science communities
• need for an interdisciplinary approach
• users expectation and acceptability have to be
  accounted for at the initial step of IT security
  development (no usability retrofit)

4
Privacy

• Citizens need to have seals of trust concerning
  privacy products seals, compliance with
  standards approved by Data protection
  authorities, audits, etc.
• but technology development will require a new
  privacy paradigm, between the refusal of sharing
  any personal data and the transparent society
• New technologies should help reducing the current
  disparities (privacy regulation, databases, ID
  management)
• Multiple answers are needed and privacy issue
  must by accounted for at the initial stage of
  development

5
Interoperability

• Interoperability is crucial for ID management
  (credential, certificates)
• Minimum requirement of interoperability should be
  proposed
• Competing standards should converge at least at
  the European level
• The different levels of authentication in Europe
  have to be harmonised (analysis to the existing
  levels to be undertaken by ENISA in 2006)

6
Finally

• Usability and privacy need a user-centric
  approach, e.g. applying the concurrent
  engineering methods to IT security developments
• Interoperability of ID management tools is a
  political requirement (Manchester declaration)
  which needs dialogue and cooperation in order to
  harmonize the levels of authentication throughout
  Europe