Identification And Confidentiality For E-Government

The omnipresence of personal computers (PCs) and the Internet has encouraged public authorities to provide citizens with means of using information and communication technologies (ICT) to contact the public services. In such e-Government environments security is a major concern. In particular the unequivocal identification of the citizen that requests services from the authorities and the confidentiality of the data that is communicated during the transactions are major concerns.In this paper we describe how the Austrian federal government meets the security challenges that appear when advancing to e-Government. The strategic decisions and organizational structures that have been implemented to achieve coherent solutions are described. The main vehicles employed are electronic signatures and identification based on the citizen registration system. The Austrian citizen card concept that builds an underlying security infrastructure based on smart card technology is presented. The paper discusses how identification is provided with respect to data protection requirements. Regarding confidentiality we describe a model consisting of three security levels to meet the security demands of the different application domains. Moreover a concept is presented that relies upon open interfaces to achieve technology-neutrality and forward-compatibility. An example of an e-Government application is given to illustrate the flexibility of the concepts that have been followed.