Abstract
Imagine that you are a citizen or a company and you are able to file your tax declaration or exchange governmental information by using your favourite existing electronic identity (eID), such as your bank or consumer account. At present, citizens and companies quite often have to create an individual account for almost every government application to share or exchange information. Enabling “bring your own identity” (ByoID) for eGovernment means that access management (AM) will gradually converge to create a single, user-friendly approach in the future. From a technical point of view, many of the necessary features and protocols already exist but have not yet been widely implemented in eGovernment environments. This poses a very complex challenge, both from an operational point of view and from an IT governance and compliance perspective. The only way to solve this is close collaboration among citizens, the private sector and the government. The basis will be an identity and access management (IAM) system that can be adapted to the comprehensive requirements resulting from the aforementioned collaboration. In this article, we describe the path the Swiss government has taken for establishing such a flexible IAM system from the IT providers’ perspective while respecting security and privacy requirements.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Bern University of Applied Science: STORK 2.0 für die Schweiz. Projektabschlussbericht, State Secretariat for Economic Affairs (SECO) (2016). http://www.seco.admin.ch/themen/05116/05118/05315/05329
Bundesversammlung der Schweizerischen Eidgenossenschaft: Bundesgesetz über die Informationssicherheit (ISG). Web, March 2014. http://www.news.admin.ch/NSBSubscriber/message/attachments/34224.pdf, draft. Accessed 25 May 2016
Bundesversammlung der Schweizerischen Eidgenossenschaft: 2011 - Bundesgesetz über das elektronische Patientendossier (EPDG). Web (2016). http://www.bag.admin.ch/themen/gesundheitspolitik/10357/index.html?lang=de. Accessed 9 Mar 2016
Der Schweizerische Bundesrat: Verordnung über die vom BIT betriebenen Verzeichnisdienste des Bundes. Web (2014). https://www.admin.ch/opc/de/classified-compilation/20132589/index.html. Accessed 6 Mar 2016
Der Schweizerische Bundesrat: Verordnung über die Informatik und Telekommunikation in der Bundesverwaltung. Web (2016). https://www.admin.ch/opc/de/classified-compilation/20081009/index.html. Accessed 6 Mar 2016
European Commission: Trust Services and eID. Web (2015), https://ec.europa.eu/digital-single-market/trust-services-and-eid. Accessed 10 Mar 2016
Fachgruppe Identity und Access Management: SuisseTrustIAM Rahmenkonzept. Standard eCH-0167, Verein eCH - E-Government-Standards, June 2014. http://www.ech.ch/
Federal Assembly of the Swiss Confederation: Federal Act on Data Protection (FADP). Web (2014). https://www.admin.ch/opc/en/classified-compilation/19920153/index.html. Accessed 9 Mar 2016
Federal Assembly of the Swiss Confederation: Ordinance on the Protection of Federal Information (Information Protection Ordinance, IPO). Web (2015). https://www.admin.ch/opc/en/classified-compilation/20070574/index.html. Accessed 9 Mar 2016
Federal IT Steering Unit: HERMES 5.1. Federal IT Steering Uni, 5.1 edn. (2015). http://www.hermes.admin.ch/onlinepublikation/index.xhtml
Federal IT Steering Unit: IKT-Strategie des Bundes 2016–2019. Web, December 2015. https://www.isb.admin.ch/isb/de/home/ikt-vorgaben/strategien-teilstrategien/sb000-ikt-strategie-des-bundes.html. Accessed 20 May 2016
Federal IT Steering Unit: Programme IAM of the confederation. Web (2015). https://www.isb.admin.ch/isb/de/home/themen/programme_projekte.html. Accessed 25 May 2016
Federal IT Steering Unit (FITSU): P000 - federal administration’s IT processes. Web, September 2015. https://www.isb.admin.ch/isb/en/home/ikt-vorgaben/prozesse-methoden/p000-informatikprozesse_in_der_bundesverwaltung.html. Accessed 25 May 2016
Federal Office of Police (fedpol): Establishment of an electronic identity (eid) that is valid nationally and internationally. Web (2016). https://www.egovernment.ch/en/umsetzung/schwerpunktplan/elektronische-identitat/. Accessed 25 May 2016
Hoernes, P.: Ein IAM Grossprojekt aus der Perspektive des Enterprise Architekten - Erfahrungen aus der Schweizer Bundesverwaltung. Web (2014). https://rg-muenchen.gi.de/node/1291, presentation at the EAM working group of the Gesellschaft für Informatik. Accessed 8 Mar 2016
Knittl, S., Wiedmer, H.U.: Dienste und IT-Governance in der Bundesverwaltung - Bedarf, Nutzen und Potenzial. eGov Präsenz (2015)
Lörincz, B., Tinholt, D., van der Linden, N., Oudmaijer, S., Jacquet, L., Kerschot, H., Steyaert, J., Cattaneo, G., Lifonti, R., Schindler, R., Millard, J., Carpenter, G.: eGovernment Benchmark Framework 2012–2015. Web (2012). http://ec.europa.eu/newsroom/dae/document.cfm?doc_id=1929. Accessed 9 Mar 2016
Open Group TOGAF-SABSA Integration Working Group: TOGAF-SABSA Integration WG: TOGAF and SABSA Integration. Whitepaper, The Open Group and The SABSA Institute (2011)
Sialm, G.: eIAM: Neue Möglichkeiten dank offener Architektur. Eisbrecher (54), June 2014. http://www.bit.admin.ch/dokumentation/00090/00156/index.html?lang=de
State Secretariat for Economic Affairs SECO: Identity network Switzerland. Web (2016). https://www.egovernment.ch/en/umsetzung/schwerpunktplan/identitatsverbund-schweiz/. Accessed 25 May 2016
Trägerverein SuisseID: SuisseID - Die SuisseID ist der Schweizer Standard für sichere Authentifikation und elektronische Signatur. Web (2016). http://suisseid.ch/de. Accessed 30 May 2016
Weber, C., Bernold, R., Brian, O., Brugger, J., Dungga Winterleitner, A., Fraefel, M., Hosang, R., Riedl, R., Selzam, T., Walser, K., Weissenfeld, K.: eID-Ökosystem Modell. Technical report Version 1.1, Fachhochschule Bern, June 2015. https://www.wirtschaft.bfh.ch/uploads/tx_frppublikationen/eID-OEkosystem_V1_2.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Sialm, G., Knittl, S. (2016). Bring Your Own Identity - Case Study from the Swiss Government. In: Schiffner, S., Serna, J., Ikonomou, D., Rannenberg, K. (eds) Privacy Technologies and Policy. APF 2016. Lecture Notes in Computer Science(), vol 9857. Springer, Cham. https://doi.org/10.1007/978-3-319-44760-5_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-44760-5_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-44759-9
Online ISBN: 978-3-319-44760-5
eBook Packages: Computer ScienceComputer Science (R0)