Secure and Privacy-Preserving eGovernment—Best Practice Austria

  • Karl Christian Posch
  • Reinhard Posch
  • Arne Tauber
  • Thomas Zefferer
  • Bernd Zwattendorfer
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6570)

Abstract

In the past, contact with public authorities often appeared as winding way for citizens. Enabled by the tremendous success of the Internet, public authorities aimed to react on that shortcoming by providing various governmental services online. Due to these services, citizens are not forced to visit public authorities during office hours only but have now the possibility to manage their concerns everywhere and anytime. Additionally, this user friendly approach also decreases costs for public authorities.

Austria was one of the first countries that seized this trend by setting up a nation-wide eGovernment infrastructure. The infrastructure builds upon a solid legal framework supported by various technical concepts preserving security and privacy for citizens. These efforts have already been awarded in several international benchmarks that have reported a 100% online availability of eGovernment services in Austria.

In this paper we present best practices that have been followed by the Austrian eGovernment and that have paved the way for its success. By virtually following a traditional governmental procedure and mapping its key stages to corresponding online processes, we provide an insight into Austria’s comprehensive eGovernment infrastructure and its key concepts and implementations. This paper introduces the most important elements of the Austrian eGovernment and shows how these components act in concert in order to realize secure and reliable eGovernment solutions for Austrian citizens.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Federal Chancellery Austria. The Austrian Citizen Card (May 2004), http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/index.en.html
  2. 2.
    Bundesgesetz. Bundesgesetz über die Zustellung behördlicher Dokumente (April 1982), http://www.ris.bka.gv.at/GeltendeFassung.wxe?Abfrage=Bundesnormen&Gesetzesnummer=10005522
  3. 3.
    Capgemini. EU eGovernment-Studie 2006 (2006)Google Scholar
  4. 4.
    Capgemini. EU eGovernment Report 2007 (2007)Google Scholar
  5. 5.
    Capgemini. eGovernment Benchmark 2009 (2009)Google Scholar
  6. 6.
    Centner, M., Orthacker, C., Bauer, W.: Minimal-Footprint Middleware for the Creation of Qualified Signatures. In: INSTICC Institute for Systems, and Portugal Communication Control Technologies of Information (eds.) Proceedings of the 6th International Conference on Web Information Systems and Technologies, pp. 64–69. INSTICC - Institute for Systems and Technologies of Information, Control and Communication, Portugal (2010)Google Scholar
  7. 7.
    Bundesgesetzblatt für die Republik Österreich BGBl. I Nr. 10/2004. The Austrian E-Government Act (2004)Google Scholar
  8. 8.
    Leitold, H., Hollosi, A., Posch, R.: Security Architecture of the Austrian Citizen Card Concept. In: ACSAC 2002: Proceedings of the 18th Annual Computer Security Applications Conference, Washington, DC, USA, p. 391. IEEE Computer Society, Los Alamitos (2002)CrossRefGoogle Scholar
  9. 9.
    Leitold, H., Posch, R., Rössler, T.: Media-break resistant eSignatures in eGovernment: an Austrian experience. In: Gritzalis, D., Lopez, J. (eds.) SEC 2009. IFIP-AICT, vol. 297, pp. 109–118. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  10. 10.
    ARGE Spezifikation MOA: Spezifikation Module für Online Applikationen - ID (August 2007), http://egovlabs.gv.at/projects/moa-idspss
  11. 11.
    Orthacker, C., Centner, M., Kittl, C.: Qualified Mobile Server Signature. In: Hinchey, M., Meyer, B., Turner, J.A., et al. (eds.). IFIP-AICT. Springer, Heidelberg (2010) (in press)Google Scholar
  12. 12.
    European Parliament and the Council: Directive 1999/93/ec on a community framework for electronic signatures (December 1999)Google Scholar
  13. 13.
    The European Parliament and the Council of the European Union: Directive 2006/123/EC of the Eurpean Parliament and of the Council on services in the internal market (2006)Google Scholar
  14. 14.
    Rössler, T.: Empowerment through Electronic Mandates – Best Practice Austria. In: Godart, C., Gronau, N., Sharma, S., Canals, G. (eds.) I3E 2009. IFIP-AICT, vol. 305, pp. 148–159. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  15. 15.
    OASIS Security Services (SAML) TC. Security Assertion Markup Language (SAML), http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Karl Christian Posch
    • 1
  • Reinhard Posch
    • 1
  • Arne Tauber
    • 1
  • Thomas Zefferer
    • 1
  • Bernd Zwattendorfer
    • 1
  1. 1.Institute for Applied Information Processing and CommunicationsGraz University of TechnologyGrazAustria

Personalised recommendations