Digital

Blog

European Commission Digital

eIDAS for SMEs: Electronic Identification and Trust Services supporting Business in Europe
Thomas FILLIS posted on Sep 28, 2018

eIDAS for SMEs: Electronic Identification and Trust Services supporting Business in Europe


From 29 September 2018 onwards, the European Union’s Electronic Identification and Trust Services Regulation (eIDAS) will apply directly in its entirety in the European Union. Now it is up to businesses as well as European citizens to take advantage of this revolutionary way of using electronic identification throughout the EU and doing business across borders. The eIDAS for SME pilot helps SMEs to discover eIDAS and how it can benefit their businesses, such as by creating more efficient business processes. The pilot includes webpages, webinars, a checklist and many other useful material.

Via the eIDAS for SMEs page, you can download a general guidance document, checklist,  discover a learning programme and dedicated information for the financial services sector, online retail sector, transport sector and professional services sector.

The European Commission has commissioned a study and a pilot to lead eIDAS for SMEs, a cutting-edge campaign focusing on the power and potential of eIDAS, particularly for cross-border trade and small- and medium-sized enterprises (SMEs). Through a hosts of videos, infographics, sector-specific use cases, an interactive training toolbox and a series of cutting-edge, exploratory webinars, SME leaders, policymakers and other digital experts are invited to discover and learn about the latest developments and emerging opportunities of electronic identity (eID) and trust services.

The Connecting Europe Facility (CEF) supports the implementation of eIDAS with the eID, eSignature and eDelivery building blocks

  • The CEF eID building block is a set of services (including software, documentation, training and support) provided by the European Commission and endorsed by the Member States, which helps public administrations and private Service Providers to extend the use of their online services to citizens from other European countries. This is realised through the mutual recognition of national electronic identification (eID) schemes (including smartcards, mobile and log-in), allowing citizens of one European country to use their national eIDs to securely access online services provided in other European countries.
  • The CEF eSignature building block helps public administrations and businesses to accelerate the creation and verification of electronic signatures through a service offering including The Digital Signature Services (DSS), the Trusted List Manager, DSS Conformance Testing (maintained by ETSI) and Technical specifications and associated standards (maintained by ETSI).
  • The CEF eDelivery building block is a network of nodes for digital communications. It is based on a distributed model where every participant becomes a node using standard transport protocols and security policies.

The eIDAS Regulation (Regulation 910/2014 on electronic identification and trust services for electronic transactions in the internal market) sets a framework for electronic identification and trust services for electronic transactions in the European single market. It is a milestone to provide a predictable regulatory environment to enable secure and seamless electronic interactions between businesses, citizens and public authorities.


CEF eSignature facilitates the first electronic signature on an EU regulation
Sophia Bunemann posted on Sep 27, 2018

CEF eSignature facilitates the first electronic signature on an EU regulation!

Why was the project set up?

With the eIDAS Regulation, the EU introduced a single framework for electronic identification and e-signatures (electronic signatures). It promotes interoperability across the 28 EU countries, ensuring that, for example, a document signed in Helsinki can be validated in Lisbon. The eIDAS Regulation establishes a qualification scheme for e-signatures and providers of e-signature services. Qualified e-signature service providers can issue certificates to any citizen or business for the creation of qualified e-signatures, legally equivalent to handwritten signatures across Europe.

To set an example for all of Europe, the Council of the European Union and the European Parliament (EP) joined forces to e-sign a regulation. A first for e-signatures and a first for European legislation!

On 25 October 2017, Antonio Tajani, President of the European Parliament, and Matti Maasikas, of the Estonian Presidency of the Council, e-signed the new Security of Gas Supply Regulation in support of the digital transformation of the European Union and the Digital Single Market strategy.

                       

Antonio Tajani e-signing on behalf of the European Parliament


Why electronic signatures?

Adopting legislation is usually a time-consuming, paper-based process. From the drafting of the legislation to its publication, the document is printed, signed, scanned, delivered or disposed many times. Legislative documents tend to be large – the Security of Gas Supply Regulation in all 24 languages, counts over 3000 pages – and the signing act requires the physical presence in Strasbourg of signatories representing the European Parliament and the rotating presidency. E-signing with all its benefits improves the legislative process on a number of fronts.

The European Union has entered the age of digitisation, and by signing electronically a legislative act (classified by the lawyers as “body of secondary EU law”) the European Parliament and the Council of the EU have sent a political signal to all Member States about it.

How do the CEF building blocks fit in?

For the signing ceremony, the European Parliament prepared a signing application, the European Parliament Electronic Signature Console, based on the Digital Signature Service (DSS). DSS is an open-source library for the creation and validation of e‑signatures and e-seals developed by the Connecting Europe Facility's (CEF) eSignature building block.

DSS was chosen as the signing 'engine' of the signing application for its out-of-the-box support of the eIDAS Regulation and European standards for e-signatures. In particular, according to the European Parliament, DSS provides full support for the signing of a PDF document, the required format (PDF/A) for the ceremony. DSS also proved highly flexible, being reusable in different topologies, possible to be integrated in its entirety or on a module-by-module basis.

How was the signing application developed?

The e-signing was the result of a collaboration between different European Union institutions, bringing together the Estonian presidency of the Council, the General Secretariat of the Council and the General Secretariat of the European Parliament. The European Commission provided technical support for the DSS library.

Start with the legal basis

The starting point was the legal analysis, an important step due to the novelty of the use of an e-signing tool in the European legislative process. A first task was to define the level of trust of the used e-signatures. Inspired by the eIDAS Regulation, the chosen e-signature type was the qualified e-signature, legally equal to handwritten signatures. A qualified e-signature guarantees the highest level of security and legal value defined in the Regulation and is acknowledged in all Member States of the EU, necessary for a legislative act of such high-level juridical value.

Build the solution

With the legal aspects clarified, the Directorate-General for Innovation and Technological Support of the European Parliament began to look at the technical solution for the job. The initial approach was to use the Parliament's Digital Signature Portal (DiSP). This tool – also based on the DSS library – is used by the Members of the European Parliament to e-sign legislative amendments and the Parliament's civil servants to e-sign administrative forms and documents.

Due to technical and security considerations however, a separate tool was prepared for the signing ceremony - the European Parliament Electronic Signature Console. The Console offers a number of additional features, some of them specific to qualified e-signatures. For that, the Parliament's ICT Security Unit provided the necessary components, such as trusted certificates, smartcards and access to a timestamp server.  The Console was built as a stand-alone Java application.


What sets the signing application apart from other solutions?

To meet the requirements of a legislative process, the signing application was designed to conform to strict legal requirements and best-practice standards for security and technical attributes.

Second, compared to other signing solutions in the market, the application accepts a wide range of smartcard profiles, including many national smartcards used for electronic identification and many commercially available smartcards.

Third, the application allows the user to set a predefined workflow that constrains the e-signing process for a dedicated purpose. The workflow defines the signatories of the document, the order of the signatories, the date of the e-signature, etc.

What's next?

Now that the first e-signing of a legislative document has taken place, the Parliament is now considering further possibilities for the use of the application, and its potential to be applied in various processes. One of the possibilities is adapting the application and integrating it with the existing internal DiSP portal, allowing a choice of e-signature levels (simple, advanced, qualified) depending on the legal value of the document. Using the application for everyday work will reduce costs and time, increase security and ensure processes can be conducted digitally from beginning to end.

Are you ready for eSignature?

Explore More Success Stories and Content

Error rendering macro 'newsteaser'

com.atlassian.confluence.search.v2.ContentSearch.getSearchFilter()Lcom/atlassian/confluence/search/v2/SearchFilter;

 

CEF eSignature




Improving cross-border cooperation with The Once-Only Principle
Sophia Bunemann posted on Sep 24, 2018

Improving cross-border cooperation with The Once-Only Principle

 


Member States will soon have increased ability to share data and cooperate across borders, making it easier for citizens and businesses to interact with public services in the EU.

Driving this initiative is the once-only principle (TOOP): a core tenet of the EU’s eGovernment Action Plan that describes how citizens and businesses should be able to provide information once, and have that data shared and re-used with other public administrations.

Enabling greater interoperability between governments is expected to enhance mobility, reduce administrative overhead, and create transparency between Member States.

How CEF supports the once-only principle

TOOP led to the creation of a solution architecture that connects 40 information systems using CEF building blocks, including eDelivery, eSignature and eID.

A series of pilot projects have been set up all over the EU, involving 50 organisations. Projects were selected for funding based on their cross-border relevance, potential to reduce administrative burden, and feasibility of implementation.

Successful completion of these pilots will:

  • Offer cross-border electronic services to enhance business mobility, including cross-border public procurement procedures
  • Connect company data, facilitating cross-border eGovernment services for businesses
  • Facilitate online shipping and crew certificates, enabling access to necessary certificates to foreign port authorities during ship inspections

Reusing  TOOP’s architecture will reduce costs for future eGovernment applications and service implementations for all Member States.

Early successes

Pilots have already begun delivering results. In July this year, Sweden and Greece released the first successful TOOP implementations. Greece deployed data consumer capability with the Greek ESPD service, while Sweden delivered both data consumer and data provider capability.

TOOP pilots will continue testing data exchange using CEF Building Blocks throughout the year. Stay informed through The Once Only Principle website or sign up to the TOOP project newsletter.

Explore More Success Stories and Content

Error rendering macro 'newsteaser'

com.atlassian.confluence.search.v2.ContentSearch.getSearchFilter()Lcom/atlassian/confluence/search/v2/SearchFilter;

CEF eID

CEF eDelivery

CEF eSignature



CEF eDelivery: Domibus 4.0 FR - Available Now
Thomas FILLIS posted on Sep 21, 2018

CEF eDelivery: Domibus 4.0 FR - Available Now

©Pixabay

The European Commission is happy to announce that the 4.0 final release (FR) of the Domibus AS4 sample implementation software is now available.

Domibus 4.0-FR is a major release, with several modifications regarding the previous versions. The Commission encourages all interested parties to adopt this release.

The eDelivery Building Block of the Connecting Europe Facility (CEF) promotes the use of the AS4 messaging protocol to create a secure channel for the transmission of documents and data by electronic means, over the internet or via a private network.

CEF eDelivery is a network of nodes for digital communications. It is based on a distributed model where every participant becomes a node using standard transport protocols and security policies. AS4 both provides evidence relating to the handling of the transmitted data as well as protecting it against the risk of loss, theft, damage or any unauthorised alterations.

Domibus 4.0-FR has been achieved only through close collaboration between different EU policy projects' IT delivery teams and CEF eDelivery. Highlights of the release include:

  • Multi-tenancy support
  • TEST service that allows to "ping" a communication partner
  • Audit support
  • Export UI tables metadata as CSV files
  • Management of participants through the administration console
  • Alert management module
  • Domibus support for Wildfly 12
  • Keep the history of PMode changes
  • Configurable Domibus Admin Console title
  • Support ofr LDAP CRLs
  • Fix the Unique Particle Attribution violations in the Default WS Plugin

Domibus 4.0-FR is backwards compatible with 3.3.x and the upgrade is not mandatory.  Please note that the custom plugins need to be updated in order to be compatible with Domibus 4.0-FR. PMode configuration files that were used with Domibus 3.3.x can also be used in Domibus 4.0-FR without any change.

In addition, the European Commission is organising a live webinar to be held on 2 October, 10.30 - 11.30 CET, aiming to showcase the new features available with Domibus 4.0 and to promote and support the upgrade to this latest version of the software.

The Connecting Europe Facility (CEF) supports multiple digital infrastructure projects which contribute to improvements in the daily lives of Europeans through digital inclusion, the connectivity and interoperability of European digital services, and the development of a Digital Single Market.

Dutch service providers are ready for eIDAS
Sophia Bunemann posted on Sep 21, 2018

CEF TELECOM GRANT BENEFICIARY

Dutch service providers are ready for eIDAS

 

How the Netherlands engaged service providers to prepare for the eIDAS deadline

From September 29th this year, Dutch public administrations will be required to comply with the electronic identification, authentication and trust services (eIDAS) Regulation. The Dutch Ministry of the Interior and Kingdom Relations has taken an active role in informing service providers of the upcoming eIDAS deadline and consequent implications. Engaging service providers remains a top priority for the Ministry to ensure The Netherlands can accept eIDs from other EU countries, in line with the standard. 

To date, the Ministry has:  

  • Started communicating the eIDAS regulation in 2017
  • Launched the eIDAS information website
  • Identified the service providers in the Netherlands that should comply with the eIDAS-regulation
  • Developed additional infrastructure that can match the notified eIDs to the Dutch Citizen Service Number (BSN), a requirement for many service providers in order to provide digital services.

The Ministry expects 300 government agencies to be ready to receive eIDAS attributes in the coming months.

eIDAS online magazine    

(Source: https://magazines.logius.nl/eidas/2017/01/index)

Getting information out to a large group of people quickly is a key objective for the Dutch Ministry.

To help service providers understand whether they would be impacted by the eIDAS deadline and what they needed to do about it, the Ministry of Interior and Kingdom Relations published a website. Accurate, high quality content was produced to help answer frequently asked questions and give service providers a better understanding of the eIDAS Regulation.

By accepting any log-in attempt with an EU ID will decrease bureaucratic hurdles for EU citizens and businesses going forward, including Dutch citizens and businesses. Service providers can also contact the service hub through the service point eIDAS@logius.nl for further questions.

Best practices and business cases are published to help readers understand how others have approached eIDAS. Throughout the website build, the project team was in close contact with two of the largest service providers in the Netherlands. Continuous dialogue between the private and public sectors helped to improve the quality of eIDAS implementation in the Netherlands.

The website continues to enable the Ministry to communicate complex regulatory guidance directly to hundreds of service providers across the Netherlands.

How CEF contributed

CEF Building Blocks supported the website project team by serving as a fact checker, especially around explanations of eIDAS and the possible implementation options. Dutch service providers participated in CEF calls to prove the functionality of the eIDAS infrastructure in the Netherlands and gather information from fellow implementation projects.

"For the Dutch Ministry of the Interior and Kingdom Relations, working together with CEF means that we offer service providers extensive support in their preparations for the eIDAS-regulation. This ranges from participating in CEF calls and to sharing CEF updates about the login methods that are expected to become eIDAS-approved. As a CEF Telecom Delegate I had the opportunity to link domestic needs with the available funding and knowledge at EU level"

Freek van Krevel, Senior Policy Advisor on EU implementation programmes and eIDAS at the Ministry of the Interior and Kingdom Relations the Netherlands.

Next Steps 
The Netherlands was the first nation to successfully connect to the German eIDAS node. The team is continuing to focus on ensuring service providers comply to eIDAS and communicating the eIDAS benefits.  

CEF grants

To date, the Netherlands has also received the following eIDAS related grants from INEA:

  • 2014-NL-IM-0020 eIDAS 2018 for Municipalities
  • 2015-NL-IA-0077 eIDAS for Municipalities II - To connect municipalities with over 100 services to the NL-eIDAS node
  • 2015-NL-IA-0078 Connecting Dutch governmental service providers to NL-PEPS/ eIDAS node
  • 2016-EU-IA-0064 eID@Cloud- Integrating the eIdentification in European cloud platforms according to the eIDAS Regulation
  • 2017-NL-IA-0014 Testing and piloting the NL eID ecosystem, including connection to the Municipal Personal Records Database


See all the Dutch projects that have been funded by CEF Telecom Grants.

See how your project can also benefit from EU funding.


Are you ready for eIDAS in public institutions?

Explore More Success Stories and Content

Error rendering macro 'newsteaser'

com.atlassian.confluence.search.v2.ContentSearch.getSearchFilter()Lcom/atlassian/confluence/search/v2/SearchFilter;

CEF eID

CEF eID service offering canvas

eJustice and cross-border collection of traffic penalties
Sophia Bunemann posted on Sep 20, 2018

A Connecting Europe Success Story

eJustice and cross-border collection of traffic penalties

How a mission to improve the collection of traffic penalties across France and the Netherlands led to the creation of a secure, fast and reliable data exchange platform.  


Every summer, France attracts millions of visitors from all over the world as a holiday destination. While the increase in tourism brings a welcome boost to the economy, one of the drawbacks is an increase in traffic violations and road-related casualties.

With the number of casualties and incidents on the road steadily increasing each year, the French National Agency for Automated Offence (Antai) were compelled to take action.


eCODEX and tracking drivers across borders

In response to the climbing rate of traffic incidents, Antai collaborated with the Dutch Fine Collecting Agency (CJIB) to build a solution to improve cross-border fine collection.

The two European traffic authorities recognised the need for a platform that would enable a fast, secure and reliable exchange of data related to traffic offences across different jurisdictions. It had to be interoperable and able to accept electronic identities in all Member States involved.

They delivered on that with the successful launch of eCODEX; the eJustice Communication via Online Data Exchange. eCODEX allows European cross-border access to justice for citizens, businesses and legal authorities within the EU. eCODEX set the foundations for eDelivery; a CEF building blocks that can be reused on any European project requiring secure data exchange between entities and across borders. The co-development of CEF eDelivery and eCodex ensured and continues to ensure the opportunities for cross-domain operations. Reusing the building blocks also minimizes costs for further development.

eCodex piloted from 2010 to 2016, establishing a digital exchange infrastructure for the European Justice domain that enabled both Member States to exchange traffic penalty data. To date, the platform has been updated to comply with eID regulation for electronic identification transactions in the EU. 


Get involved or ask a question

If you would like to learn more about implementing eCodex in your country or use eDelivery and eID for a similar project, read more about it here

Are you ready for eDelivery in public institutions?

Explore More Success Stories and Content

Error rendering macro 'newsteaser'

com.atlassian.confluence.search.v2.ContentSearch.getSearchFilter()Lcom/atlassian/confluence/search/v2/SearchFilter;

CEF eDelivery

CEF eDelivery service offering canvas

CEF eInvoicing Implementation Checklist Now Live
Thomas FILLIS posted on Sep 20, 2018

CEF eInvoicing Implementation Checklist Now Live

©Pixabay


The European Commission has published an eInvoicing Implementation Checklist to support the adoption of eInvoicing solutions compliant with the European standard on eInvoicing and the transposition of the Directive 2014/55/EU (on electronic invoicing in public procurement) into national legislation.

It is an easy-to-consult reference point and contains the essential information to accompany concrete implementation of compliant national eInvoicing policy. It outlines how to successfully drive eInvoicing policy at the national level, how to ensure coherence with EU law and facilitate technical implementation of IT infrastructure to support eInvoicing. It also includes a guide to success factors and pitfalls, as well as aspects to consider throughout the on-boarding process for suppliers to participate in eInvoicing.

This checklist is an extract of the EMSFEI guidance paper published in June 2018. The guidance paper also highlights the tools, services, support and information (such as country factsheets) provided as part of the Connecting Europe Facility (CEF) eInvoicing Building Block, a key support mechanism for Member States in implementing the Directive.

The European Multi-Stakeholder Forum on eInvoicing (EMSFEI) brings together public and private sector representatives from EU Member States, as well as other experts, on a regular basis to discuss and make recommendations to the community of eInvoicing stakeholders and to the European Commission on how to promote and implement eInvoicing. The Directive calls for a European standard on eInvoicing in public procurement to prevent the proliferation of different formats of eInvoices in the Single Market.

Over €18 million requested for CEF eDelivery, eInvoicing & eTranslation
Thomas FILLIS posted on Sep 19, 2018

Over €18 million requested for CEF eDelivery, eInvoicing & eTranslation


The Innovation and Networks Executive Agency (INEA) has received 35 project proposals by the 18 September deadline for the CEF Telecom 2018-2 call, requesting over €18 million in total EU funding. The total available budget for the call is €10.5 million. Evaluation of the project proposals with the help of external experts will start in October.

Admissibility and eligibility of the project proposals will now be checked and the proposals will then be evaluated against the specific award criteria of the call. The evaluation process, which will involve external experts, is expected to be concluded by November when the final results will be announced.  


CEF Telecom 2018-2

Proposals received

Requested budget

Available budget

Oversubscription rate

eTranslation (Automated Translation)

11

€8,964,037

€5,000,000

1.79

eDelivery

5

€829,330

€500,000

1.66

eInvoicing

19

€8,238,483

€5,000,000

1.65


Total


35


€18,031,850


€10,500,000


1.72

Updated figures for 2018 Q2 on the CEF Dashboard
Thomas FILLIS posted on Sep 19, 2018

Updated figures for 2018 Q2 on the CEF Dashboard


The European Commission has published new figures for the second quarter of 2018 regarding the update of Digital Service Infrastructure (DSIs) financed through the Connecting Europe Facility (CEF).

The figures show that their adoption is rising steadily. These figures can be consulted directly on the CEF Dashboard.

Focusing on the sectorial DSIs, Online Dispute Resolution (ODR), the European Single Procurement Document (ESPD) and the European Data Portal have reached all-time highs in terms of their respective uptake.


Diving deeper into the aforementioned DSIs, ODR is now connected to a total of 387 resolution bodies across 29 countries. In terms of use, ODR has now received over 750,000 complaints from consumers since its launch in February 2016.

Secondly, 19 countries have deployed the European Single Procurement Document (ESPD), which is supported by the eProcurement DSI. In terms of use, the ESPD website received 412,817 unique visitors during last quarter, the highest number since the launch of the ESPD.

Finally, the European Data Portal financed by the Public Open Data DSI is continuing to grow. It now facilitates access to over 856,762 datasets from 34 countries. In terms of use, the number of dataset downloads has also reached an all-time high with 15,056 downloads in the second quarter of 2018 alone.

The European Commission updates the CEF Dashboard on a quarterly basis with new data and features to improve the visibility on the progress made by the DSIs and to enhance transparency.

To find out more visit the Monitoring Dashboard, the Reuse Watch and CEF Digital 2018.

GOV.UK Verify eID scheme pre-notified under eIDAS
Thomas FILLIS posted on Sep 11, 2018

GOV.UK Verify eID scheme pre-notified under eIDAS

European Commission, 2018

On 28 August 2018, the European Commission announced that the United Kingdom has pre-notified GOV.UK Verify, a nationally-issued eID scheme based on a federation of private identity providers.

The pre-notification is the first step in a process that would enable citizens residing in the UK to use their GOV.UK Verify credentials to access public services in other Member States. This would make cross-border interactions easier and more secure for UK-based citizens. The UK is the ninth Member State to pre-notify its national eID scheme, following Germany’s successful notification in September 2017, and the pre-notifications from Italy, Spain, Luxembourg, Estonia, Croatia, Belgium, and Portugal.

The mutual recognition of eID schemes across Europe is mandated by Regulation (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market (commonly known as the eIDAS Regulation). The Regulation states that by 29 September 2018 all online public services requiring electronic identification assurance corresponding to a level of 'substantial' or 'high' must be able to accept the notified eID schemes of other EU countries. 

GOV.UK Verify allows British citizens and to other individuals legally residing in the UK to digitally prove their identity online to access eGovernment services and for example apply for a universal credit, check your income tax, check your state pensions, etc.. Soon additional services will be made available such as signing your mortgage deed, sign in to view your total reward statement.


The eID scheme is relying on seven certified companies (Barclays, CitizenSafe, Digidentity, Experian, Post Office, Royal Mail, and SecureIdentity) that can verify the identity of users and issue the necessary credentials to identity and authenticate oneself online. All provides a different set of services and prices to accommodate the needs of different customer segments. In a country were no national identification system is in place, GOV.UK Verify is providing a convenient option to UK citizens and residents.

Following the British pre-notification, the other Member States participating in the Cooperation Network may peer-review GOV.UK Verify (if requested by the UK). The actual notification of the eID scheme should then follow within six months. Other Member States have to recognise a notified eID scheme at the latest 12 months after the publication of the notification in the Official Journal of the European Union.

The Connecting Europe Facility (CEF) eID Building Block primarily supports the Member States in the roll-out of the eIDAS Network (the technical infrastructure which connects national eID schemes). CEF eID is a set of services (including software, documentation, training and support) provided by the European Commission and endorsed by the Member States, which helps public administrations and private Service Providers to extend the use of their online services to citizens from other European countries.


Publication of Trust Models Guidance: learn what's the best option for your project
Thomas FILLIS posted on Sep 11, 2018

Publication of Trust Models Guidance: learn what's the best option for your project

European Commission

The CEF eDelivery team is happy to announce the publication of the Trust Model Guidance document to help businesses and public administrations to make an informed decision on the trust model to operate when using the Connecting Europe Facility (CEF) eDelivery Building Block.

This document is a key resource to facilitate the choice of the best fitting trust model for projects aiming to use CEF eDelivery. It lists organisations' general requirements and the assessment of the different trust models is based on expert opinion and industry good practices.

A trust model is a collection of rules that ensure the legitimacy of the digital certificates used by the CEF eDelivery components. Digital certificates enable the identification of the organisations using eDelivery and are instrumental for the authenticity, confidentiality, integrity and non-repudiation of the information. Different trust models are available based on different trust anchor models and different rules to create, manage, distribute, store and revoke the digital certificates.

A trust anchor represents an authoritative entity via a public key and associated data. The public key is used to verify digital signatures, and the associated data is used to constrain the types of information for which the trust anchor is authoritative. A relying party uses trust anchors to determine if a digitally signed object is valid by verifying a digital signature using the trust anchor's public key, and by enforcing the constraints expressed in the associated data for the trust anchor.

This document considers four alternative trust models that can be used in any implementation of CEF eDelivery:

  • Dedicated Domain PKI: in this model, digital certificates are associated to a single trust anchor. In this case, the trust anchor serves a single domain i.e. it is a dedicated anchor.
  • Shared Domain PKI: in this model, digital certificates are associated to a single trust anchor. In this case, the trust anchor serves multiple domains i.e. it is a shared anchor.
  • Mutual exchange: this model relies on digital certificates from different trust anchors. As there is no single trust anchor, organisations use the trust anchor of their choice (typically, according a set of well-defined criteria).
  • Domain trusted lists: this model relies on a list containing the trusted certificates and/or trust anchors complying with a common domain policy. As a result, organisations are free to choose their preferred trust anchor from that list.

This document relates to the Security Controls guidance document also also available on CEF Digital 2018.


CEF eDelivery Accelerates Swedish 'Secure Communication' Project
Thomas FILLIS posted on Sep 11, 2018

CEF eDelivery Accelerates Swedish ‘Secure Communication’ Project

European Commission

Swedish authorities have started working on “Säker digital kommunikation/Secure Digital Communication”, a project that helps ensure simpler and safer exchange of information between authorities.

Several municipalities, county councils, regions and authorities collaborate to provide secure digital communication. The project was launched in 2017 and is expected to run through 2020. It is currently still in the planning phase but plans to launch its pilots in 2019.

Secure Digital Communication is necessary because a majority of information exchanged daily between municipalities, local councils, regions and state authorities is of a sensitive nature and must be treated securely. Today information exchange is often still by letter, telephone, e-mail or fax. These methods take time and many people are unsure whether their information is handled securely. The digitalisation of such communication provides valuable methods to ensure increased security.

The Connecting Europe Facility (CEF) eDelivery building block is facilitating this project. CEF eDelivery enables the project to reuse existing standards, saving the Swedish team costs and time throughout this project.  CEF has supported the project in setting up the infrastructure (AP, SML, SMP) for their test environment. The project is working according to a Platform as a Service (PaaS) and Continuous integration/continuous delivery (CI/CD) concept, in order to make the infrastructure cost efficient and scalable.

You can read more on the project website (in Swedish) here.


The Danish National Archives leads the way on standardised digital archiving in Europe
Sophia Bunemann posted on Sep 05, 2018

The Danish National Archives leads the way on standardised digital archiving in Europe


Like many record-keeping institutions in Europe, the Danish National Archives (DNA) needed a robust technical solution to handle large archives of digital records.

With more than 5,100 databases in their inventory, the DNA processes over 220 databases every year. This equated to 22 terabytes of data in 2017 alone.

Recognising the need for technical expertise, the DNA participated in a pan-European project that would achieve consistency for record-keeping technology, systems and practices across all Member States.


Introducing E-ARK

The European Archival Records and Knowledge Preservation (E-ARK) set out to develop technical specifications, methods and tools that could be available to all Member States at a lower cost, and higher quality.

The project brought together experts in national archiving, research and IT from across the European Union. Enabling open collaboration between people drawn from a wide pool of expertise, E-ARK resulted in common open technical specifications and open source tools for digital archiving.

These tools and specifications have formed the basis of our CEF Building Block, eArchiving. It is available to public administrations, EU institutions and private sector organisations.

"eArchiving facilitates a universal set of standards and specifications for transmitting, describing and preserving digital data. For us, this will remove the obstacle of different standards and specifications that exists for archives wanting to collaborate on shared solutions."

Phillip Mike Tømmerholt
IT-project leader and data manager 
Danish National Archives


A scalable solution

During the project, the DNA collaborated closely with the Swiss Federal Archives and KEEP Solutions to create an updated version of the open format Software Independent Archiving of Relational Databases (SIARD). This update provides new features and better scalability.

KEEP Solutions also developed two open source toolkits to facilitate the migration of databases from proprietary formats such as Oracle to SIARD. The Database Visualization Toolkit uses new search technology combining relational and non-relational archiving techniques. In combination with the eArchiving Building Block, it can replace the existing DNA approach and become a new de facto solution for anyone needing to access archived databases.

 

Faster processing times

New archiving search technologies developed by the Austrian Institute of Technology also enabled faster ingestion of archives, and rapid search through the entire digital archival collection.

With the support of the eArchiving Building Block, open specifications such as SIARD enable the DNA to move to open specifications using open source tools. The transformation will occur over the coming years, save time, and reduce costs significantly.


Ask a question

Are you working on a digital archiving project? Contact the DNA at mailbox@sa.dk for further information.


Are you ready for eArchiving in public institutions?


Explore More Success Stories and Content

Error rendering macro 'newsteaser'

com.atlassian.confluence.search.v2.ContentSearch.getSearchFilter()Lcom/atlassian/confluence/search/v2/SearchFilter;

CEF eArchiving

CEF eArchive service offering canvas

CEF eInvoicing Publishes Updated Country Factsheets
Thomas FILLIS posted on Sep 04, 2018

CEF eInvoicing Publishes Updated Country Factsheets


The European Commission has published updated Connecting Europe Facility (CEF) eInvoicing country factsheets. The factsheets have been prepared and updated thanks to close cooperation with Member State experts in the European Multi-Stakeholder Forum on eInvoicing (EMSFEI).

Every European country has a unique approach to dealing with eInvoicing. Each country factsheet provides a useful and regularly updated guide to Member States’ policy frameworks, eInvoicing platforms (if existing) and approach for receiving and processing eInvoices.

                                  

The updated country factsheets also highlight the great efforts made by central, regional and local authorities in transposing Directive 2014/55/EU (on eInvoicing in public procurement) into national law.

The Directive called for the creation of a European standard on eInvoicing. The standard makes it possible for sellers to send invoices to many customers by using a single eInvoicing format and thus not have to adjust their sending and/or receiving to connect with individual trading parties.


You might also be interested in registering for the 'CEF eInvoicing Webinar #12 - Learn from other countries' eInvoicing implementations' on Thursday, 4 October 2018 - 10:30 - 12:00 (CET). Experts from various European countries involved in the implementation of the Directive and standard on electronic invoicing will be sharing their hands-on experience in eInvoicing implementation.

The CEF eInvoicing building block serves to support public administrations in complying with the aforementioned eInvoicing Directive, and helps solution providers adapt their services accordingly. To do so, CEF eInvoicing makes the following services available:

  • eInvoicing Service Desk
  • eInvoicing on-site and remote Trainings
  • eInvoicing Readiness Checker
  • eInvoicing Conformance Testing