Governments continuously work on their service offerings and improvements to their infrastructure and efficiency at local, state and federal government level.
Examples of this are as diverse as the X-Road project in Estonia that aims to provide comprehensive and secure online services for citizens, new regulations simplifying the digitaization and standardization of business activities and citizen services, such as eIDAS, or ICAO compliant ePassport validation and border control.
Utimaco’s portfolio for the public sector comprises
We provide the required hardware Root of Trust and support governments & the public sector with solutions that
The International Civil Aviation Organization (ICAO) works to reach standards and recommended practices (SARPs) for an efficient and secure execution of flights worldwide. This includes machine-readable travel documents (MRTD), such as the ePassport. The electronic passport contains a chip with biographical information and the issuing country’s unique digital signature. Validating an ePassport at an international border consists of verifying the authenticity of its chip with the issuing country’s CA (certificate authority). The ICAO Public Key Directory (PKD) is a centralized database that facilitates the exchange of information and digital certificates between countries to enable fast and secure authentication of ePassports.
In this context, the Ministry of Security and Justice of the Netherlands uses Utimaco HSMs to facilitate border control. The ICAO-compliant solution provides different levels of access to the (biometrical) data stored on the chip of e-documents for verification and validation of the document holder’s identity.
Governments have introduced regulations around fiscalization and electronic invoicing to control tax payments and have solid audit options at hand. Regulations are very country-specific but mandatory for businesses of all kinds & sizes in many countries. E-invoices and their digital signatures need to go through authentication and validation by the governments’ tax authorities, which is a often a challenge. More detailed information about country-specific regulations here.
HSMs play a major role as Root of Trust within all the above-mentioned applications and processes. The German solution is also supported by Utimaco’s SecurityServer TSE.
Smart nation and smart city initiatives are emerging all over the world, with the aim to improve the management of public services, transportation and traffic, availability of (natural) resources and their disposal, as well as healthcare and public safety. As an example, Singapore’s Smart Nation initiative was launched at the end of 2014 and has since then successfully achieved various milestones. Since 2017, Singapore has addressed five Strategic National Projects to further build their smart nation:
Read more about this subject in our “Hardware Security for Smart City & Smart Nation Concepts” white paper.
The European eIDAS regulation, which replaced the eSignature directive and came into effect on July 1st, 2016, promotes cross-border recognition & legal validity of national eIDs and electronic trust services (eTS) within the EU.
The deadline for the cross-border recognition of eIDs is September 29th, 2018.
Utimaco is at the forefront of providing eIDAS compliant HSM solutions, with their Se-Series Gen2 CP5 HSM currently being certified according to Common Criteria (CC) protection profile EN 419 221-5 [PP_CMTS]. The Se Gen2 CP5 HSM builds the basis for compliant signatures and other trust services.