Cybersecurity is a vast domain for government bodies and agencies – not only when it comes to protecting national security, but also with regards to citizen- and business-related services.
Utimaco HSMs as a versatile solution for government bodies and agencies
Governments continuously work on their service offerings and improvements to their infrastructure and efficiency at local, state and federal government level. Examples of this are as diverse as the X-Road project in Estonia that aims to provide comprehensive and secure online services for citizens, new regulations simplifying the digitalization of business activities, such as eIDAS, or ICAO compliant ePassport validation and border control. In many such cases, Utimaco Hardware Security Modules (HSMs) provide the required hardware Root of Trust and support governments with any PKI-based or cryptographic process, authentication mechanisms, PKI applications as well as signature creation capabilities.
How smart nations improve their citizens’ lives
Smart nation and smart city initiatives are emerging all over the world, with the aim to improve the management of public services, transportation and traffic, availability of (natural) resources and their disposal, as well as healthcare and public safety. As an example, Singapore’s Smart Nation initiative was launched at the end of 2014 and has since then successfully achieved various milestones. Since 2017, Singapore has addressed five Strategic National Projects to further build their smart nation:
- National Digital Identity (NDI)
- E-Payments for fast, seamless and safe payments
- Smart Nation Sensor Platform (SNSP) to accelerate the deployment of IoT sensors
- Smart Urban Mobility to enhance (public) transportation
- Moments of Life, bundling government services across agencies
Read more about this subject in our “Hardware Security for Smart City & Smart Nation Concepts” white paper.
The implementation of eIDAS as a key driver of eID and eTS interoperability
The European eIDAS regulation, which replaced the eSignature directive and came into effect on July 1st, 2016, promotes cross-border recognition & legal validity of national eIDs and electronic trust services (eTS) within the EU.
The deadline for the cross-border recognition of eIDs is September 29th, 2018.
- The Dutch eIDAS 2018 Municipalities Project is one of the first actual implementations of the eIDAS principles, providing access to public services for foreigners starting with Austrian, German and Belgian eID holders.
- Another leading e-government example in Europe is Estonia and its e-Estonia Named “the most advanced digital society of the world”, the country has successfully managed its digital transformation for the past 20 years. Estonia now has nearly 1.3 million eID cards. What’s more, 99% of public services are available online 24/7 and 95% of electronically filled tax declarations as well as medical data are stored in e-Health records. The backbone of the Estonian e-government solution is the Data Exchange Layer X-Road, which uses Utimaco HSMs as Root of Trust.
- Remote server signing based on a signature activation module (SAM) will make banking transactions safer and faster in the future. As a concept, remote signing speeds up and simplifies processes such as signing contracts, opening an account or issuing insurance policies. Bank-Verlag and achelos are currently developing such a SAM together with Utimaco, read more here (German).
Utimaco is at the forefront of providing eIDAS compliant HSM solutions, with their Se-Series Gen2 CP5 HSM currently being certified according to Common Criteria (CC) protection profile EN 419 221-5 [PP_CMTS]. The Se Gen2 CP5 HSM builds the basis for compliant signatures and other trust services.
Border control & ePassport validation facilitated by Hardware Security Modules
The International Civil Aviation Organization (ICAO) works to reach standards and recommended practices (SARPs) for an efficient and secure execution of flights worldwide. This includes machine-readable travel documents (MRTD), such as the ePassport. The electronic passport contains a chip with biographical information and the issuing country’s unique digital signature. Validating an ePassport at an international border consists of verifying the authenticity of its chip with the issuing country’s CA (certificate authority). The ICAO Public Key Directory (PKD) is a centralized database that facilitates the exchange of information and digital certificates between countries to enable fast and secure authentication of ePassports.
In this context, the Ministry of Security and Justice of the Netherlands uses Utimaco HSMs to facilitate border control. The ICAO-compliant solution provides different levels of access to the (biometrical) data stored on the chip of e-documents for verification and validation of the document holder’s identity.
Electronic invoicing – secured by HSMs – to fight tax fraud and evasion
Governments of many Latin American countries have introduced regulations around electronic invoicing to control tax payments and have solid audit options at hand. Regulations are very country-specific but mandatory for businesses of all kinds & sizes in many countries. E-invoices and their digital signatures need to go through authentication and validation by the governments’ tax authorities, which is a challenge especially for multi-national companies operating in multiple Latin American countries. More detailed information about country-specific regulations here.
In most European or Asian countries, electronic invoices can exist with only a timestamped digital signature for authenticity and appropriate archiving options.
HSMs play a major role as Root of Trust within all the above-mentioned applications and processes.
If you have questions regarding these applications and use cases, please get in touch with us at hsm@utimaco.com or via below contact form. We provide assistance with selecting the most appropriate HSM solution for your requirements.
