Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- D4.1: Structured account of approaches on interoperability.
- D4.2: Set of requirements for interoperability of Identity Management Systems.
- D4.4: Survey on Citizen's trust in ID systems and authorities.
- D4.5: A Survey on Citizen’s trust in ID systems and authorities.
- D4.6: Draft best practice guidelines.
- D4.7: Review and classification for a FIDIS identity management model.
- D4.8: Creating the method to incorporate FIDIS research for generic application.
- D4.9: An application of the management method to interoperability within e-Health.
- D4.10: Specification of a portal for interoperability of identity management systems.
- D4.11: eHealth identity management in several types of welfare states in Europe.
- Profiling.
- Forensic Implications.
- HighTechID.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D4.2: Set of requirements for interoperability of Identity Management Systems
 |
FIDIS ACTIONS AND RELATIVE IMPORTANCE AT THE TECHNICAL, LEGAL AND CULTURAL LEVELS |
 |
Actions and relative importance at the technical, legal and cultural levels
Technical:
At the technological level, there is the feeling that the development of common technical standards would help interoperability (Leitold, Weck).
It will be of importance which level of technical detail these standards define. One recommendation should be to define the technical standards at the highest possible level: at the policy level rather than on the IT artefact level.
The standardization is necessary because the current methods for verifying IDs, such as providing a utility bill or a driver’s licence are not adequate in today’s market to prevent fraud (Drew). The consequence of not having an accurate system (for identity checking and verification) will be that we will get duplicates. This in turn will affect people’s entitlement.
Other tools, such as the development of the ‘Universal Message Engine’ tool will be necessary to make different systems and languages interoperate. It is obviously also important to have user-friendly systems because low trust in new technology often comes from poor usability.
Legal:
The challenge to create an interoperable environment in IMS is huge. For some experts, there is the feeling that there will probably never be a global system. Even a European identity system seems – politically - a rather big challenge.
Recommendations or also regulations to utilise specific standards could be issued to accomplish interoperability, but also funding will support it. Moreover, Mr Sel underlines the fact that interoperability requires open standards. Open standards should be promoted and in some cases be required (see for example, the recent actions of the EU Commission towards Microsoft). Nevertheless, policy decisions need to be taken. Within the EU community, a policy decision as to the use of smart cards as ID carrier and management tool as opposed to checks against centralised databases seems to have been taken. Smart cards are preferred because the user has more control over the use of her/his identity information. This is an important policy decision.
However, Mr. Leitold is not convinced that the EU member states are yet in the position to discuss the legal domain of eID interoperability. For him, the member states have still to engage in a serious discussion on the policy level. This has not yet happened. It is true that there are some research efforts such as GUIDE or FIDIS but there is no broad discussion taking place.
Cultural:
The experts proposed several actions to help interoperability but they do not seem all to take into account the impact of the cultural aspects.
For Mr Sel, it is by showing the cultural benefits of interoperability that interoperability could be improved. The IMS systems could be used to facilitate or promote skills, for example, learning languages. For others, the countries have to decide for themselves whether and what kind of national identity solution they want to implement and at a second stage they can discuss European consequences. Others also think that increased pressure should be put on manufacturers to implement standards precisely. For example, Microsoft frequently implemented standards, but they had a snag, i.e. they had proprietary properties to make the interoperability with competitor’s products fail.
Importance of the 3 factors:
Although the experts agree on the main actions to be undertaken at the different levels, their views are not similar when it comes to their rating. It is therefore interesting to list the different approaches.
Mr. Leitold ranks the cultural/institutional factor as the first in terms of importance; he considers the policy aspect as being also very important; legal and technical aspects follow. This order is explained by the fact that eID projects are high profile projects, politically very controversially discussed and extremely costly. Therefore, a country has to create a vision first before it can think about a specific solution.
As national eID solutions often challenge constitutional rights and deal with the very basic rules of democratic society, no decision can be made on EU level in the first place – only in a second step after the member countries made their individual decision.
As an example Mr. Leitold points to the failure of eTEN. eTEN is the European Community Programme designed to help the deployment of telecommunication networks based services with a trans-European dimension (Information Society and Media DG 2005d). The program is split into the following six research areas: egovernment, ehealthcare, eInclusion, eLearning, Services for SMEs (eBusiness), and Trust and Security services components. eTEN focuses heavily on the legislative level as well as on the technical level. However, it hardly addresses issues at the informal level and it is found that eTEN has low relevance to interoperability (Freh 2005). Mr. Leitold confirms that this analysis is correct and he outlines that because of the missing discussion on the policy level eTEN was doomed to fail from the outset.
Mr Sel puts in another perspective. First of all, for him policy decisions need to be taken and the legal framework should allow or facilitate the development of interoperable IMS. The legal and policy factors are therefore to be seen as the basis and the prime factors to deal with. Almost at the same time, technology needs to come up with answers and solutions to problems of operability. If the technology is not there, there is no need to consider the interoperability of IMS issue at the legal or policy level. Finally, institutional and cultural acceptance of the interoperability conclude the development towards interoperable IMSs. We see that Mr Sel puts importance on the fact that technical aspects must be present to allow the development of the others. So does Mr Weck who underlines that technological level is the most important, then the legal/policy level follows and finally the cultural/institutional.
Another element was presented by Mr Lindmo. Mr Lindmo said that the most important thing to understand is not the technical side of the ID market. To fully understand ID markets one must understand the concept of two-sided markets. Lindmo then refers to the importance of considering both aspects to ensure success of electronic IDs as “two-sided markets”.
In the ID market, the two sides that need to be considered are:
- those who receive an ID
- those who must trust another’s ID
Simply resolving the technical side of interoperability is not enough. Lindmo emphasized that the other aspects mentioned are the more challenging hindrances to successful interoperability.
| |
   |
|
| Denis Royer | 17 / 43 |
