The Interoperability Security and Privacy viewpoint models the most salient Architecture Building Blocks related to both security and privacy in the domain of interoperability. Citizens and businesses must be confident that when they interact with public authorities they are doing so in a secure and trustworthy environment and in full compliance with relevant regulations, e.g. the Regulation and Directive on data protection, and the Regulation on electronic identification and trust services. Public administrations must guarantee the citizens’ privacy, and the confidentiality, authenticity, integrity and non-repudiation of information provided by citizens and businesses.
Security and privacy are primary concerns in the provision of public services. When public administrations and other entities exchange official information, the information should be transferred, depending on security requirements, via a secure, harmonised, managed and controlled network. Transfer mechanisms should facilitate information exchanges between administrations, businesses and citizens. Appropriate mechanisms should allow secure exchange of electronically verified messages, records, forms and other kinds of information between the different systems; should handle specific security requirements and electronic identification and trust services such as electronic signatures/seals creation and verification; and should monitor traffic to detect intrusions, changes of data and other type of attacks.
Source: The New EIF
https://ec.europa.eu/isa2/sites/isa/files/eif_brochure_final.pdf
Narrative: This viewpoint selects Architecture Building Blocks from the five different view highlighting the Security and Privacy aspects of the EIRA©:
1. The selected Architecture Building Block of the legal view show the [Public Policy], which is that mainspring of the solution
2. The selected Architecture Building Block of the organisational view show that a [Security and Privacy Framework] is a specialisation of a [Security and Privacy Policy] which on its turn is a specialisation of an [Organisational Policy]. The [Organisational Policy] is influenced by the [Public Policy].
3. The selected Architecture Building Block of the semantic view shows the [Data Policy] which is a specialisation of an [Organisational Policy].
4. The selected Architecture Building Blocks of the technical views show that a [Public Policy] is supported by an [Interoperable European Solution] which uses a [Digital Service Infrastructure]. An [Interoperable European Solution] is associated with a [Machine to Machine Interface] and a [Human Interface]. An [Access Management Service], which is realised by an [Access Management Component], and an [Audit Service], which is realised by an [Audit Component] are defined as [Application Security Enablers]. [Data Policies] and a [Security and Privacy Framework], which is a specialisation of a [Security and Privacy Policy], are [Organisational Policies] that are influenced by the [Public Policy]. [Infrastructure Security Enablers] such as [e-Signature Creation Service], [e-Seal Creation Service], [e-Timestamp Creation Service], [e-Signature Verification and Validation Service], [e-Seal Verification and Validation Service], [e-Timestamp Verification and Validation Service], [e-Signature Preservation Service], [e-Seal Preservation Service] and [Registered Electronic Delivery Service], which are all realised by a [Trust Service Provisioning Component] are modelled as [Infrastructure Security Enablers], as well as the [Data Exchange Service] realised by the [Data Exchange Component], the [Identity Management Service] realised by the [Identity Management Component] and the [Trust Registry Service] realised by the [Trust Registry Component].
5. The selected Architecture Building Block of the EIF Underlying Principles view show that [Interoperability Specifications] realise [Interoperability Principles], the general intended properties used to achieve interoperability, of which the [Security and Privacy Principle] is a specialisation. The interoperability Specifications can be used to define the interoperability aspects for any of the Architecture Building Blocks.
|
|
dct:title | Interoperability Security and Privacy viewpoint |