Citizen portal
A citizen portal forms an electronic communication platform on the Internet. Its services are intended to enable secure electronic business transactions for everyone and to develop the Internet as a means of legally binding and confidential action.
A citizen portal enables secure registration, the use of a mailbox and mailing service for secure electronic mail and the use of a directory service and, optionally, identity confirmation and storage space services. It is to be operated by an accredited service provider.
As part of the realignment of the federal financial equalization system by 2020, the federal and state governments want to make administrative offers available online via a uniform online portal. To this end, the federal and state governments want to enact open data laws that make the necessary data available and usable.
In Germany's De-Mail planned to in the following we focus.
Registration and identification
Any natural or legal person can use the services of the Citizen Portal after registering and identifying with the Citizen Portal Service Provider.
Access to the citizen portal
After a successful registration process, the citizen portal service provider will set up a user account for the user in which the information about his identity is stored. He will also be given his electronic citizen portal address in the form of an email address .
The users should be given the opportunity to use the services of the citizen portal with standard software. In addition to access using an Internet browser via a web portal , the most common e-mail clients should also be supported for accessing the mailbox and sending messages by e-mail .
Scope of service
The following services are to be offered by a citizen portal:
- A post office box service , an electronic mailbox. In the future, the citizen portal address is to fulfill a function similar to that of the registration address. This is closely related to the binding sending of e-mails to the user
- Shipping service available. It enables a message to be sent in a citizen portal and corresponding confirmation to be obtained that this e-mail has been delivered. These services are implemented with De-Mail .
- The De-Safe document safe is intended to provide users with a means of long-term storage and management of their electronic documents. The user should be able to keep these documents there safely, without data loss, over a long period of time and, above all, reliably with regard to availability. In the future, it should also be able to allow third parties authorized by it limited access to the stored documents.
- An authentication service is intended to reliably authenticate the user for third parties who want to contact the user.
safety
A citizen portal should have defined security goals with regard to
- confidentiality
- authenticity
- Integrity and
- Traceability
to reach.
In order to achieve these goals, documents and data, immediately after they have been transferred by a user to the citizen portal via an SSL-encrypted communication channel, should be forwarded from the citizen portal in an encrypted and integrity-protected manner to the recipient's document safe. Only immediately before the data is transmitted to the recipient does the citizen portal decrypt the data, check the integrity and finally transmit it to a client application of the user, e.g. via a secure communication channel, for display. B. a web browser or an email client.
criticism
The draft law presented by the Federal Cabinet received considerable criticism from the side of data protection . The entry of a De-Mail address in the population register and the consequences for citizens are not clearly recognizable. The sender of a De-Mail cannot be determined with certainty, since the sender can only be verified by registering on the citizen portal. A De-Mail generated by a Trojan horse cannot be recognized as such. The minimum requirements to be met by the service providers certified according to the regulations of the planned data protection audit should be specified as binding. The conference of the data protection officers of the federal and state governments summarized an abundance of criticisms in a resolution of April 16, 2009.
The Federal Council also criticized the draft law in its opinion.
Web links
- "Citizen portals project" at the Federal Government Commissioner for Information Technology
- Draft of a law regulating citizen portals (PDF; 461 kB)
- Federal data protection officer Schaar sees room for improvement in the Citizens Portal Act
- Statement of the Federal Council on the government draft of the Citizens Portal Act (PDF; 57 kB)
- Resolution of the data protection conference of April 16, 2009: Inadequate data protection in the planned citizen portal ( Memento of February 12, 2010 in the Internet Archive )
See also
Individual evidence
- ↑ Federal Government | News | Conference of the heads of government from the federal and state levels on October 14, 2016 in Berlin - decision. In: www.bundesregierung.de. Retrieved October 14, 2016 .