Open Signature Initiative aims at improving transparency and interoperability
Leading European institutions, associations, enterprises and projects including ENISA, EEMA, BSI, TeleTrusT, GI/BIOSIG, SK, Open eCard, FutureID, STORK 2.0, AuthentiDate, CCESigG, ecsec, GAD, G&D, intarsys, OpenLimit, Procilon, Thames Stanley and Trustable have recently joined forces to launch the non-profit Open Signature Initiative. This initiative complements the efforts of the European Commission with respect to the proposed eIDAS Regulation [COM(2012) 238 final] and aims at improving transparency and interoperability with respect to electronic signatures across Europe.
Directory of Signature Creation Devices open for registration of devices
Today an important milestone has been reached. During the “Information Security Solutions Europe” (ISSE) conference, which took place on October 22nd and 23rd 2013 in Brussels, the Open Signature Initiative introduced the “Directory of Signature Creation Devices”, which is hosted by the Open Signature Initiative in order to share information with respect to Signature Creation Devices available in the market. “We cordially invite smart card issuers and vendors to expose their devices in a standardized manner such that they can be easily integrated and utilized across Europe”, states Dr. Detlef Hühnlein, CEO of ecsec GmbH and coordinator of the Open Signature Initiative. “Providing an XML-based CardInfo-file according to ISO/IEC 24727-3 enables standard compliant components to use the card without additional integration efforts.”
EU-funded FutureID project offers free CardInfo descriptions for selected devices
Issuers which do not want to create these descriptions themselves may alternatively provide test cards and register at http://update.opensignature.org/issuers/new and thereby apply for free CardInfo-file creation. The FutureID research project (http://FutureID.eu) is funded under the ICT theme of the 7th Framework Programme of the European Commission and aims at building a comprehensive, flexible, privacy-aware and ubiquitously usable infrastructure for identity management and electronic signatures in Europe. This project is coordinated by Fraunhofer IAO and comprises a work package for the creation of CardInfo-files according to ISO/IEC 24727-3. “The FutureID project is proudly supporting the Open Signature Initiative and issuers of signature creation devices across Europe with the creation of CardInfo-files.”, states Dr. Heiko Roßnagel, project manager of the FutureID project. “As the available resources within FutureID will only allow to create a limited number of CardInfo-files, it is strongly recommended to register as soon as possible.”
European Union Agency for Network and Information Security (ENISA) – (www.enisa.europa.eu)
The European Union Agency for Network and Information Security (ENISA) is a centre of network and information security expertise for the EU, its member states, the private sector and Europe's citizens. ENISA works with these groups to develop advice and recommendations on good practice in information security. It assists EU member states in implementing relevant EU legislation and works to improve the resilience of Europe's critical information infrastructure and networks. ENISA seeks to enhance existing expertise in EU member states by supporting the development of cross-border communities committed to improving network and information security throughout the EU.
European Association for eIdentity and Security (EEMA) – (www.eema.org)
For 25 years, EEMA has been Europe’s leading independent, non-profit e-Identity & Security association, working with its European members, governmental bodies, standards organisations and interoperability initiatives throughout Europe to further e-Business and legislation.
Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI) – (www.bsi.bund.de)
The Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI) is the German government agency in charge of managing computer and communication security for the German government. Its areas of expertise and responsibility include the security of computer applications, Internet security, cryptography, certification of security products, public documents, electronic healthcare and smart metering.
TeleTrusT – IT Security Association Germany (www.teletrust.de)
TeleTrusT is a widespread competence network for IT security comprising members from industry, administration, research as well as national and international partner organizations with similar objectives.
GI/BIOSIG – Special Interest Group Biometrics and Electronic Signatures within GI e.V. (www.biosig.org)
The special interest group “Biometrics and Electronic Signatures” (BIOSIG) within the German Computer Science Society (Gesellschaft für Informatik) GI e.V. is dedicated to the fundamentals, methods, techniques, processes and implementations used to guarantee the authenticity and integrity of entities.
Estonian Certification Centre (AS Sertifitseerimiskeskus, SK) (www.sk.ee)
SK (Certification Centre, legal name AS Sertifitseerimiskeskus) is Estonia's primary and currently the only certification authority (CA), providing certificates for authentication and digital signing to Estonian ID Cards as well as wireless PKI service Mobile-ID. Established in February 2001 by two leading Estonian banks Swedbank and SEB plus two telecom companies, Elion and EMT (members of the TeliaSonera group), SK has the backing of Estonian and Nordic financial and telecom sector.
FutureID Project (www.futureid.eu)
The EU-funded FutureID project builds a comprehensive, flexible, privacy-aware and ubiquitously usable identity management infrastructure for Europe, which integrates existing eID technology and trust infrastructures, emerging federated identity management services and modern credential technologies to provide a user-centric system for the trustworthy and accountable management of identity claims.
Open eCard Project (www.openecard.org)
The Open eCard Team consists of industrial and academic experts, who have joined forces to provide an Open Source and platform-independent implementation of ISO/IEC 24727, such that arbitrary applications can easily access arbitrary smart cards for authentication and signature purposes. A first result of the project is the Open eCard App, which provides an Open Source alternative to proprietary eID clients.
STORK 2.0 Project (www.eid-stork2.eu)
STORK 2.0 (Secure idenTity acrOss boRders linKed 2.0) aims to extend to organisations the benefits of secure cross-border electronic authentication and identification while offering them and European citizens new services and solutions based on electronic identity. So it builds on the success and results of STORK by taking further steps to decisively push the lines for wider uptake of eID in Europe, aiming at realizing a single European electronic identification & authentication area. STORK 2.0 will implement four new Pilots focused on strategic eLearning & Academic Qualifications, eBanking, Public Services for Business and eHealth areas.
AuthentiDate International AG (www.authentidate.de)
AuthentiDate International AG, a member of exceet, is one of the leading vendors throughout the business segments of "Secure Data Exchange" and "Secure eHealth". As the inventor of the central mass signature, AuthentiDate offers innovative e-Invoicing business process solutions, software, cloud services (SaaS) and consulting services using electronic signatures and timestamps. Leading global companies, such as Air Products, Alcatel-Lucent, Bosch, Deutsche Bahn, Dow Chemical, E.ON, EnBW, Honda, John Deere, METRO Group, Roche, SABIC, Solvay, TÜV, Deutsche Telekom, United Internet benefit from AuthentiDate products and cloud services for many years. Within the AuthentiDate e-Invoicing network, more than 50 million of electronic invoices are processed each year. AuthentiDate International AG is a certification service provider, accredited by the German Federal Network Agency (BNetzA) and operates a trust center according to the strict regulations of the German Signature Law and EU Signature Directive.
Competence Center for Electronic Signatures in Health Care (www.ccesigg.de)
The Competence Center for Electronic Signatures in Health Care (Competence Center für die elektronische Signatur im Gesundheitswesen, CCESigG) was established in 2009 in order to advance methods and solutions with respect to electronic signatures in health care environments. Among the main focal areas of the CCESigG are the advancement of interoperability between components, the integration of electronic signature technology in health care processes and the replacing scanning of documents.
ecsec GmbH (www.ecsec.de)
ecsec GmbH is a specialised provider of innovative solutions in the areas of IT security, smart card technology, identity management and electronic signatures. Based on the long lasting experiences gathered in various smart card projects with international reach ecsec belongs to the leading providers in this area and supports well-known customers during the conception and realisation of tailor-made solutions.
GAD eG (www.gad.de)
GAD is a leading specialist for providing banking IT services in the German-speaking region. GAD is IT consultancy and competence center, application software development company and data processing center for 430 Volksbanken & Raiffeisenbanken as well as retail banks in the German-speaking region. Centerpiece of GAD´s IT solutions is bank21, a comprehensive banking solution with fully integrated business processes for sales, controlling and operations.
Giesecke & Devrient GmbH (www.gi-de.com)
Giesecke & Devrient (G&D) is an internationally leading technology provider with its headquarters in Munich, Germany and 58 subsidiaries, joint ventures, and associated companies in 32 countries worldwide. G&D is a global market leader and cutting-edge innovator of products and solutions for the banknote and mobile security segments. Over the course of its history, the technology group has successfully penetrated numerous new business fields by systematically leveraging synergies such as the ongoing transfer of security technologies from paper production, film manufacturing, and banknote printing. The products complement and enhance one another, ensuring a broad market positioning.
intarsys consulting GmbH (www.intarsys.de)
intarsys is a leading manufacturer of high quality software products and components for creation and verification of all kind of advanced electronic signatures. The company focuses on authentication, timestamping, eID validation and cryptographic secured long-term archiving products. The products comply with national and EU regulations on qualified electronic signatures. Beside electronic signature intarsys offers a whole portfolio of products for the handling of PDF/A, the ISO standard document format for long-term preservation.
OpenLimit SignCubes AG (www.openlimit.com)
OpenLimit SignCubes AG was founded in 2002 and is a wholly-owned subsidiary of the publicly traded OpenLimit Holding AG. The company is headquartered in Baar, Switzerland and has a subsidiary in Berlin, Germany. The group currently employs over 60 highly qualified employees. OpenLimit stands for the secure electronic handshake. Our technologies enable people and machines globally to communicate without restrictions securely, identifiably and provably. We develop base technologies and products in the following areas: electronic identities, electronic signatures, evidentiary value-preserving long-term storage of data and documents and secure data transmission between machines. Our technologies are an integral part of products from leading developers of IT applications for government and industry with an impact on each individual. To achieve this, we enter carefully selected strategic development and distribution partnerships.
procilon Group (www.procilon.de)
procilon is a German IT enterprise dealing more than 10 years with cryptography, identity management, secure electronic transmission of e-mails, forms, files, providing digital signature and preserving probative value of signatures. German-wide over 1000 customers use our server- and client-based IT solutions for their secure electronic communication.
Thames Stanley GmbH (www.thamesstanley.com)
Thames Stanley is a global boutique C-level advisory. We offer senior advisory and services on managing your Information Security Management Systems, Risk Management, Governance and Compliance.
trustable Ltd. (www.trustable.eu)
trustable Ltd. supports the user of advanced and qualified electronic signatures with its free verification services (www.sig-check.de) and open source code. trustable is proudly supporting the Open Signature Initiative!
Dr. Detlef Hühnlein
Coordinator of the Open Signature Inititative
c/o ecsec GmbH
|Full Press Release|