Under the scope of the the proposed new Regulation on electronic identification and trust services for electronic transactions in the internal market, which will supersede the current Directive 1999/93/EC on a Community framework for electronic signatures, ENISA has conducted a study about the security mechanisms and interoperability issues specific to the new regulated trust services. The aim of this report is to complement the report that summarises the results of the survey, also published by ENISA: “TSP services, standards and risk analysis report”, making more specific recommendations to e-Government service providers, encouraging them to use Trusted Third Party service providers to implement the trust services required to give citizens the expected level of confidence and trustwotthines on the services.
This document collects the experience of some of the Large Scale Pilots (LSP) funded by the European Commission, that implement trust services defined in the proposed new Regulation (in particular epSOS, e-CODEX and PEPPOL), as cases studies to analyse the current practices and identify gaps and improvement opportunities. Then, the recommendations collected in the Trust Service Providers (TSP) overview report published by ENISA have been adapted for the provision of e-Government Services, which include issues for security practices and risk management.
December 13, 2013
Prof. Manel Medina, ENISA, Clara Galan Manso, ENISA, Alejandro Elices, Atos Consulting, M. Elena Martínez B., Atos Consulting