[Essen, Germany, 24 August 2017] secunet Security Networks AG, based in Essen, is reviewing identification and authentication procedures on behalf of the German Federal Office for Information Security (BSI). This will involve assessing the level of security in various procedures that are specifically used in eGovernment.
As eGovernment services and applications become increasingly important, the potential for threat and damage from targeted attacks on these procedures is rising proportionally too. For this reason, secure and reliable registration is essential for the use and acceptance of eGovernment services. In a project that has now been launched, secunet will undertake an assessment of the various procedures for user identification and authentication, differentiated by trust level.
The Technical Guideline TR-03107-1 “Electronic Identities and Trust Services in eGovernment” published by the BSI provides a catalogue of criteria with specifications for the differentiated assessment of security. As part of the project, it is intended that – based on BSI TR-03107-1 – selected procedures will be assessed with respect to the level of trust they each have achieved, or are able to achieve. TR-03107 is closely aligned with the eIDAS Regulation.
The objective of the assessment is to enable the provision of a well-founded statement about the level of trust offered by the respective procedure. This should make it easier to select identification and authentication procedures which are appropriate to the respective application’s security level.