1

1

eWish eID Case Study : Trust²Bart Callens

Strategic Projects Unit Manager

22

Fact sheet: sa Certipost nv

Shareholders:De Post/La Poste - Belgacom

HQ in Aalst, BelgiumSales offices in Amsterdam and Paris

Headcount: 85

Our mission: To facilitate & certify e-Communications

Document Delivery Solutions: B2B: e-Invoicing, e-Supply

B2C: e-Delivery

Identity Management projectsBelgian e-identity card

Partners include Clear2Pay, SAP, Asterion, Microsoft, Zetes.

1.600 business customers and 70.000 consumers

2

33

Point to point vs. platform business model

Inhouse costsSoftware purchaseImplementationMaintenance Upgrades

Inhouse servicesUser managementSupportArchivingApplicationsConnectivityInterconnectionsProof of deliveryPaymentTranslationPrint gatewaySecuritySMS gateway

Centralized &

outsourced

services

platform

cust

omer

1cu

stomer

2

customer 3

customer 4

supplier 1

supplier 2

supplier 3residentialresidential

residential

CertiONE

Large company SME

Residentialuser

InterconnectionHybrid gateway:

IN: scanningOUT: printing

Your company

44

e-Billing - exchange of e-invoices between companies

One-stop shopping platform for document exchange

For citizens – individuals over 70.000 individuals connectedFor companies over 1.600 European companies connectedSystems & applications integration with SAP, Navision, other....Interconnections with banking and VAN networksHybrid gateway for paper in- and output

e-Supply – exchange of purchase orders, shipping

notes, e-Invoices, catalogue info, stock info between

companies

e-Delivery – sending out e-salary slips & e-invoices to consumers

CertiONE allows

to save costs & increase processefficiencyby exchanging

business documents electronicallywith suppliers,

business and residential customersas easy as email

E.g. eInvoice saves up to 6 EUR per invoice

e-IDentity – eID for every Belgian citizen, eID integration & applications, Identity & Access Management

3

55

Cumulative EID certificates(after correction)

92 98 70248081055815080316324889250000558245706470248795568891298556100222112032119252127856135566143654154188176512223694320818460684655810

9287881274768

161661619643522000000

22784502600788

30360503495528

38888084258784

4669044

55888805086890

0

1000000

2000000

3000000

4000000

5000000

6000000

7000000

03/2

003

04/2

003

05/2

003

06/2

003

07/2

003

08/2

003

09/2

003

10/2

003

11/2

003

12/2

003

01/2

004

02/2

004

03/2

004

04/2

004

05/2

004

06/2

004

07/2

004

08/2

004

09/2

004

10/2

004

11/2

004

12/2

004

01/2

005

02/2

005

03/2

005

04/2

005

05/2

005

06/2

005

07/2

005

08/2

005

09/2

005

10/2

005

11/2

005

12/2

005

01/2

006

02/2

006

03/2

006

04/2

006

05/2

006

06/2

006

Date

# ce

rtifi

cate

s

eID roll out in Belgium

Start of pilot phase

Start of full roll-out

Benchmark of 2 000 000 eID in Dec05

66

Content of the eID card

Include permanent information about the citizen:Card NumberCard Validity (Begin & End)Card Delivery MunicipalityNational NumberName & 2 First Names & 1st Letter 3r

NameNationalityBirthdate and Birth PlaceSexNoble Condition

Address = information about citizen residenceStreet & NumberZIP CodeMunicipality

Picture = Citizen Picture in JPEG FormatPreference= Include citizen preferences

Display preferencesLanguage preference

4

77

Trust² : extending the eID capabilities

Phys

ical

Id

entif

icat

ion

Data capture

Aut

hent

icat

ion

Sign

atur

eDigital rights

88

Trust2, a cost-effective and secure way to exchange business documents with business partners

•• Today, most communication policies only exist on paperToday, most communication policies only exist on paper•• Its easy to unintentionally forward eIts easy to unintentionally forward e--mails & documentsmails & documents•• Its easy to intentionally share/sell plans w/competitors, press,Its easy to intentionally share/sell plans w/competitors, press, InternetInternet

5

99

The need: Collaborative working requires persistent information Protection

1010

Today’s Policy expression need…

Intellectual Property ProtectionCompliance with regulative frameworks (eg BIPT)Chinese Wall policiesBoard of Directors informationRecord ManagementProduct RoadmapSafeguarding Business IntelligenceCorporate communicationsHR informationPrice listsCommunication with lawyers...

6

1111

The solution

Define and Enforce your usage and distribution policies of your information assets via Information Rights Management

1212

Acce

ss C

ontro

l

User M

anag

emen

t

Yes

No People

File

The solution: Trust2 based on information Rights Management

Information Rights ManagementDo not forwardDo not Copy

People

Yes

7

1313

Trust² : How does it works ?

CertiONETrust2

employee authors/protects a confidential document/e-mailConfidential product/pricing planConfidential reporting infoConfidential M&A infoConfidential employee infoConfidential communication with external lawyersConfidential communication within RvBConfidential customer information

...

Read access

no identification

no identification

Read, write,

copy & print

access

Read access

employee identified via userID/password

employee identified via userID/password

External lawyer, Trust² identified via eID

1414

Trust2: Information Rights Management + Authentication + native support in business applications

Trust2 is a service available for to any user of any windows applicatoin combining two components safeguarding privacy of information

Authentication of authorized users• Only authorized users can get access to the info

Information Rights Management• Prevention of unauthorized forwarding, printing, copying,..

Current Business Applications include MS Office2003, Internet Explorer,…Extensions do exist for other formats :

• Eg visio, pdf, project,txt, bmp

8

1515

Information flows within and across the organizational borders

Publish confidential information on portal only accessible by authorized members without risk of accidental or intentional leakagesSafeguard the confidentiality of financial and audit reports when shared with customerSales manager preventing dissemination of business intelligence embedded in a proposal….

1616

9

1717

1818

10

1919

2020

11

2121

2222

12

2323

2424

13

2525

2626

14

2727

2828

15

2929

3030

16

3131

32

Content Recipient

17

33

3434

18

3535

3636

19

3737

3838

20

3939

4040

21

4141

4242

Conclusion

Trust2 for cost-effective and secure way to exchange business documents with business partners

DRM • Leveraging on Microsoft RMS Technology

Strong Authentication• Leveraging on the Belgian eID

Policy based for customisation

Available “out-of-the box” as standard feature of MS Office 2003 Pro (support for extended formats available)

Different models are availableOutsourcedInsourcedHybrid

22

4343

Proposed Solution : Hybrid Trust² model

RMS InfrastructureInternal :@Company

• For employees• 100% integrated with existing infrastructure (AD), MS Office Templates,...

External : @Certipost : Trust²• For non-employees

• Either connected directly to Trust ²• Either connected to own RMS

Strong authentication credentialsUID/PWD for Proximus internaleID for customersProfessional Token/Smartcard for non-eID holders

4444

Trust2 Case Study (1) : IAB-I.B.R.

Institutes of Tax Accountants and Company Auditors

Usage of a professionaltoken/smartcardVarious confidentialinformation flows identified

23

4545

Trust2 case studies (1) : IAB-I.B.R.

Relations with the InstituteEither via secured e-mail or Intranet secure access Secure sending of expertise reports, permanent training annual attests, modification of personal or professional coordinatesDeposit of deontologically requested reportsDisciplinary related documents exchangePublication of Members Lists, Stagiairs Lists and Masters of “Stagiairs”

Relations with confratersAny confidential information exchangeExchange of working documents, reportsAny confraternal information exchange

Relations with Third parties & customersAudit ReportsAny confidential information exchange

Relations with authoritiesAny confidential information exchangeAnswers to “avis” from the AdministrationFiscal agreement Complaints introduction

4646

Pilot project : Law Firm Simont Braun

Headquartered in the middleof the traditional Brussels business district,

The firm Simont Braun is the result of the merger between two groups of lawyers, one gathered around Lucien Simont and the other coming from the firm Braun Bigwood

• Its activities cover business law at large, their practice areas are • Arbitration & Litigation

Corporate lawFinance & BankingIntellectual property & Competition lawPublic and Administrative LawReal estate and Construction lawTax & Labor lawTrade practices, E-commerce & Distribution

Trust2 Case Study (2) : Simont Braun

24

4747

Trust2 Case Study (2) : Simont Braun

Case studyIn the process of deploying Office 2003 Pro70 collaborators exchange monthly more or less than500.000 emails Trust² would be the right means for Simont Braun to

• exchange confidential documents,contracts with other Lawyer’s firms

• To provide legal documents just in time, replacing fax transmission (ex: conclusions, …)

4848

Conclusion

Trust2 for cost-effective and secure way to exchange business documents with business partners

DRM • Leveraging on Microsoft RMS Technology

Strong Authentication• Leveraging on the Belgian eID

Policy based for customisation

Available “out-of-the box” as standard feature of MS Office 2003 Pro (support for extended formats available)

Different models are availableOutsourcedInsourcedHybrid