Transcript Introduction

Revenue On-Line
Service
Introductions
• John Leamy ROS Strategy Manager
• Kevin Mulkerrins
• Seán Leake
Introduction
• eGovernment Initiative
– Information Society Commission
• Revenue Legislation
• eCommerce Act
Services being provided
•
•
•
•
Filing Tax Returns
Access to Tax Information
Making Payments
Access Control System
PKI Requirements
•
•
•
•
•
•
Identification and Authentication
Data Integrity
Non-Repudiation
Data Confidentiality
System Security
Security of the Customer’s Computer
Issues
• Foreign Experience
• Certification Authority
• Customer Focus
• Digital Certificate ‘link’ to Revenue
Records
PKI solution
• Identification and Authentication
• Data Integrity
• Non-Repudiation
Security Services
Strong authentication
Web Server
Security
digital certificates and a
password
encrypted
encrypted
datadata
Application
Security
Application
Server and Database
Web Server Firewall
Internet


Taxpayer
Agent
Cryptographic Services
Multiple Firewalls
Certification
Authority
Firewalls
Legal and audit
•
•
•
•
•
Policy Approval Authority (PAA)
Certificate Policy Statement (CPS)
Certificate Policy (CP)
Terms and Conditions
Independent PKI audit
Confidentiality
• Data Confidentiality
– SSL 128 bit encryption using single
session Keys
– Secure channel between Revenue and
customer browser
Summary
• Customer focus is most important
• Don’t underestimate the work
• Legal and Liability - substantial
PKI and Encryption
Contacts
• John Leamy ROS Strategy Manager
[email protected]
• Kevin Mulkerrins
[email protected]
• Seán Leake
[email protected]
• Revenue
www.revenue.ie