Technical framework for digital public administration services
In order to implement digital administrative services, it is essential to have modern, secure, flexible and scalable IT infrastructure.
Many recommendations have been made and standards adapted and introduced in connection with the switch to electronic official channels and public services. Information sharing between participants takes place on a dedicated communication platform, called the Reference Server E-Government.
This platform is continuously expanded and upgraded and is one of the main sources of information for the state, federal provinces, municipalities and local communities, as well as for business and the many different project partners.
Technical framework for digital public administration services (examples)
Modules for Online Applications (MOA)
Many e-government functions are offered for use in the form of freely available software modules, so-called MOAs (Modules for Online Applications).
Such functions include, for example, checking and adding electronic signatures or seals, reading out identity data and delivering official documents.
Many e-government applications now use MOAs. That is why they are regularly maintained in a coordinated, regulated process and adapted to meet new requirements. More information here: MOA.
Such functions include, for example, checking and adding electronic signatures or seals, reading out identity data and delivering official documents.
Many e-government applications now use MOAs. That is why they are regularly maintained in a coordinated, regulated process and adapted to meet new requirements. More information here: MOA.
Core registers
In order properly to fulfil the obligations placed on them by law, the Austrian administrative agencies require all kinds of different information, e.g. names and addresses, documented powers of representation etc.
A significant part of the data they store is organised in electronic administrative registers (databases and directory systems). Who is responsible for the data and the precise methodology for obtaining such information – which will subsequently be stored in various registers for further processing by the authorities – are regulated by corresponding material laws.
Registers form an important basis for many e-government applications. They provide information that can be acted upon for different administrative purposes and they generate accurate data for the administrative sector. This enables administrative action to be taken quickly and reliably. The aim is to optimise register applications, primarily to simplify the presentation of documents for citizens, but also to simplify administrative procedures – both internally and externally. Improving the quality of registers is of key importance, because only with accurate data can people be encouraged to use electronic processes more. More information here: Registers/Core registers.
A significant part of the data they store is organised in electronic administrative registers (databases and directory systems). Who is responsible for the data and the precise methodology for obtaining such information – which will subsequently be stored in various registers for further processing by the authorities – are regulated by corresponding material laws.
Registers form an important basis for many e-government applications. They provide information that can be acted upon for different administrative purposes and they generate accurate data for the administrative sector. This enables administrative action to be taken quickly and reliably. The aim is to optimise register applications, primarily to simplify the presentation of documents for citizens, but also to simplify administrative procedures – both internally and externally. Improving the quality of registers is of key importance, because only with accurate data can people be encouraged to use electronic processes more. More information here: Registers/Core registers.
Directory services
The aim of the Austrian federal government's E-Government Strategy is to fully reproduce public administration processes in electronic form.
These processes include both interaction between citizens and the authorities (government-to-citizen, G2C) and internal processes between authorities (government-to-government, G2G).
The rights and responsibilities of individuals and organisational units are important parameters in these processes. The Directory Service presents this information in a standardised format and enables applications to access information via defined interfaces.
These processes include both interaction between citizens and the authorities (government-to-citizen, G2C) and internal processes between authorities (government-to-government, G2G).
The rights and responsibilities of individuals and organisational units are important parameters in these processes. The Directory Service presents this information in a standardised format and enables applications to access information via defined interfaces.
Domain management "GV.AT"
Creating a common network for public administration services means considering not only the necessary technical aspects but also how the symbolic namespaces should be structured.
The aim of the guidelines is to decentralise the authority and responsibility for assigning names within the Internet domain "gv.at".
As a citizen, you should be able to be confident that the naming structure will enable you to find the information you are looking for from public administration agencies and associated organisations without a lengthy online search.
Using standardised lettering creates a consistent appearance.
Digression: EU domains
In an EU initiative, the top-level ".eu" domain name has been available since 2006. Since 7 April 2006, anyone has been able to register it on a first-come, first-served basis.
The aim of the guidelines is to decentralise the authority and responsibility for assigning names within the Internet domain "gv.at".
As a citizen, you should be able to be confident that the naming structure will enable you to find the information you are looking for from public administration agencies and associated organisations without a lengthy online search.
Using standardised lettering creates a consistent appearance.
Digression: EU domains
In an EU initiative, the top-level ".eu" domain name has been available since 2006. Since 7 April 2006, anyone has been able to register it on a first-come, first-served basis.
BCA-OS – Open Source Federal Client
Austria's "Open Source Federal Client Architecture" project – BCA-OS for short – has set itself the objective of offering PC users in the public administration agencies alternatives to predominantly proprietary software solutions that are associated with high licence fees.
Style guides
E-forms
The design of e-forms in Austria's public administration agencies is almost entirely within the organisational remit of individual administrative units. However, now that applications are processed electronically under e-government, greater uniformity is desirable. The Style Guide for E-Forms includes specific guidelines covering how an e-form should be structured, how its content should be presented systematically and how it should look. The objective is to make e-forms more consistent, so that using electronic processes can be made simpler and more convenient.
Style Guide for Web Applications
More and more applications are being created by government authorities with the aim of also making them available to other authorities. There can be significant economic advantages to this, because the applications do not have to be developed and managed by each partner separately. It has been made possible thanks to, among other things, the e-government strategies that have been developed (the Portal Group, concepts relating to security, legal aspects, roles etc.) and the technical environment (the PVP [portal group protocol], shared data models and structures, web service interfaces etc.). The Style Guide for (multi-authority) Web Applications applies to newly developed web applications for use by more than one authority. It is hoped that this will lead to a higher level of acceptance, better usability and shorter familiarisation times for users who are spread across different organisations.
The design of e-forms in Austria's public administration agencies is almost entirely within the organisational remit of individual administrative units. However, now that applications are processed electronically under e-government, greater uniformity is desirable. The Style Guide for E-Forms includes specific guidelines covering how an e-form should be structured, how its content should be presented systematically and how it should look. The objective is to make e-forms more consistent, so that using electronic processes can be made simpler and more convenient.
Style Guide for Web Applications
More and more applications are being created by government authorities with the aim of also making them available to other authorities. There can be significant economic advantages to this, because the applications do not have to be developed and managed by each partner separately. It has been made possible thanks to, among other things, the e-government strategies that have been developed (the Portal Group, concepts relating to security, legal aspects, roles etc.) and the technical environment (the PVP [portal group protocol], shared data models and structures, web service interfaces etc.). The Style Guide for (multi-authority) Web Applications applies to newly developed web applications for use by more than one authority. It is hoped that this will lead to a higher level of acceptance, better usability and shorter familiarisation times for users who are spread across different organisations.
Public Key Infrastructure (PKI)
This is infrastructure for managing and distributing cryptographic keys. The technology enables electronic signatures and certificates to be used securely. Public Key Infrastructure is a system for using private and public keys to encrypt and decrypt electronic data.
An asymmetrical cryptography system like this enables messages on the Internet to be signed and encrypted. The signing guarantees that the message was really sent in this form by the named sender. Reading the message requires the sender's public key, which can be sent by email, for example.
The key being sent is also signed with a trusted key. The PKI offers a hierarchical system of validity. If a certification centre is trusted, then all certificates signed by it are also trusted. Since a PKI can also have subordinate PKIs (multi-level), all its subordinate PKIs are also trusted.
The basis for secure e-government
Without a PKI, trusted, secure and legally binding communication between citizens and government authorities, and between one authority and another, using standardised procedures, is not possible. This method enables digital certificates to be issued, distributed and checked. It ensures that electronic data is authenticated, identified and confidential and cannot be repudiated.
The main applications for PKI include:
In the public administration agencies, additional special profiles and extensions are used. Certificates from administrative organisations are marked with a special identification attribute.
A distinction is made between different kinds of certificate, depending on how they are used:
An asymmetrical cryptography system like this enables messages on the Internet to be signed and encrypted. The signing guarantees that the message was really sent in this form by the named sender. Reading the message requires the sender's public key, which can be sent by email, for example.
The key being sent is also signed with a trusted key. The PKI offers a hierarchical system of validity. If a certification centre is trusted, then all certificates signed by it are also trusted. Since a PKI can also have subordinate PKIs (multi-level), all its subordinate PKIs are also trusted.
The basis for secure e-government
Without a PKI, trusted, secure and legally binding communication between citizens and government authorities, and between one authority and another, using standardised procedures, is not possible. This method enables digital certificates to be issued, distributed and checked. It ensures that electronic data is authenticated, identified and confidential and cannot be repudiated.
The main applications for PKI include:
- Signing documents
- Secure email communication
- E-commerce
In the public administration agencies, additional special profiles and extensions are used. Certificates from administrative organisations are marked with a special identification attribute.
A distinction is made between different kinds of certificate, depending on how they are used:
- Certificates for online services that enable automation-assisted signing of data
- Server certificates for digital authentication of a server
- Email certificates to increase the trustworthiness of outgoing emails sent by administrative agencies
- Authentication certificates for authentication purposes
- Encryption certificates for data encryption
- Qualifying certificates for qualified electronic signatures
- Certificates for special applications (digital tachographs and so on)
EGIZ Software (E-Gov:Labs)
EGIZ Software (E-Government Innovation Centre) is a resource for anyone wishing to be involved in the activities and developments associated with public e-government modules. Anyone who is interested can see, for example, an overview of all the currently available open-source software modules (MOA).
Joinup – the European Commission's open-source platform
The actual software is maintained and made available to download on the European Commission's shared open-source platform, Joinup.
Joinup is a collaboration platform offering information on a range of European open-source e-government projects (including modules for online applications).
It helps members of the community to find projects and software, implement new projects and ensure their interoperability via the following links (English):
Joinup is a collaboration platform offering information on a range of European open-source e-government projects (including modules for online applications).
It helps members of the community to find projects and software, implement new projects and ensure their interoperability via the following links (English):
Citizen Card/mobile phone signature concept/ID Austria
The Citizen Card/mobile phone signature/ID Austria systems enable citizens to legally identify and authenticate themselves online. In most cases, getting a Citizen Card does not require any special software. However, some applications do require users to have separate Citizen Card software (the Citizen Card Environment – BKU).
The Citizen Card Environment (BKU) includes a wide range of functions that can be carried out with the Citizen Card:
Security Layer
When the Citizen Card concept was implemented, it was specified that there had to be what is called a Security Layer. This is the interface between the application being used and the mobile phone signature or signature card, and it provides access to the token's identification, signature and storage functionality.
An important element in a signature solution is that the message to be signed must be displayed in a trusted format. The system must ensure that the signatory is not signing any content that is hidden from them, and that no dynamic elements are permitted which would subsequently distort the content.
Important innovation – ID Austria, fully operative from 5.12.2023:
On 5 December 2023, ID Austria is replacing mobile phone signatures.
Users whose mobile phone signature was registered by a government authority can upgrade to an ID Austria account with full functionality. Those users who did not register their mobile phone signature with a government authority can upgrade to an ID Austria account with basic functionality. To obtain an ID Austria account with full functionality, including its new functions such as being able to show a form of ID on their smartphone, they will have to register with a government authority.
Signature cards (Manage my ID Austria (oesterreich.gv.at))
Switching a signature card to ID Austria: Citizen Cards (signature cards with identity linking) can be converted into an ID Austria account. Once the user's passport/ID card number has been checked successfully, they will be issued with an ID Austria account with full functionality; otherwise they will have an ID Austria account with basic functionality.
Adding a signature card for two-factor authentication: Signature cards that are not yet assigned to an ID Austria account can be added to an existing ID Austria account as a second authentication factor.
Replacing your old signature card with a new one: When you extend the validity of a signature card, or receive a replacement card, you can activate it as a second authentication factor.
More information at: FAQ: General information about ID Austria (oesterreich.gv.at)
A selection of important FAQs:
How can I convert my mobile phone signature into an ID Austria account with basic functionality?
A mobile phone signature can be converted into an ID Austria account with basic functionality in an online process.
Follow the instructions here: Switching from a mobile phone signature to an ID Austria account with basic functionality.
An ID Austria account with basic functionality offers the same functions as a mobile phone signature. Signatures using an SMS-TAN (Transaction Authentication Number sent by text message) will still be possible. An ID Austria account with basic functionality has the same period of validity as your mobile phone signature but cannot be extended after that. You can see and also extend the period of validity of your mobile phone signature at a-trust.at/konto.
When I converted my Citizen Card I was given an ID Austria account with basic functionality. How can I upgrade it to full functionality?
Upgrading is recommended, because only with full functionality can you extend the period of validity.
The way you upgrade your ID Austria account (with basic functionality) depends on whether the Citizen Card that was converted was originally issued by a government authority or not. (Government issuing authorities include ministries, the province of Upper Austria incl. district administrative authorities and the City of Vienna.)
How can signature cards be used with ID Austria?
Signature cards (without identity links) enable you to sign documents. This signature function remains unchanged.
The signature card can also be added to an existing ID Austria account as a second authentication factor. Use this link: Adding a signature card for two-factor authentication.
The Citizen Card Environment (BKU) includes a wide range of functions that can be carried out with the Citizen Card:
- Citizen Card token
- Cryptographic processes
- Pairs of keys for signatures and encryption
- Identity linking
- Information boxes
Security Layer
When the Citizen Card concept was implemented, it was specified that there had to be what is called a Security Layer. This is the interface between the application being used and the mobile phone signature or signature card, and it provides access to the token's identification, signature and storage functionality.
An important element in a signature solution is that the message to be signed must be displayed in a trusted format. The system must ensure that the signatory is not signing any content that is hidden from them, and that no dynamic elements are permitted which would subsequently distort the content.
Important innovation – ID Austria, fully operative from 5.12.2023:
On 5 December 2023, ID Austria is replacing mobile phone signatures.
Users whose mobile phone signature was registered by a government authority can upgrade to an ID Austria account with full functionality. Those users who did not register their mobile phone signature with a government authority can upgrade to an ID Austria account with basic functionality. To obtain an ID Austria account with full functionality, including its new functions such as being able to show a form of ID on their smartphone, they will have to register with a government authority.
Signature cards (Manage my ID Austria (oesterreich.gv.at))
Switching a signature card to ID Austria: Citizen Cards (signature cards with identity linking) can be converted into an ID Austria account. Once the user's passport/ID card number has been checked successfully, they will be issued with an ID Austria account with full functionality; otherwise they will have an ID Austria account with basic functionality.
Adding a signature card for two-factor authentication: Signature cards that are not yet assigned to an ID Austria account can be added to an existing ID Austria account as a second authentication factor.
Replacing your old signature card with a new one: When you extend the validity of a signature card, or receive a replacement card, you can activate it as a second authentication factor.
More information at: FAQ: General information about ID Austria (oesterreich.gv.at)
A selection of important FAQs:
How can I convert my mobile phone signature into an ID Austria account with basic functionality?
A mobile phone signature can be converted into an ID Austria account with basic functionality in an online process.
Follow the instructions here: Switching from a mobile phone signature to an ID Austria account with basic functionality.
An ID Austria account with basic functionality offers the same functions as a mobile phone signature. Signatures using an SMS-TAN (Transaction Authentication Number sent by text message) will still be possible. An ID Austria account with basic functionality has the same period of validity as your mobile phone signature but cannot be extended after that. You can see and also extend the period of validity of your mobile phone signature at a-trust.at/konto.
When I converted my Citizen Card I was given an ID Austria account with basic functionality. How can I upgrade it to full functionality?
Upgrading is recommended, because only with full functionality can you extend the period of validity.
The way you upgrade your ID Austria account (with basic functionality) depends on whether the Citizen Card that was converted was originally issued by a government authority or not. (Government issuing authorities include ministries, the province of Upper Austria incl. district administrative authorities and the City of Vienna.)
- If your card was issued by a government authority, you will be invited to upgrade next time you log in to ID Austria. Have the number of your current Austrian passport or ID card ready.
- If your card was not issued by a government authority, you will have to identify yourself officially with a registering authority. Choose from the list of available registering authorities in Austria.
How can signature cards be used with ID Austria?
Signature cards (without identity links) enable you to sign documents. This signature function remains unchanged.
The signature card can also be added to an existing ID Austria account as a second authentication factor. Use this link: Adding a signature card for two-factor authentication.