Security architecture of the Austrian citizen card concept

When admitting electronic media as a means for citizens to approach public authorities (e-government), security is an indispensable precondition for concerns of legal certainty and for achieving acceptance by the citizens. While the security-enabling technologies such as smartcards, digital signatures, and PKI are mature, questions of scalability, technology-neutrality, and forward-compatibility arise when being deployed on the large scale. The security architecture of the Austrian citizen card is presented. We briefly present the legal provisions that enable e-government. We then reflect on requirements to be fulfilled to achieve a lasting security architecture that provides swift deployment of applications, but provides the flexibility to not discriminate against service providers and technologies that will emerge in future. The concept called "security layer" is discussed as the core part of the security architecture, which basically is an open interface that hides the security-relevant functionality of the citizen card on a high abstraction level. A few e-government applications that are being launched in the short-term are sketched.