DigiD
Encyclopedia
DigiD is an identity management
Identity management
Identity management is a broad administrative area that deals with identifying individuals in a system and controlling access to the resources in that system by placing restrictions on the established identities of the individuals.Identity management is multidisciplinary and covers many...

 platform which government agencies of the Netherlands, including the Tax and Customs Administration
Tax and Customs Administration
The Tax and Customs Administration is the tax collection and customs service of the government of the Netherlands. Part of the Ministry of Finance, it is responsible for supervising the import, export and transit of goods, detecting fiscal, economic and financial fraud, levying and collecting...

 and Dienst Uitvoering Onderwijs, can use to verify the identity of Dutch citizens on the Internet. As of 2010 it is being used by 8 million citizens. The system is tied to the Dutch national identification number
National identification number
A national identification number, national identity number, or national insurance number is used by the governments of many countries as a means of tracking their citizens, permanent residents, and temporary residents for the purposes of work, taxation, government benefits, health care, and other...

 (burgerservicenummer, BSN). The system has been mandatory when submitting tax form
Tax form
A tax form is a blank document or template supplied by a government for use in the reporting of tax information to the government or to potential taxpayers...

s electronically since 2006.

2011 Hacking incident

In July 2011, DigiNotar
DigiNotar
DigiNotar was a Dutch certificate authority owned by VASCO Data Security International. On September 3, 2011, after it had become clear that a security breach had resulted in the fraudulent issuing of certificates, the Dutch government took over operational management of DigiNotar's systems...

, the company that was providing the certificates used for DigiD under the PKI
Public key infrastructure
Public Key Infrastructure is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate...

 root-CA
Certificate authority
In cryptography, a certificate authority, or certification authority, is an entity that issues digital certificates. The digital certificate certifies the ownership of a public key by the named subject of the certificate...

 PKIoverheid. Although not directly linked to certificates used by DigiD the result of above hack was that the government lost its trust in certificates issued by the company, both under their own root CA
CA
The term CA commonly means:* California, a U.S. state* Canada, a nation on the North American continent* Chartered Accountant* Compressed Air, such as "CA Piping"...

as well as the certificates under the governments root PKIoverheid. Prosecutors said they would investigate the U.S.-owned, Netherlands-based DigiNotar.
The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK