Abstract
When admitting electronic media as a means for citizens to approach public authorities - i.e., when advancing official proceedings towards e-Government - security is an indispensable precondition for concerns of legal certainty and for achieving acceptance by the citizens. While the security-enabling technologies such as smartcards, digital signatures, and PKI are mature, questions of scalability, technology-neutrality, and forward-compatibility arise when being deployed on the large scale, such as when being deployed nationwide. In this paper the security architecture followed with the Austrian citizen card is presented. This dedicated concept where smart-cards are going to be rolled out to every Austrian citizen will establish the citizen?s security infrastructure to utilize emerging e-Government applications. We briefly present the legal provisions that enable e-Government. We than reflect on requirements to be fulfilled to achieve a lasting security architecture that provides swift deployment of applications, but provides the flexibility to not discriminate against service providers and technologies that will emerge in future. The concept called "security layer" is discussed as the core part of the security architecture, which basically is an open interface that hides the security-relevant functionality of the citizen card on a high abstraction level. A few e-Government applications that are being launched in the short-term are sketched to give a touch of the variety of requirements covered in the architecture.