The following is the speech by the Director of Information Technology Services, Mr Lau Kam-hung, at the International Workshop on Cryptographic Techniques and E-commerce today (Tuesday):
Prof Chang, Prof Shamir, Distinguished Guests, Ladies and Gentlemen:
The rapid development and wide adoption of digital technology has brought about great changes in the past two decades. In his Policy Address, the Chief Executive of the Hong Kong Special Administrative Region has stated his vision to make Hong Kong a leader, not a follower, in the information world of tomorrow.
In line with the global trends, and in consideration of our own strength and resources, the Hong Kong Special Administrative Region Government has formulated the "Digital 21" Information Technology Strategy based on four enabling factors -
* The hardware of high capacity communications systems;
* A common software interface mounted on established communications networks, through which individuals, business and Government can interact easily and accurately using their own systems;
* People who know how to use IT; and
* A cultural environment that stimulates creativity and welcomes advances in the use of IT.
A major thrust of this strategy is to enhance the information infrastructure of Hong Kong in order for us to take advantage of the rising prospects of e-commerce. Several initiatives are being materialised from this strategy.
Electronic Transactions Bill
A new bill entitled the Electronic Transactions Bill will be introduced later this year to provide the necessary legal framework and a secure and trusted environment for the conduct of electronic transactions in the HKSAR. With the enactment of this bill, legal recognition will be given to electronic records and digital signatures. It will also provide the legal framework for the operations of the Certification Authorities (CAs) to authenticate the identity of participants in electronic commerce.
Electronic Services Delivery (ESD) Scheme
To take the lead in using electronic transactions, the HKSAR Government will launch the Electronic Services Delivery (ESD) scheme. The first phase of ESD will be implemented in the latter half of 2000 and 37 types of public services from 10 government departments and public agency will be available on-line, 24 hours a day and seven days a week. A total of six tender proposals have been received and it is expected that tender evaluation will be concluded in the 3rd quarter of this year.
Establishment of a Public Key Infrastructure and a Public Certification Authority
To support the ESD, Hongkong Post will establish a Public Key Infrastructure (PKI) in order to provide a secure and safe environment conducive to the development of e-commerce in Hong Kong. With this PKI, not only Government services could be delivered securely over the public networks, a foundation will also be built for the delivery of electronic services of other organisations and firms. The Contract on the Design, Development and Implementation of a PKI was awarded on 26 May 1999 using GTE Cyber Trust PKI technology, and the system would be ready for live run in December this year.
Hongkong Post will also serve as the Public Certification Authority by the end of this year. By following the open standard of PKI, Hongkong Post will offer flexible and customisable certification services meeting the different requirements of the community. It will offer a high trust certification brand name known as "Hong Kong Post e-Cert" based on face-to-face authentication, 1024-bits key pairs and with a liability of about USD100,000.
Setting up of a Certification Authority Recognition Office
Hongkong Post will be the first CA and the private sector is free to set up more CAs to meet the demand of electronic commerce in the HKSAR. To protect consumer interests and enhance users' confidence in electronic transactions, Government will set up a Certification Authority Recognition Office in end 1999. CAs are free to apply for recognition from the Government on a voluntary basis, but only those CAs which have achieved a trust standard and will adopt a common and open interface in their operation will be recognised.
The Electronic Transactions Bill will provide for the recognition of not only a CA, but also the certificates issued by a recognised CA. The bill will also provide for the revocation and suspension of the recognition of a CA or recognised certificates, should the CA fails, for example, to conform to the certification practice statements, to use a trustworthy system, or to comply with a code of practice issued by the Certification Authority Recognition Office.
Event like today's is a timely reminder to us that our cyber plans must be built upon solid technological foundation. Our prospect in e-commerce is inseparable from our ability to master cryptographic techniques. For this, I would like to thank the City University of Hong Kong for organising this valuable series of lectures and workshops. And to the scholars who travel from afar to share with us your expert views on the latest development of an exciting field, welcome to Hong Kong.
END/Tuesday, July 6, 1999