Over the worldwide web, interactions takes place through an open network where there is no physical presence. Therefore, we do not know the identity of those with whom we interact. The virtual world comes with it a certain number of risks such as identity theft, the interception of our messages by others or repudiation a of sale, payment or exchange. In this framework, setting up security services such as digital certification proves to be a necessity.
Digital certification is a process which helps insuring four (04) aspects of information security exchanges on Internet: confidentiality, authentication, integrity, and non-repudiation. The latter establish a climate of trust through the implementation of a Public Key Infrastructure "PKI". In other words, digital certification is the process that allows us to authenticate our interlocutors on the internet through their digital signature; the digital signature is authenticated by means of a digital certificate issued by a certificate authority. This digital certificate can be compared to an identity document.A Certification Authority (CA) is a trustworthy third party capable of authenticating the identity of corresponding parties. A certificate authority issues certificates describing digital identities and provides the means to confirm the validity of certificates it has supplied. Certification authorities’ services are used principally to secure digital communications and digital transactions as well as for securing digital documents.
On 1 February 2015, the Algerian legislature has promulgated the Law No. 15-04 of 1 February 2015 establishing the general rules on digital signature and certification. This law establishes the organization hierarchical typology in terms of trust model adopted by Algeria. This model consists of :
The Governmental Authority of Digital Certification is responsible for supervising trustworthy third parties (digital certification service providers on behalf of government institutions) and the issuance of digital certificates used by the stakeholders in the government sector in transactions type G2G, G2B and G2C.
To implement this activity MPTIC will be launching early 2016 a call for tenders for the procurement of hardware and software that will be used by the government authorities to accomplish their missions.