Australian Taxation Office

PKI and the Tax Reform Project

Tax Reform

In June 2000, the Australian Taxation Office completed and deployed a PKI infrastructure designed and tailored for electronic submission of Business Activity Statements (BAS). Several of Castelain's team members worked with the ATO in their successful establishment of a Gatekeeper accredited PKI - the first such full accreditation in Australia. This infrastructure was a crucial part of the system to allow for electronic lodgement of BAS.

The digital keys and certificates as issued and managed by the PKI are used to secure the electronic BAS transmissions between businesses and the ATO. Electronic BAS lodgement offers significant cost savings and processing efficiencies to the ATO.

Without the ATO PKI in place the BAS and therefore the Goods and Services Tax (GST), would have been more costly to administer and would have gained less acceptance by the business community. The ATO PKI had to be fully deployed before the introduction of the GST on 1 July 2000.

Castelain staff were involved at numerous levels in the implementation of the ATO PKI:

  • Business and technical requirements capture, analysis and refinement
  • System architecture definition and conceptualisation via Use Case models, component models, deployment models and other static and behavioural views
  • Supplying product (hardware and software) specifications for procurement purposes by the likes of EDS
  • Design of software components to bind the commercial products into the overall solution and to help satisfy the special needs of the ATO PKI
  • Design and specification of interfaces to other subsystems such as the Help Desk
  • Off-site software construction in the C++ language
  • Writing test strategy and protocol documents through numerous types of testing: unit, integration, system, stress and acceptance
  • Assistance in deployment and testing of the solution at ATO's site in Canberra working alongside EDS
  • Development and documentation of associated policy and procedures
  • In-depth assistance with the production of an extensive documentation suite that is the material by which the National Office for the Internet Economy (NOIE) evaluated the PKI against its Gatekeeper accreditation criteria (NOIE has now become AGIMO)

The ATO PKI was delivered on schedule and continues to have one of the largest user bases in the world.

Developing the ATO PKI strategy direction

Castelain has been engaged on an ongoing basis with the ATO to undertake major initiatives with the ATO PKI system; this includes help in developing the ATO PKI strategy direction for the next five years.

Other projects

Castelain staff have a long working relationship with the ATO dating back to 1995 when Castelain staff were engaged to design and deliver the security solution for the ATO's innovative e-tax product for submission of personal income tax returns. Since then Castelain has worked on a range of other ATO projects such as the ABR security system.

More recently, Castelain has been engaged by the ATO to:

  • Project manage a "SWOT" team established to resolve a number of production problems in the ATO's Distributed Server Environment.
  • Provide design and technical expertise to the ATO's Secure E-mail project including evaluation of a range of commercially available products and solutions.
  • Undertake research into the possible uses and adoption of ABN-DSC certificates.
  • Manage, write and co-ordinate and evaluate two separate RFTs relating to the ATO's Identity Management systems.
  • Investigate the use of a multi-function token to act as an ID card, provide building and network access and hold PKI credentials for secure email.