Electronic identity (eID) is on everyone's lips as is increasingly used in various services nowadays. In Europe, the EU (European Union) Regulation N.910/2014 on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation) has also created a legal structure for electronic identification, signatures, seals and documents throughout EU, so an intensive work is spent on putting it in practice. In this paper, we describe first the e-SENS (Electronic Simple European Networked Services) infrastructure, which is composed of (national) nodes set as part of the STORK 2.0 eID infrastructure and new nodes implementing the eIDAS specification. Since the e-SENS infrastructure uses the SAML (Security Assertion Markup Language) for authentication and attribute transfer, the data security is strongly related to SAML security. Moreover, it depends also on architecture complexity. We analyze two possible solutions for stronger data security in e-SENS: one is based on the exploitation of the SAML Holderof-Key web browser profile, while the other one exploits the encryption of the SAML tokens. We present details in adopting such solutions in e-SENS infrastructure and we discuss their pros and cons.
Towards Stronger Data Security in an eID Management Infrastructure / Berbecaru, DIANA GRATIELA; Atzeni, Andrea; DE BENEDICTIS, Marco; Smiraglia, Paolo. - STAMPA. - (2017), pp. 391-395. (Intervento presentato al convegno PDP-2017: 25th Euromicro International Conference on Parallel, Distributed and Network-based Processing tenutosi a St. Petersburg (Russia) nel 06-08 March 2017) [10.1109/PDP.2017.90].
Towards Stronger Data Security in an eID Management Infrastructure
BERBECARU, DIANA GRATIELA;ATZENI, ANDREA;DE BENEDICTIS, MARCO;SMIRAGLIA, PAOLO
2017
Abstract
Electronic identity (eID) is on everyone's lips as is increasingly used in various services nowadays. In Europe, the EU (European Union) Regulation N.910/2014 on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation) has also created a legal structure for electronic identification, signatures, seals and documents throughout EU, so an intensive work is spent on putting it in practice. In this paper, we describe first the e-SENS (Electronic Simple European Networked Services) infrastructure, which is composed of (national) nodes set as part of the STORK 2.0 eID infrastructure and new nodes implementing the eIDAS specification. Since the e-SENS infrastructure uses the SAML (Security Assertion Markup Language) for authentication and attribute transfer, the data security is strongly related to SAML security. Moreover, it depends also on architecture complexity. We analyze two possible solutions for stronger data security in e-SENS: one is based on the exploitation of the SAML Holderof-Key web browser profile, while the other one exploits the encryption of the SAML tokens. We present details in adopting such solutions in e-SENS infrastructure and we discuss their pros and cons.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2669917
Attenzione
Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo