Title :
A privacy-preserving eID based Single Sign-On solution
Author :
Zwattendorfer, Bernd ; Tauber, Arne ; Zefferer, Thomas
Author_Institution :
E-Gov. Innovation Center, Graz, Austria
Abstract :
Single Sign-On (SSO) has become a popular technology allowing users to identify and authenticate once and to gain access to different resources in a distributed computing environment. Austrian e-Government relies on a secure and privacy-preserving sectoral identity management model. Even if a sectoral identifier model improves privacy, it also negatively affects the usability of authentication processes. In Austria, most public sector applications use an open-source identity provider called MOA-ID. However, due to the sectoral identity management MOA-ID has not been Single Sign-On-capable. In this paper we present a security architecture that enables Single Sign-On between different governmental applications using MOA-ID as identity provider while meeting the requirements for sectoral data privacy protection at the same time. We achieve this by transforming unique sectoral identifiers of users with the help of an additional trusted attribute provider.
Keywords :
authorisation; data privacy; distributed processing; government data processing; public domain software; Austrian e-government; authentication process; distributed computing environment; governmental application; open source identity provider; privacy preserving elD based single sign-on solution; privacy preserving sectoral identity management model; public sector application; sectoral data privacy protection; sectoral identifier model; sectoral identity management MOA-ID; security architecture; trusted attribute provider; Authentication; Cryptography; Electronic government; Privacy; Registers; Usability; Austrian citizen card; MOA-ID; SSO; identity management; privacy; single-sign-on;
Conference_Titel :
Network and System Security (NSS), 2011 5th International Conference on
Conference_Location :
Milan
Print_ISBN :
978-1-4577-0458-1
DOI :
10.1109/ICNSS.2011.6060018
