DocumentCode
2967950
Title
Middleware architecture for cross-border eID
Author
Zwattendorfer, Bernd ; Sumelong, I. ; Leitold, H.
Author_Institution
E-Gov. Innovation Center, Graz Univ. of Technol., Graz, Austria
fYear
2012
fDate
21-23 Nov. 2012
Firstpage
303
Lastpage
308
Abstract
Many European states have issued electronic identities (eID) to its citizens since the early 2000s. Several have reached full coverage and usually high assurance credentials, such as smartcards, USB crypto tokens, or mobile phone eIDs are used. This lead to an impressive security infrastructure to authenticate at online services that, however, evolved as national silos - interoperability was no priority for a while. To overcome this, 18 European states have joined forces in the large scale pilot STORK. A SAML-based technical solution for cross-border eID federation between states has been designed, implemented, and finally piloted in a number of production services. In this paper we present the STORK middleware architecture that has been developed by Austria and Germany. Its main characteristic is a decentralized deployment that gives some end-to-end security and privacy advantages, but also needs particular attention to meet scalability challenges. This is compared to the STORK proxy model, an alternative centralized deployment approach that was chosen by other states. Federation between the two architectures is described, with particular attention to security and privacy aspects.
Keywords
Web services; data privacy; middleware; security of data; software architecture; trusted computing; SAML-based technical solution; STORK proxy model; centralized deployment approach; crossborder eID; decentralized deployment approach; electronic identity; end-to-end security; middleware architecture; online service authentication; privacy aspect; production service; security infrastructure; Authentication; Computer architecture; Connectors; Interoperability; Middleware; Protocols; STORK; eID; electronic identity; interoperability; middleware;
fLanguage
English
Publisher
ieee
Conference_Titel
Computational Aspects of Social Networks (CASoN), 2012 Fourth International Conference on
Conference_Location
Sao Carlos
Print_ISBN
978-1-4673-4793-8
Type
conf
DOI
10.1109/CASoN.2012.6412419
Filename
6412419
Link To Document