Strong Electronic Identification: Survey & Scenario Planning

The deployment of more high-risk services such as online banking and government services on the Internet has meant that the need and demand for strong electronic identity is bigger today more than ever. Different stakeholders have different reasons for moving their services to the Internet, including cost savings, being closer to the customer or citizen, increasing volume and value of services among others. This means that traditional online identification schemes based on self-asserted identities are no longer sufficient to cope with the required level of assurance demanded by these services. Therefore, strong electronic identification methods that utilize identifiers rooted in real world identities must be provided to be used by customers and citizens alike on the Internet. This thesis focuses on studying state-of-the-art methods for providing reliable and mass market strong electronic identity in the world today. It looks at concrete real-world examples that enable real world identities to be transferred and used in the virtual world of the Internet. The thesis identifies crucial factors that determine what constitutes a strong electronic identity solution and through these factors evaluates and compares the example solutions surveyed in the thesis. As the Internet become more pervasive in our lives; mobile devices are becoming the primary devices for communication and accessing Internet services. This has thus, raised the question of what sort of strong electronic identity solutions could be implemented and how such solutions could adapt to the future. To help to understand the possible alternate futures, a scenario planning and analysis method was used to develop a series of scenarios from underlying key economic, political, technological and social trends and uncertainties. The resulting three future scenarios indicate how the future of strong electronic identity will shape up with the aim of helping stakeholders contemplate the future and develop policies and strategies to better position themselves for the future

Strong Electronic Identification: Survey & Scenario Planning

The deployment of more high-risk services such as online banking and government services on the Internet has meant that the need and demand for strong electronic identity is bigger today more than ever. Different stakeholders have different reasons for moving their services to the Internet, including cost savings, being closer to the customer or citizen, increasing volume and value of services among others. This means that traditional online identification schemes based on self-asserted identities are no longer sufficient to cope with the required level of assurance demanded by these services. Therefore, strong electronic identification methods that utilize identifiers rooted in real world identities must be provided to be used by customers and citizens alike on the Internet. This thesis focuses on studying state-of-the-art methods for providing reliable and mass market strong electronic identity in the world today. It looks at concrete real-world examples that enable real world identities to be transferred and used in the virtual world of the Internet. The thesis identifies crucial factors that determine what constitutes a strong electronic identity solution and through these factors evaluates and compares the example solutions surveyed in the thesis. As the Internet become more pervasive in our lives; mobile devices are becoming the primary devices for communication and accessing Internet services. This has thus, raised the question of what sort of strong electronic identity solutions could be implemented and how such solutions could adapt to the future. To help to understand the possible alternate futures, a scenario planning and analysis method was used to develop a series of scenarios from underlying key economic, political, technological and social trends and uncertainties. The resulting three future scenarios indicate how the future of strong electronic identity will shape up with the aim of helping stakeholders contemplate the future and develop policies and strategies to better position themselves for the future

Tasks and User Performance Improvement for UUM Online Payment Using Key Stroke Level Model

Online payment is one of the components in postgraduate website in University Utara Malaysia (UUM). Not a lot of Student prefers to use this task, this research will focus a weakness points in the current payment model interface and strength points in proposed new online payment model by using Keystroke-Level Model (KLM) technique and improve weakness points in the current payment model interface. The study will be guided by a research question which was formulated as Follows. What is the efficiency problem of online payment that effect user to use the system? .How can the recommended online payment Model achieve efficiency of system and user aim? What is the user performance of current online payment Model to achieve the tasks? The population for this study will be the (undergraduate and postgraduate) students and staff in the University Utara Malaysia (UUM). The quantitative research approach was used since the researcher aimed to explore the important of (KLM) technique to enhance the current online payment model, and increases the acceptance level of the system

OpenID with certificate-based user authentication on smartcard

Ankara : The Department of Computer Engineering and the Graduate School of Engineering and Science of Bilkent University, 2013.Thesis (Master's) -- Bilkent University, 2013.Includes bibliographical references leaves 52-57.From the point of its users, federated identity systems provide great convenience to log in to varied web sites without bothering of registration in advance. Looking from a vantage point, federated identity management gives the opportunity to users of one IT system to access data and sources of another IT system seamlessly and securely without handling a complete user administration. Single signon mechanisms manage user authentication process of these systems prompting log in once and assure access control across those multiple independent systems. OpenID is a widely used federated identity/single sign-on scheme generally implemented with username-password authentication. In this work, we augment the user authentication phase of OpenID with certi cate-based authentication using smartcard technology. Our solution provides a secure method to authenticate the user with user's digital certi cate written on the smartcard.Kişin, Bahar BernaM.S

Data Minimisation in Communication Protocols: A Formal Analysis Framework and Application to Identity Management

With the growing amount of personal information exchanged over the Internet, privacy is becoming more and more a concern for users. One of the key principles in protecting privacy is data minimisation. This principle requires that only the minimum amount of information necessary to accomplish a certain goal is collected and processed. "Privacy-enhancing" communication protocols have been proposed to guarantee data minimisation in a wide range of applications. However, currently there is no satisfactory way to assess and compare the privacy they offer in a precise way: existing analyses are either too informal and high-level, or specific for one particular system. In this work, we propose a general formal framework to analyse and compare communication protocols with respect to privacy by data minimisation. Privacy requirements are formalised independent of a particular protocol in terms of the knowledge of (coalitions of) actors in a three-layer model of personal information. These requirements are then verified automatically for particular protocols by computing this knowledge from a description of their communication. We validate our framework in an identity management (IdM) case study. As IdM systems are used more and more to satisfy the increasing need for reliable on-line identification and authentication, privacy is becoming an increasingly critical issue. We use our framework to analyse and compare four identity management systems. Finally, we discuss the completeness and (re)usability of the proposed framework

An Overview of Cryptography (Updated Version, 3 March 2016)

There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography...While cryptography is necessary for secure communications, it is not by itself sufficient. This paper describes the first of many steps necessary for better security in any number of situations. A much shorter, edited version of this paper appears in the 1999 edition of Handbook on Local Area Networks published by Auerbach in September 1998

Federated identity architecture of the european eID system

Federated identity management is a method that facilitates management of identity processes and policies among the collaborating entities without a centralized control. Nowadays, there are many federated identity solutions, however, most of them covers different aspects of the identification problem, solving in some cases specific problems. Thus, none of these initiatives has consolidated as a unique solution and surely it will remain like that in a near future. To assist users choosing a possible solution, we analyze different federated identify approaches, showing main features, and making a comparative study among them. The former problem is even worst when multiple organizations or countries already have legacy eID systems, as it is the case of Europe. In this paper, we also present the European eID solution, a purely federated identity system that aims to serve almost 500 million people and that could be extended in midterm also to eID companies. The system is now being deployed at the EU level and we present the basic architecture and evaluate its performance and scalability, showing that the solution is feasible from the point of view of performance while keeping security constrains in mind. The results show a good performance of the solution in local, organizational, and remote environments

Identidade digital federada globaliD

Mestrado em Engenharia de Computadores e TelemáticaO presente texto propõe uma solução para a gestão de identidade digital online tendo em conta a versatilidade, o anonimato, a privacidade, a veracidade, a credibilidade e a responsabilidade do utilizador, recorrendo para isso ao uso do Cartão de Cidadão Electrónico Nacional Português e a outros meios de autenticação públicos usados diariamente pelos utilizadores. A dissertação é composta pela apresentação do conceito de identidade e das suas particularidades, por uma análise aos vários problemas da gestão da informação pessoal online, uma análise aos vários modelos, mecanismos e especificações existentes para gerir a identidade digital online (gestão de identidade digital). Uma solução de gestão de identidade digital baseada no modelo de identidade federada e associada ao Cartão do Cidadão Electrónico Nacional Português é apresentada, descrita, analisada, avaliada e comparada com outras soluções existentes. Por fim um protótipo de um provedor de identidades digitais federadas baseado na solução de gestão de identidade digital proposta é apresentado.The following text provides a solution for the digital identity management on the Web regarding the users’ versatility, anonymity, privacy, veracity, trustworthiness and accountability by using the Portuguese National Electronic Citizen Identity Card and other publicly available authentication mechanisms users use daily. The dissertation consists of the presentation of the concept of identity and its particularities, an analysis to the several problems of managing personal information online, and an analysis to the several existing models, mechanisms and specifications for the management of the digital identity online (digital identity management). A solution for digital identity management based on the federated identity model and associated to the Portuguese National Electronic Citizen Identity Card is introduced, described, analyzed, evaluated and compared to other several existing solutions. Last, a prototype of a federated digital identity provider based on the purposed solution for digital identity management is presented

State of the art of electronic signatures

Die Sicherheit von elektronischer Kommunikation und von Transaktionen ist ein kritisches Thema heutzutage. Um Verträge online abzuschließen ist ein hoher Sicherheitsstandard notwendig und das Thema „Digitale Signatur" damit ein integrativer Bestandteil jeder digitalen Geschäftsdurchführung. In diesem Zusammenhang wurden 44 Länder untersucht, darunter alle 27 EU-Mitgliedsstaaten, 3 Bewerberländer und 14 weitere europäische Staaten und in einer strukturierten Zusammenschau in den Dimensionen rechtliche Rahmenbedingungen, technische Standards und Marktdurchdringung zusammengefasst. Um einen allgemeinen Eindruck über die aktuelle Situation in jedem Land zu gewinnen, wurde eine erste Internetrecherche gestartet, ein Fragenkatalog zusammengestellt und per e-Mail ausgesandt, sowie Kontakte mit verschiedenen Institutionen und Unternehmen aufgebaut. Die eingeholten Informationen wurden in der Studie zusammengefasst. Zum Zweck der Übersichtlichkeit wurde die Studie stark strukturiert und subjektive Interpretationen bewusst ausgelassen um die Fakten für sich sprechen zu lassen. Die Vollständigkeit der gesammelten Daten wird reflektiert in der Länderklassifikation. Um einen raschen Überblick zu erlangen wurde am Ende jeder Länderanalyse eine Tabelle erstellt, welche die Entwicklung des Landes in Bezug auf digitale Signaturstandards zusammenfasst, sowie eine Bewertung in Hinblick auf verfügbare Information und Entwicklungsstand enthält. Die aktuelle Studie demonstriert auf deutliche Art und Weise, dass es keine globale Implementierung von digitaler Signatur bis jetzt erreicht wurde, hauptsächlich durch eine technische Interoperabilität der Systeme, Prozesse und Konfigurationen, wobei die rechtlichen Rahmenbedingungen nicht das Hindernis sind. Es ist nicht schwer zu verstehen, dass eine grenzüberschreitende Adoption der digitalen Signatur nicht auf dies Art und Weise realisierbar ist.Today we live in an e-era, where the topic of Internet security and safety is inevitable. To realize a secure transaction and contract signing via Internet, it is necessary to give a great attention to the subject of digital signatures. In this context, 44 countries have been surveyed (27 EU member countries, 3 EU-member candidates, 14 other European countries) and a structured synopsis has been compiled in the dimensions legal framework, technical standards and market penetration. To obtain a general idea about the current state in the country, an Internet research was started. Furthermore, a list of questions was sent out via e-mail to different companies and agencies and a lot of contacts were established. The collected information was pulled together and compiled in the following study. For purpose of clarity, the study is structured in-depth and subjective interpretations are left out to let the facts speak for themselves. To gain a fast overview, tables sum up the countries development concerning electronic signature standards and rating them in regard of available information and development in different categories. The present study demonstrates quite clearly that no wide-area implementation of digital signatures has been achieved yet, mostly because of lacking technical interoperability of systems, processes and configurations, while the uniform legal framework is certainly not the barrier. It is not very hard to understand that the benefits of a broad adoption of digital signature in the European economic area cannot be realized this way