The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.01 - January/February (2012 vol.10)
pp: 46-54
Andreas Poller , Fraunhofer Institute for Secure Information Technology
Ulrich Waldmann , Fraunhofer Institute for Secure Information Technology
Sven Vowé , Fraunhofer Institute for Secure Information Technology
Sven Türpe , Fraunhofer Institute for Secure Information Technology
ABSTRACT
Electronic identity (eID) cards promise to supply a universal, nationwide user authentication mechanism. Most European countries have started deploying eID for government and private-sector applications. The German eID project serves as a showcase for eID from an application perspective. The new German ID card is contactless, aims to protect people's privacy to the greatest extent possible, and supports cryptographically strong mutual authentication between users and services. Privacy features include support for pseudonymous authentication and per-service controlled access to individual data items. The core technology seems ready for mass deployment, but application issues might hamper eID adoption for online applications.
INDEX TERMS
eID, user authentication, electronic identity card, identity management, smart card, privacy, Germany
CITATION
Andreas Poller, Ulrich Waldmann, Sven Vowé, Sven Türpe, "Electronic Identity Cards for User Authentication—Promise and Practice", IEEE Security & Privacy, vol.10, no. 1, pp. 46-54, January/February 2012, doi:10.1109/MSP.2011.148
REFERENCES
1. Architecture Electronic Identity Card and Electronic Resident Permit, ver. 1.13, tech. report TR-03127, German Federal Office for Information Security, Mar. 2011.
2. Advanced Security Mechanisms for Machine Readable Travel Documents—Extended Access Control (EAC), Password Authenticated Connection Establishment (PACE), and Restricted Identification (RI), ver. 2.05, tech. report TR-03110, German Federal Office for Information Security, Oct. 2010.
3. Application Interface for Smart Cards Used as Secure Signature Creation Devices, draft version, tech. report CEN prEN 14890, European Committee for Standardization, 2011.
4. S.A. Brands, Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy, MIT Press, 2000.
5. J. Camenisch and B. Pfitzmann, "Federated Identity Management," Security, Privacy, and Trust in Modern Data Management, M. Petkovic, and W. Jonker eds., Springer, 2007, pp. 213–238.
6. H. Plötz, "Technik des Neuen ePA," presentation at the 26th Chaos Communication Congress, Dec. 2009; http://events.ccc.de/congress/2009/Fahrplan/ events3510.en.html.
7. "Unisys Security Index—Germany," Unisys, Feb. 2011; www.unisyssecurityindex.com/usi/germanyreports .
8. G. Borges, "Rechtsfragen der Haftung im Zusammenhang mit dem elektronischen Identitätsnachweis," Ruhr-Universität Bochum, Nov. 2010; www.bmi.bund.de/SharedDocs/Downloads/DE/ Themen/Sicherheit/PaesseAusweisestudie2_npa.pdf?__blob=publicationFile .
9. , Handbook of eID Security, W. Fumy and M. Paeschke eds., Publicis, 2011.
10. Identification Card Systems—European Citizen Card (ECC),, draft version, tech. report CEN prTS 15480, European Committee for Standardization, 2011.
11. Machine Readable Travel Documents—Supplemental Access Control for Machine Readable Travel Documents, ver. 1.01, tech. report ISO/IEC JTC1 SC17 WG3/TF5, Int'l Civil Aviation Org., 11 Nov. 2010.
12. "National Strategies and Policies for Digital Identity Management in OECD Countries," Org. for Economic Co-operation and Development, Mar. 2011; www.oecd-ilibrary.org/content/workingpaper 5kgdzvn5rfs2-en.
13. "National Strategy for Trusted Identities in Cyberspace," the White House, Apr. 2011; www.whitehouse.gov/sites/default/files/rss_viewer NSTICstrategy_041511.pdf.
130 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool