Pieter Verhaeghe scite author profile

Lapon

Decker

et al. 2009

The Belgian Electronic Identity Card enables Belgian citizens to prove their identity digitally and to sign electronic documents. At the end of 2009, every Belgian citizen older than 12 years will have such an eID card. In the future, usage of the eID card may be mandatory. However, irresponsible use of the card may cause harm to individuals. Currently, there exist some privacy and security problems related to the use of the eID card. This paper focuses on solutions to tackle these problems. A new authentication protocol is introduced to substantially reduce the risk of abusing the single sign-on authentication and privacy friendly identity files are proposed to improve the citizen's privacy.

A Smart Card Based Solution for User-Centric Identity Management

Vossaert¹,

Decker

et al. 2011

Abstract. This paper presents a prototype of a previously proposed user-centric identity management system using trusted modules. The trusted module, implemented using a smart card, can retrieve user attributes from identity providers and offer them to service providers, after authentication. This paper allows an evaluation of the practical feasibility of the identity management architecture and provides insight in several design decisions made during the prototype implementation. Also, the cryptographic protocols implemented in the prototype are discussed.

A Privacy-Preserving Ticketing System

Verslype

Decker

Naessens

et al. 2008

Electronic identity (eID) cards are deployed in an increasing number of countries. These cards often provide digital authentication and digital signature capabilities, but have at the same time serious privacy shortcomings. We can expect that ordering and issuing tickets for events (e.g. soccer matches) will be increasingly done using eID cards, hence, severely threatening the user's privacy. This paper proposes two alternative ticketing systems that are using the eID card in a bootstrap procedure, but still are providing a high degree of privacy to the user.

A Mobile and Reliable Anonymous ePoll Infrastructure

Verslype

Lapon³

et al. 2010

Extending the Belgian eID Technology with Mobile Security Functionality

Lapon¹,

Verdegem²,

et al. 2009

The Belgian Electronic Identity Card was introduced in 2002. The card enables Belgian citizens to prove their identity digitally and to sign electronic documents. Today, only a limited number of citizens really use the card in electronic applications. A major reason is the lack of killer functionality and killer applications. This paper presents two reusable extensions to the Belgian eID technology that opens up new opportunities for application developers. First, a secure and ubiquitously accessible remote storage service is presented. Second, we show how the eID card can be used to issue new certificates. To demonstrate the applicability and feasibility of both extensions, they are combined in the development of a secure e-mail application. The proposed solution offers strong privacy, security and key management properties while increasing the accessibility of confidential e-mail compared to existing solutions (such as PGP and S/MIME).