Best of two worlds: Secure cloud federations meet eIDAS

Zefferer, Thomas; Ziegler, Dominik; Reiter, Andreas

doi:10.23919/icitst.2017.8356430

Cited by 3 publications

(3 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Further papers concentrated on a single or few selected eID solutions in certain countries [34][35][36] or their application in specific use cases [37,38]. Deliverable 1.1 of the EU H2020 project mGov4EU [39] provides an overview of the current state of eIDs with a focus on mobile (cross-border) services.…”

Section: Overview Of Eid and Ssi Solutionsmentioning

confidence: 99%

eID and Self-Sovereign Identity Usage: An Overview

2021

View full text Add to dashboard Cite

The COVID-19 pandemic helped countries to increase the use of their mobile eID solutions. These are based on traditional identity management systems, which suffer from weaknesses, such as the reliance on a central entity to provide the identity data and the lack of control of the user over her or his data. The introduction of self-sovereign identity (SSI) for e-government systems can strengthen the privacy of the citizens while enabling identification also for the weakest. To successfully initiate SSI, different factors have to be taken into account. In order to have a clear understanding of the challenges, but also lessons learned, we provide an overview of existing solutions and projects and conducted an analysis of their experiences. Based on a taxonomy, we identified strong points, as well as encountered challenges. The contribution of this paper is threefold: First, we enhanced existing taxonomies based on the literature for further evaluations. Second, we analyzed eID solutions for lessons learned. Third, we evaluated more recently started SSI projects in different states of their lifecycle. This led to a comprehensive discussion of the lessons learned and challenges to address, as well as further findings.

show abstract

Section: Overview Of Eid and Ssi Solutionsmentioning

confidence: 99%

eID and Self-Sovereign Identity Usage: An Overview

2021

View full text Add to dashboard Cite

show abstract

“…Regarding the connection of service providers to the eIDAS nodes, each Member State has to decide the protocol to be used as the connector module is specific of each implementation. As explained by authors of [16] and [17], SAML 2.0 is the most extended protocol among Member States. However, as they also explain, this standard presents several limitations and hinders the integration of service providers.…”

Section: Related Workmentioning

confidence: 99%

An Identity Framework for Providing Access to FIWARE OAuth 2.0-Based Services According to the eIDAS European Regulation

Alonso¹,

García-Pozo²,

Choque³

et al. 2019

IEEE Access

View full text Add to dashboard Cite

Secure electronic identification (eID) is one of the key enablers of data protection, privacy, and the prevention of online fraud. However, until now, the lack of common legal basis prevented European Member States from recognizing and accepting eIDs issued in the other Member States. The electronic identification and trust services (eIDAS) regulation provides a solution to these issues by ensuring the cross-border mutual recognition of eIDs. FIWARE is a European initiative that provides a rather simple yet powerful set of application programming interfaces (APIs) that ease the development of smart applications in multiple vertical sectors and oriented to the future internet. In this paper, we propose a model that enables the connection of FIWARE OAuth 2.0-based services with the eID authentication provided by eIDAS reference. Thanks to this model, services already connected with an OAuth 2.0 identity provider can be automatically connected with eIDAS nodes for providing eID authentication to European citizens. For validating the proposed model, we have deployed an instance of the FIWARE identity manager connected to the Spanish eIDAS node. Then, we have registered two services, a private videoconferencing system, and a public smart city deployment, and extended their functionalities for enriching the user experience leveraging the eID authentication. We have evaluated the integration of both services in the eIDAS network with real users from seven different countries. We conclude that the proposed model facilitates the integration of generic and FIWARE-based OAuth 2.0 services to the eIDAS infrastructure, making the connection transparent for developers. INDEX TERMS Access Control, eIDAS, electronic identification, identity, FIWARE.

show abstract

“…Additionally, there exists no trust assurance for IdPs, solely for SPs. The same drawback with NIST LoA has the approach of Zefferer et al[86], which links identities to eIDs. Even though the federations have a strong legal foundation as eIDs are used, it is highly customized for this one use case [REQ3].…”

mentioning

confidence: 99%

An overview of limitations and approaches in identity management

Pöhn

Hommel

2020

Proceedings of the 15th International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

Identity and access management (I&AM) is the umbrella term for managing users and their permissions. It is required for users to access different services. These services can either be provided from their home organization, like a company or university, or from external service providers, e. g., cooperation partners. I&AM provides the management of identifiers with the attributes, credentials, roles, and permissions the user has. Today, the requirements have evolved from simply accessing individual web services in the internet or at a company to the majority of all IT services from different service providers with various accounts. Several identity management models have been created with different approaches within.In order to adjust to heterogeneous environments, use cases, and the evolution of identity management, this paper extends known requirements for identity management. Existing models and approaches for identity management are mapped to the derived requirements. Based on the mapping, advantages, disadvantages, and gaps are identified. Current approaches suffer, as an example, from trustworthiness and liability issues. Interoperability issues are even more inherent as the approaches partly develop apart, forming an heterogeneous environment. The results from this analysis emphasize the need for one holistic identity management framework.

show abstract

Best of two worlds: Secure cloud federations meet eIDAS

Cited by 3 publications

References 7 publications

eID and Self-Sovereign Identity Usage: An Overview

eID and Self-Sovereign Identity Usage: An Overview

An Identity Framework for Providing Access to FIWARE OAuth 2.0-Based Services According to the eIDAS European Regulation

An overview of limitations and approaches in identity management

Contact Info

Product

Resources

About