TY - GEN
T1 - Towards a Personal Security Device
AU - Rath, Christof
AU - Niedermair, Thomas
AU - Zefferer, Thomas
PY - 2016
Y1 - 2016
N2 - In Europe, eID and e-signature solutions are basic building blocks of many transactional e-government services, especially in citizens-to-government communication. Many European countries issue smart cards to provide eID and e-signature functionality on a high assurance level. However, to access these tokens, security-critical code has to be executed on the client platform of the user. If the client platform is compromised, an attacker may gain access to credentials of the user and subsequently be able to issue electronic signatures or access protected resources. To address this problem, we present the concept of a personal security device. It is an isolated, low-cost, single-purpose device to execute security-critical code of eID and e-signature tasks. We developed a concrete implementation on a RaspberryPI and evaluated the solution via an external application. Our solution increases the security of eID and e-signature processes by mitigating the impact of a compromised client platform.
AB - In Europe, eID and e-signature solutions are basic building blocks of many transactional e-government services, especially in citizens-to-government communication. Many European countries issue smart cards to provide eID and e-signature functionality on a high assurance level. However, to access these tokens, security-critical code has to be executed on the client platform of the user. If the client platform is compromised, an attacker may gain access to credentials of the user and subsequently be able to issue electronic signatures or access protected resources. To address this problem, we present the concept of a personal security device. It is an isolated, low-cost, single-purpose device to execute security-critical code of eID and e-signature tasks. We developed a concrete implementation on a RaspberryPI and evaluated the solution via an external application. Our solution increases the security of eID and e-signature processes by mitigating the impact of a compromised client platform.
KW - Electronic Identity
KW - Electronic Signatures
KW - Signature creation application
KW - Trustworthy user device
UR - http://www.scopus.com/inward/record.url?scp=84989968332&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-46598-2_1
DO - 10.1007/978-3-319-46598-2_1
M3 - Conference paper
AN - SCOPUS:84989968332
SN - 9783319465975
VL - 9871 LNCS
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 1
EP - 16
BT - Security and Trust Management
PB - Springer
T2 - 12th International Workshop on Security and Trust Management, STM 2016
Y2 - 26 September 2016 through 27 September 2016
ER -