ENHANCING CROSS-BORDER EID FEDERATIONS BY USING A MODULAR AND FLEXIBLE ATTRIBUTE MAPPING SERVICE TO MEET NATIONAL LEGAL AND TECHNICAL REQUIREMENTS

Thomas Lenz

Research output: Contribution to journalArticleResearchpeer-review

Abstract

Identity-management systems play a key role in various areas for applications and e-Government processes where access to sensitive data needs to be protected and regulated. To protect this sensitive date, the identity-management system provides all necessary functionality to service providers to manage digital identities and handle the identification and authentication process. This identification and authentication process meets legal and technical requirements, which are specified in many European countries. Due the mobility of citizens, cross-border interoperability of national electronic identity systems in the European eID landscape becomes more and more important. If cross-border interoperability comes into play, it becomes difficult to accomplish national legal and technical requirements for identification and authentication. To accomplish national legal and technical requirements, the identification and authentication information must be mapped into national eID characteristics. In this paper, we present a new modular and flexible architecture of an attribute mapping service, which establish an interoperation layer on cross-border identification and authentication attributes to meet national legal and technical requirements. The proposed architecture follows a plug-in based approach that eases the integration of new attributes, or national legal or technical requirements. We illustrate the practical applicability of the proposed architecture by implementing a foreign identity attribute mapping service for the Austrian eID infrastructure. This attribute mapping service meets all national legal and technical requirements of the Austrian eID infrastructure, which are necessary to use foreign identities in the national infrastructure.
Original languageEnglish
Pages (from-to)52
Number of pages68
JournalIADIS international journal on WWW/Internet
Volume13
Issue number2
Publication statusPublished - 18 Jan 2016

Fingerprint

Authentication
Interoperability

Keywords

  • identification
  • Authentication
  • cross-border Interoperability
  • Legal requirements
  • attribute mapping

Cite this

ENHANCING CROSS-BORDER EID FEDERATIONS BY USING A MODULAR AND FLEXIBLE ATTRIBUTE MAPPING SERVICE TO MEET NATIONAL LEGAL AND TECHNICAL REQUIREMENTS. / Lenz, Thomas.

In: IADIS international journal on WWW/Internet, Vol. 13, No. 2, 18.01.2016, p. 52.

Research output: Contribution to journalArticleResearchpeer-review

@article{44a89ceb192f427cb7082361dfd94472,
title = "ENHANCING CROSS-BORDER EID FEDERATIONS BY USING A MODULAR AND FLEXIBLE ATTRIBUTE MAPPING SERVICE TO MEET NATIONAL LEGAL AND TECHNICAL REQUIREMENTS",
abstract = "Identity-management systems play a key role in various areas for applications and e-Government processes where access to sensitive data needs to be protected and regulated. To protect this sensitive date, the identity-management system provides all necessary functionality to service providers to manage digital identities and handle the identification and authentication process. This identification and authentication process meets legal and technical requirements, which are specified in many European countries. Due the mobility of citizens, cross-border interoperability of national electronic identity systems in the European eID landscape becomes more and more important. If cross-border interoperability comes into play, it becomes difficult to accomplish national legal and technical requirements for identification and authentication. To accomplish national legal and technical requirements, the identification and authentication information must be mapped into national eID characteristics. In this paper, we present a new modular and flexible architecture of an attribute mapping service, which establish an interoperation layer on cross-border identification and authentication attributes to meet national legal and technical requirements. The proposed architecture follows a plug-in based approach that eases the integration of new attributes, or national legal or technical requirements. We illustrate the practical applicability of the proposed architecture by implementing a foreign identity attribute mapping service for the Austrian eID infrastructure. This attribute mapping service meets all national legal and technical requirements of the Austrian eID infrastructure, which are necessary to use foreign identities in the national infrastructure.",
keywords = "identification, Authentication, cross-border Interoperability, Legal requirements, attribute mapping",
author = "Thomas Lenz",
year = "2016",
month = "1",
day = "18",
language = "English",
volume = "13",
pages = "52",
journal = "IADIS international journal on WWW/Internet",
issn = "1645-7641",
number = "2",

}

TY - JOUR

T1 - ENHANCING CROSS-BORDER EID FEDERATIONS BY USING A MODULAR AND FLEXIBLE ATTRIBUTE MAPPING SERVICE TO MEET NATIONAL LEGAL AND TECHNICAL REQUIREMENTS

AU - Lenz, Thomas

PY - 2016/1/18

Y1 - 2016/1/18

N2 - Identity-management systems play a key role in various areas for applications and e-Government processes where access to sensitive data needs to be protected and regulated. To protect this sensitive date, the identity-management system provides all necessary functionality to service providers to manage digital identities and handle the identification and authentication process. This identification and authentication process meets legal and technical requirements, which are specified in many European countries. Due the mobility of citizens, cross-border interoperability of national electronic identity systems in the European eID landscape becomes more and more important. If cross-border interoperability comes into play, it becomes difficult to accomplish national legal and technical requirements for identification and authentication. To accomplish national legal and technical requirements, the identification and authentication information must be mapped into national eID characteristics. In this paper, we present a new modular and flexible architecture of an attribute mapping service, which establish an interoperation layer on cross-border identification and authentication attributes to meet national legal and technical requirements. The proposed architecture follows a plug-in based approach that eases the integration of new attributes, or national legal or technical requirements. We illustrate the practical applicability of the proposed architecture by implementing a foreign identity attribute mapping service for the Austrian eID infrastructure. This attribute mapping service meets all national legal and technical requirements of the Austrian eID infrastructure, which are necessary to use foreign identities in the national infrastructure.

AB - Identity-management systems play a key role in various areas for applications and e-Government processes where access to sensitive data needs to be protected and regulated. To protect this sensitive date, the identity-management system provides all necessary functionality to service providers to manage digital identities and handle the identification and authentication process. This identification and authentication process meets legal and technical requirements, which are specified in many European countries. Due the mobility of citizens, cross-border interoperability of national electronic identity systems in the European eID landscape becomes more and more important. If cross-border interoperability comes into play, it becomes difficult to accomplish national legal and technical requirements for identification and authentication. To accomplish national legal and technical requirements, the identification and authentication information must be mapped into national eID characteristics. In this paper, we present a new modular and flexible architecture of an attribute mapping service, which establish an interoperation layer on cross-border identification and authentication attributes to meet national legal and technical requirements. The proposed architecture follows a plug-in based approach that eases the integration of new attributes, or national legal or technical requirements. We illustrate the practical applicability of the proposed architecture by implementing a foreign identity attribute mapping service for the Austrian eID infrastructure. This attribute mapping service meets all national legal and technical requirements of the Austrian eID infrastructure, which are necessary to use foreign identities in the national infrastructure.

KW - identification

KW - Authentication

KW - cross-border Interoperability

KW - Legal requirements

KW - attribute mapping

M3 - Article

VL - 13

SP - 52

JO - IADIS international journal on WWW/Internet

JF - IADIS international journal on WWW/Internet

SN - 1645-7641

IS - 2

ER -