Enhancing the Modularity and Flexibility of Identity Management Architectures for National and Cross-border eID Applications

Thomas Lenz, Bernd Zwattendorfer

Research output: Chapter in Book/Report/Conference proceedingChapterResearch

Abstract

Identity-management systems play a key role in various
areas of applications and e-Government processes where access to sensitive
data needs to be protected. To protect this sensitive data, the
identity-management system provides all necessary functionality to service
providers to manage digital identities and to handle the identification
and authentication process. Identity management per se is no
new topic and hence several identity-management systems have evolved
over time, which are deployed in almost all European countries. However,
identity management is constantly evolving in terms of new technical
or legal requirements, higher secure protocols, new identification
and authentication mechanism, or new fields of applications. In particular,
the need for exchanging or federating identities across domains or
even borders requires new interoperable solutions and flexible identity
management architectures. In this paper we present a flexible and modular
identity management architecture which focuses on federation and
interoperability capabilities based on plug-able components. Due to that,
new arising requirements can be easily fulfilled by implementing appropriate
plug-ins. Hence, our proposed architecture is especially applicable
for high qualified identification systems such as national eIDs for
e-Government applications and their federation across borders. We further
illustrate the applicability of our architecture by implementing it to
be used as an identity provider for Austrian eGovernment applications,
on the one side being applicable for national authentications and, on the
other side, in a cross-border context.
LanguageEnglish
Title of host publicationLecture Notes in Business Information Processing
PublisherSpringer
Pages123-143
Volume246
ISBN (Electronic)978-3-319-30996-5
ISBN (Print)978-3-319-30995-8
StatusPublished - Apr 2016

Fingerprint

Authentication
Information management
Identification (control systems)

Keywords

  • Identification
  • Authentication
  • Identity Provider,
  • Federation

ASJC Scopus subject areas

  • Information Systems

Fields of Expertise

  • Information, Communication & Computing

Cite this

Lenz, T., & Zwattendorfer, B. (2016). Enhancing the Modularity and Flexibility of Identity Management Architectures for National and Cross-border eID Applications. In Lecture Notes in Business Information Processing (Vol. 246, pp. 123-143). Springer.

Enhancing the Modularity and Flexibility of Identity Management Architectures for National and Cross-border eID Applications. / Lenz, Thomas; Zwattendorfer, Bernd.

Lecture Notes in Business Information Processing. Vol. 246 Springer, 2016. p. 123-143.

Research output: Chapter in Book/Report/Conference proceedingChapterResearch

Lenz, T & Zwattendorfer, B 2016, Enhancing the Modularity and Flexibility of Identity Management Architectures for National and Cross-border eID Applications. in Lecture Notes in Business Information Processing. vol. 246, Springer, pp. 123-143.
Lenz T, Zwattendorfer B. Enhancing the Modularity and Flexibility of Identity Management Architectures for National and Cross-border eID Applications. In Lecture Notes in Business Information Processing. Vol. 246. Springer. 2016. p. 123-143
Lenz, Thomas ; Zwattendorfer, Bernd. / Enhancing the Modularity and Flexibility of Identity Management Architectures for National and Cross-border eID Applications. Lecture Notes in Business Information Processing. Vol. 246 Springer, 2016. pp. 123-143
@inbook{4993639abd1a4de9b2c795c58f2ea664,
title = "Enhancing the Modularity and Flexibility of Identity Management Architectures for National and Cross-border eID Applications",
abstract = "Identity-management systems play a key role in variousareas of applications and e-Government processes where access to sensitivedata needs to be protected. To protect this sensitive data, theidentity-management system provides all necessary functionality to serviceproviders to manage digital identities and to handle the identificationand authentication process. Identity management per se is nonew topic and hence several identity-management systems have evolvedover time, which are deployed in almost all European countries. However,identity management is constantly evolving in terms of new technicalor legal requirements, higher secure protocols, new identificationand authentication mechanism, or new fields of applications. In particular,the need for exchanging or federating identities across domains oreven borders requires new interoperable solutions and flexible identitymanagement architectures. In this paper we present a flexible and modularidentity management architecture which focuses on federation andinteroperability capabilities based on plug-able components. Due to that,new arising requirements can be easily fulfilled by implementing appropriateplug-ins. Hence, our proposed architecture is especially applicablefor high qualified identification systems such as national eIDs fore-Government applications and their federation across borders. We furtherillustrate the applicability of our architecture by implementing it tobe used as an identity provider for Austrian eGovernment applications,on the one side being applicable for national authentications and, on theother side, in a cross-border context.",
keywords = "Identification, Authentication, Identity Provider,, Federation",
author = "Thomas Lenz and Bernd Zwattendorfer",
year = "2016",
month = "4",
language = "English",
isbn = "978-3-319-30995-8",
volume = "246",
pages = "123--143",
booktitle = "Lecture Notes in Business Information Processing",
publisher = "Springer",

}

TY - CHAP

T1 - Enhancing the Modularity and Flexibility of Identity Management Architectures for National and Cross-border eID Applications

AU - Lenz, Thomas

AU - Zwattendorfer, Bernd

PY - 2016/4

Y1 - 2016/4

N2 - Identity-management systems play a key role in variousareas of applications and e-Government processes where access to sensitivedata needs to be protected. To protect this sensitive data, theidentity-management system provides all necessary functionality to serviceproviders to manage digital identities and to handle the identificationand authentication process. Identity management per se is nonew topic and hence several identity-management systems have evolvedover time, which are deployed in almost all European countries. However,identity management is constantly evolving in terms of new technicalor legal requirements, higher secure protocols, new identificationand authentication mechanism, or new fields of applications. In particular,the need for exchanging or federating identities across domains oreven borders requires new interoperable solutions and flexible identitymanagement architectures. In this paper we present a flexible and modularidentity management architecture which focuses on federation andinteroperability capabilities based on plug-able components. Due to that,new arising requirements can be easily fulfilled by implementing appropriateplug-ins. Hence, our proposed architecture is especially applicablefor high qualified identification systems such as national eIDs fore-Government applications and their federation across borders. We furtherillustrate the applicability of our architecture by implementing it tobe used as an identity provider for Austrian eGovernment applications,on the one side being applicable for national authentications and, on theother side, in a cross-border context.

AB - Identity-management systems play a key role in variousareas of applications and e-Government processes where access to sensitivedata needs to be protected. To protect this sensitive data, theidentity-management system provides all necessary functionality to serviceproviders to manage digital identities and to handle the identificationand authentication process. Identity management per se is nonew topic and hence several identity-management systems have evolvedover time, which are deployed in almost all European countries. However,identity management is constantly evolving in terms of new technicalor legal requirements, higher secure protocols, new identificationand authentication mechanism, or new fields of applications. In particular,the need for exchanging or federating identities across domains oreven borders requires new interoperable solutions and flexible identitymanagement architectures. In this paper we present a flexible and modularidentity management architecture which focuses on federation andinteroperability capabilities based on plug-able components. Due to that,new arising requirements can be easily fulfilled by implementing appropriateplug-ins. Hence, our proposed architecture is especially applicablefor high qualified identification systems such as national eIDs fore-Government applications and their federation across borders. We furtherillustrate the applicability of our architecture by implementing it tobe used as an identity provider for Austrian eGovernment applications,on the one side being applicable for national authentications and, on theother side, in a cross-border context.

KW - Identification

KW - Authentication

KW - Identity Provider,

KW - Federation

M3 - Chapter

SN - 978-3-319-30995-8

VL - 246

SP - 123

EP - 143

BT - Lecture Notes in Business Information Processing

PB - Springer

ER -