Skip to main content

Approach of a Signature Based Single Sign on Proxy Solution

  • Conference paper
  • First Online:
Software Quality. The Future of Systems- and Software Development (SWQD 2016)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 238))

Included in the following conference series:

  • 1061 Accesses

Abstract

Many e-government applications need certificates, which are stored in the client’s browser certificate store to gain access into a service. The problems of such an authentication methodology at first are, a client has to store all certificates on every device, with whom access will be gained into e-government services and secondly, if the client lost such a device (e.g. notebook etc.) than all involved certificates have to be exchanged, otherwise it exist the danger to be compromised. To phase such a problem and to provide a secure single sign on solution, we implemented a secure proxy solution with integrated encrypted certificate storage, where citizens can store all their certificates to use e-government services. Our solution – we call “proxy authenticator” – enabled us to omit any alteration of existing protocol structure or amending of software architecture for all Austrian e-government applications. This saved time, effort, and costs, by connecting the existing e-delivery services in Austria into the myHelp portal through the proxy authenticator.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    http://www.myhelp.gv.at/.

  2. 2.

    https://www.usp.gv.at/.

  3. 3.

    https://www.digitales.oesterreich.gv.at/site/6568/default.aspx 28.08.2015.

  4. 4.

    https://www.brz-zustelldienst.at/.

  5. 5.

    https://www.meinbrief.at/.

  6. 6.

    https://www.postserver.at/.

  7. 7.

    The proxy authenticator authenticates the on myHelp authenticated citizen to the e-delivery service.

References

  1. STORK: Secure electronic identity across Europe. https://www.eid-stork.eu/pilots/index.htm, 24 March 2013

  2. Austrian Government (no Date): Bundesgesetz über die Zustellung behördlicher Dokumente (Zustellgesetz - ZustG) StF: BGBl. Nr. 200/1982 (NR: GP XV RV 162 AB 1050 S. 110. BR: S. 421.) Sect. 35 Ab. 1 bis Abs. 9

    Google Scholar 

  3. E-Government Innovationszentrum: Two Factor Authentication (2012). http://demo.egiz.gv.at/plain/projekte/signatur_im_e_government/webservice_schnittstelle_fuer_das_signaturpruefservice

  4. E-Government Innovationszentrum: MOA-Modules for signature check-up (2013). http://demo.egiz.gv.at/plain/projekte/signatur_im_e_government

  5. E-Government Innovationszentrum: MOAModules, Pre-Screencast-Dokumentation (2013). http://screencasts.exthex.com/exthex-EGIZ-Screencast-Indroduction.pdf

  6. OASIS: Assertions and Protocols for the OASIS Security Assertion Mark-up Language (SAML) V2.0, OASIS Standard (2005)

    Google Scholar 

  7. Pashalidis, A., Mitchell, C.J.: A taxonomy of single sign-on systems. In: Safavi-Naini, R., Seberry, J. (eds.) Information Security and Privacy. LNCS, vol. 2727, pp. 249–264. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  8. Hollosi, A., et al.: Einführung in die österreichische Bürgerkarte (2004). http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/introduction/introduction.html

  9. Dyrda, M., et al.: Providing security for MOCCA component environment. In: IPDPS, International Symposium IEEE (2009)

    Google Scholar 

  10. Leonetti, S.J.: Government Electronic Service Delivery (ESD) and privacy in Ontario. In: Fifth International Conference on Digital Information Management, ICDIM 2010 (2010)

    Google Scholar 

  11. Gilliam, D.P., et al.: Software security checklist for the software life cycle. In: Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2003) (2003)

    Google Scholar 

  12. Ki, H., et al.: Study on developing a security violation response checklist for the improvement of internet security management systems. In: International Conference on Multimedia and Ubiquitous Engineering (MUE 2007) (2007)

    Google Scholar 

  13. Die Presse: Die meisten Handyverträge gibt es mit 120 Verträgen je 100 Einwohner in Luxemburg. Österreich liegt leicht über dem EU-Schnitt, 07 February 2005

    Google Scholar 

  14. Datenschutzgesetzes: Sect. 12 Abs. 2 des Datenschutzgesetzes 2000 (DSG 2000), BGBl. I Nr. 165/1999

    Google Scholar 

  15. Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. http://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX:31999L0093

  16. Timmermans, J., et al.: Competitiveness and Innovation Framework Programme, ICT Policy Support Programme (ICT PSP) – STORK - D2.3 - Quality Authenticator Scheme (2009). https://www.eid-stork.eu/

  17. Peng, Y.: The application of PKCS#12 digital certificate in user identity authentication system. In: IEEE World Congress on Software Engineering, WCSE 2009 (2009)

    Google Scholar 

  18. Williams, C.K.: Configuring enterprise public key infrastructures to permit integrated deployment of signature, encryption and access control systems. In: IEEE Military Communications Conference, MILCOM 2005 (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Klaus John .

Editor information

Editors and Affiliations

Appendix

Appendix

Appendix A: Sequence Diagram of Certificate Upload.

Fig. 4.
figure 4

Sequence diagram of certificate upload

Appendix B: Sequence Diagram of e-delivery Message Retrieval (Fig. 5).

Fig. 5.
figure 5

Sequence diagram of e-delivery message retrieval

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

John, K., Taber, S. (2016). Approach of a Signature Based Single Sign on Proxy Solution. In: Winkler, D., Biffl, S., Bergsmann, J. (eds) Software Quality. The Future of Systems- and Software Development. SWQD 2016. Lecture Notes in Business Information Processing, vol 238. Springer, Cham. https://doi.org/10.1007/978-3-319-27033-3_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-27033-3_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-27032-6

  • Online ISBN: 978-3-319-27033-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics