Abstract
Many e-government applications need certificates, which are stored in the client’s browser certificate store to gain access into a service. The problems of such an authentication methodology at first are, a client has to store all certificates on every device, with whom access will be gained into e-government services and secondly, if the client lost such a device (e.g. notebook etc.) than all involved certificates have to be exchanged, otherwise it exist the danger to be compromised. To phase such a problem and to provide a secure single sign on solution, we implemented a secure proxy solution with integrated encrypted certificate storage, where citizens can store all their certificates to use e-government services. Our solution – we call “proxy authenticator” – enabled us to omit any alteration of existing protocol structure or amending of software architecture for all Austrian e-government applications. This saved time, effort, and costs, by connecting the existing e-delivery services in Austria into the myHelp portal through the proxy authenticator.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
The proxy authenticator authenticates the on myHelp authenticated citizen to the e-delivery service.
References
STORK: Secure electronic identity across Europe. https://www.eid-stork.eu/pilots/index.htm, 24 March 2013
Austrian Government (no Date): Bundesgesetz über die Zustellung behördlicher Dokumente (Zustellgesetz - ZustG) StF: BGBl. Nr. 200/1982 (NR: GP XV RV 162 AB 1050 S. 110. BR: S. 421.) Sect. 35 Ab. 1 bis Abs. 9
E-Government Innovationszentrum: Two Factor Authentication (2012). http://demo.egiz.gv.at/plain/projekte/signatur_im_e_government/webservice_schnittstelle_fuer_das_signaturpruefservice
E-Government Innovationszentrum: MOA-Modules for signature check-up (2013). http://demo.egiz.gv.at/plain/projekte/signatur_im_e_government
E-Government Innovationszentrum: MOAModules, Pre-Screencast-Dokumentation (2013). http://screencasts.exthex.com/exthex-EGIZ-Screencast-Indroduction.pdf
OASIS: Assertions and Protocols for the OASIS Security Assertion Mark-up Language (SAML) V2.0, OASIS Standard (2005)
Pashalidis, A., Mitchell, C.J.: A taxonomy of single sign-on systems. In: Safavi-Naini, R., Seberry, J. (eds.) Information Security and Privacy. LNCS, vol. 2727, pp. 249–264. Springer, Heidelberg (2003)
Hollosi, A., et al.: Einführung in die österreichische Bürgerkarte (2004). http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/introduction/introduction.html
Dyrda, M., et al.: Providing security for MOCCA component environment. In: IPDPS, International Symposium IEEE (2009)
Leonetti, S.J.: Government Electronic Service Delivery (ESD) and privacy in Ontario. In: Fifth International Conference on Digital Information Management, ICDIM 2010 (2010)
Gilliam, D.P., et al.: Software security checklist for the software life cycle. In: Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2003) (2003)
Ki, H., et al.: Study on developing a security violation response checklist for the improvement of internet security management systems. In: International Conference on Multimedia and Ubiquitous Engineering (MUE 2007) (2007)
Die Presse: Die meisten Handyverträge gibt es mit 120 Verträgen je 100 Einwohner in Luxemburg. Österreich liegt leicht über dem EU-Schnitt, 07 February 2005
Datenschutzgesetzes: Sect. 12 Abs. 2 des Datenschutzgesetzes 2000 (DSG 2000), BGBl. I Nr. 165/1999
Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. http://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX:31999L0093
Timmermans, J., et al.: Competitiveness and Innovation Framework Programme, ICT Policy Support Programme (ICT PSP) – STORK - D2.3 - Quality Authenticator Scheme (2009). https://www.eid-stork.eu/
Peng, Y.: The application of PKCS#12 digital certificate in user identity authentication system. In: IEEE World Congress on Software Engineering, WCSE 2009 (2009)
Williams, C.K.: Configuring enterprise public key infrastructures to permit integrated deployment of signature, encryption and access control systems. In: IEEE Military Communications Conference, MILCOM 2005 (2005)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix
Appendix
Appendix A: Sequence Diagram of Certificate Upload.
Appendix B: Sequence Diagram of e-delivery Message Retrieval (Fig. 5).
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
John, K., Taber, S. (2016). Approach of a Signature Based Single Sign on Proxy Solution. In: Winkler, D., Biffl, S., Bergsmann, J. (eds) Software Quality. The Future of Systems- and Software Development. SWQD 2016. Lecture Notes in Business Information Processing, vol 238. Springer, Cham. https://doi.org/10.1007/978-3-319-27033-3_15
Download citation
DOI: https://doi.org/10.1007/978-3-319-27033-3_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-27032-6
Online ISBN: 978-3-319-27033-3
eBook Packages: Computer ScienceComputer Science (R0)