Skip to main content
SpringerLink
Log in

Enhancing the Modularity and Flexibility of Identity Management Architectures for National and Cross-Border eID Applications

  • Conference paper
Web Information Systems and Technologies (WEBIST 2015)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 246))

  • 450 Accesses

Abstract

Identity-management systems play a key role in various areas of applications and e-Government processes where access to sensitive data needs to be protected. To protect this sensitive data, the identity-management system provides all necessary functionality to service providers to manage digital identities and to handle the identification and authentication process. Identity management per se is no new topic and hence several identity-management systems have evolved over time, which are deployed in almost all European countries. However, identity management is constantly evolving in terms of new technical or legal requirements, higher secure protocols, new identification and authentication mechanism, or new fields of applications. In particular, the need for exchanging or federating identities across domains or even borders requires new interoperable solutions and flexible identity management architectures. In this paper we present a flexible and modular identity management architecture which focuses on federation and interoperability capabilities based on plug-able components. Due to that, new arising requirements can be easily fulfilled by implementing appropriate plug-ins. Hence, our proposed architecture is especially applicable for high qualified identification systems such as national eIDs for e-Government applications and their federation across borders. We further illustrate the applicability of our architecture by implementing it to be used as an identity provider for Austrian eGovernment applications, on the one side being applicable for national authentications and, on the other side, in a cross-border context.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 34.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 44.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.eid-stork.eu/.

  2. 2.

    https://www.eid-stork2.eu/.

  3. 3.

    http://shibboleth.net/.

  4. 4.

    http://kantarainitiative.org/.

  5. 5.

    http://openid.net/.

  6. 6.

    In Austria, SAML 1.0 is widely used as legacy protocol by existing service providers.

References

  1. European Union: Regulation (eu) no 910/2014 of the European parliament and of the council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing directive 1999/93/ec. European Union (2014)

    Google Scholar 

  2. European Union: Ministerial declaration, Manchester, United Kingdom, on 24 November 2005. European Union (2005)

    Google Scholar 

  3. European Union: Directive 2006/123/ec of the European parliament and of the council of 12 December 2006 on services in the internal market. European Union (2006)

    Google Scholar 

  4. Bauer, M., Meints, M., Hansen, M.: D3.1: Structured overview on prototypes and concepts of identity management systems (2005)

    Google Scholar 

  5. Kölsch, T., Zibuschka, J., Rannenberg, K.: Privacy and identity management requirements: an application prototype perspective. In: Camenisch, J., Leenes, R., Sommer, D. (eds.) Digital Privacy. Lecture Notes in Computer Science, vol. 6545, pp. 735–749. Springer, Berlin Heidelberg (2011)

    Chapter  Google Scholar 

  6. Ferdous, M.S., Poet, R.: A comparative analysis of identity management systems. In: Smari, W.W., Zeljkovic, V. (eds.) HPCS, pp. 454–461. IEEE (2012)

    Google Scholar 

  7. Neuman, C., Yu, T., Hartman, S., Raeburn, K.: The Kerberos Network Authentication Service (V5) (2005)

    Google Scholar 

  8. Lockhart, H., Campbell, B.: Security Assertion Markup Language (SAML) V2.0 Technical Overview. Technical report (2008)

    Google Scholar 

  9. Kaler, C., McIntosh, M.: Web Services Federation Language (WS-Federation) Version 1.2 (2009)

    Google Scholar 

  10. Nadalin, A., Kaler, C., Monzillo, R., Hallam-Baker, P.: Web Services Security: SOAP Message Security 1.1. Technical report (2006)

    Google Scholar 

  11. Sakimura, N., Bradley, J., Jones, M., de Medeiros, B., Mortimore, C.: OpenID Connect Core 1.0 (2014)

    Google Scholar 

  12. Maler, E., Mishra, P., Philpott, R.: Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V1.1. Technical report (2003)

    Google Scholar 

  13. Rainer, H., Pfläging, P., Zwattendorfer, B., Pichler, P.: Portalverbundprotokoll Version 2 S-Profil (2014)

    Google Scholar 

  14. Leitold, H., Hollosi, A., Posch, R.: Security architecture of the Austrian citizen card concept. In: Proceedings of the 18th Annual Computer Security Applications Conference, pp. 391–400 (2002)

    Google Scholar 

  15. Orthacker, C., Zefferer, T.: Accessibility challenges in e-government: an Austrian experience. In: Cunningham, S., Grout, V., Houlden, N., Oram, D., Picking, R., (eds.) Proceedings of the Forth International Conference on Internet Technologies and Applications (ITA 2011), pp. 221–228 (2011)

    Google Scholar 

  16. Rössler, T., Hollosi, A., Liehmann, M., Schamberger, R.: Elektronische Vollmachten Spezifikation 1.0.0 (2006)

    Google Scholar 

  17. Hughes, J., Cantor, S., Hodges, J., Hirsch, F., Mishra, P., Philpott, R., Maler, E.: Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0. Technical report (2005)

    Google Scholar 

  18. Cantor, S., Moreh, J., Philpott, R., Maler, E.: Metadata for the OASIS Security Assertion Markup Language (SAML) V2.0. Technical report (2005)

    Google Scholar 

  19. Cantor, S., Hirsch, F., Kemp, J., Philpott, R., Maler, E.: Binding for the OASIS Security Assertion Markup Language (SAML) V2.0. Technical report (2005)

    Google Scholar 

  20. Leitold, H., Lioy, A., Ribeiro, C.: Stork 2.0: Breaking new grounds on eid and mandates. In: GmbH, M.M.F. (ed.) Proceedings of ID World International Congress, pp. 1–8 (2014)

    Google Scholar 

  21. Zwattendorfer, B., Sumelong, I., Leitold, H.: Middleware architecture for cross-border identification and authentication. J. Inf. Assur. Secur. 8, 107–118 (2013)

    Google Scholar 

  22. Ivkovic, M., Stranacher, K.: Foreign identities in the Austrian e-government. In: de Leeuw, E., Fischer-Hübner, S., Fritsch, L. (eds.) IDMAN 2010. IFIP AICT, vol. 343, pp. 31–40. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  23. Lenz, T.: A modular and flexible attribute mapping service to meet national requirements in cross-border eid federations. In: 13th International Conference on e-Society 2015, pp. 207–214 (2015)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. e-Government Innovation Center, Inffeldgasse 16a, Graz, Austria

    Thomas Lenz & Bernd Zwattendorfer

Authors
  1. Thomas Lenz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bernd Zwattendorfer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Thomas Lenz .

Editor information

Editors and Affiliations

  1. University of Paris, Paris, France

    Valérie Monfort

  2. RWTH Aachen University, Aachen, Germany

    Karl-Heinz Krempels

  3. Department of Information Systems, University of Agder, Kristiansand, Vest-Agder Fylke, Norway

    Tim A. Majchrzak

  4. Faculty of Civil and Geodetic Engineering, University of Ljubljana, Ljubljana, Slovenia

    Žiga Turk

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Lenz, T., Zwattendorfer, B. (2016). Enhancing the Modularity and Flexibility of Identity Management Architectures for National and Cross-Border eID Applications. In: Monfort, V., Krempels, KH., Majchrzak, T.A., Turk, Ž. (eds) Web Information Systems and Technologies. WEBIST 2015. Lecture Notes in Business Information Processing, vol 246. Springer, Cham. https://doi.org/10.1007/978-3-319-30996-5_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-30996-5_7

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-30995-8

  • Online ISBN: 978-3-319-30996-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation