Pseudonymous Mobile Identity Architecture Based on Government-Supported PKI

Hyppönen, Konstantin; Hassinen, Marko; Trichina, Elena

doi:10.1007/978-3-540-68979-9_8

Konstantin Hyppönen¹,
Marko Hassinen¹ &
Elena Trichina²

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4968))

Included in the following conference series:

International Conference on Trusted Computing

793 Accesses
9 Altmetric

Abstract

An electronic ID scheme must be usable in a wide range of circumstances, especially in ordinary situations, such as proving your right to a concession ticket on a bus. One of the problems to be addressed is privacy. Indeed, when documents are read by electronic means, a lot of information is not only revealed, but can be copied, stored and processed without our consent. Another issue is ubiquity, reliability and acceptance of the involved technology. In this paper we attempt to address these issues by combining an officially recognised national mobile e-ID infrastructure with identification procedures based on controlled identity revelation. We report a prototype implementation of an identity tool on a mobile phone with a PKI-SIM card.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 69.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Juels, A., Molnar, D., Wagner, D.: Security and privacy issues in e-passports. In: Security and Privacy for Emerging Areas in Communications Networks, 2005. SecureComm 2005. First International Conference, pp. 74–88 (2005)
Google Scholar
McEvoy, N.A.: e-ID as a public utility. Consult Hyperion, Guilford, UK (2007), http://www.chyp.com
CEN/ISSS Workshop eAuthentication: Towards an electronic ID for the European Citizen, a strategic vision. Brussels (2004) (accessed 10.10.2007), http://europa.eu.int/idabc/servlets/Doc?id=19132
The European Parliament and the Council of the European Union: Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. Official Journal L 013, pp. 0012–0020 (2000)
Google Scholar
Population Register Centre of Finland: What is the citizen certificate? Helsinki, Finland (2005) (accessed 10.10.2007), http://www.fineid.fi/vrk/fineid/home.nsf/en/products
ICAO: PKI for machine readable travel documents offering ICC read-only access, version 1.1. Technical Report (2004)
Google Scholar
Witteman, M.: Attacks on digital passports. Talk at the What The Hack conference (2005) (accessed 10.10.2007), http://wiki.whatthehack.org/images/2/28/WTH-slides-Attacks-on-Digital-Passports-Marc-Witteman.pdf
Hoepman, J.H., Hubbers, E., Jacobs, B., Oostdijk, M., Schreur, R.: Crossing borders: Security and privacy issues of the european e-passport. In: Yoshiura, H., Sakurai, K., Rannenberg, K., Murayama, Y., Kawamura, S. (eds.) IWSEC 2006. LNCS, vol. 4266, pp. 152–167. Springer, Heidelberg (2006)
Chapter Google Scholar
Roussos, G., Peterson, D., Patel, U.: Mobile identity management: An enacted view. International Journal of Electronic Commerce 8, 81–100 (2003)
Google Scholar
Roussos, G., Marsh, A., Maglavera, S.: Enabling pervasive computing with smart phones. IEEE Pervasive Computing 4, 20–27 (2005)
Article Google Scholar
The Royal Academy of Engineering: Dilemmas of privacy and surveillance: Challenges of technological change. The Royal Academy of Engineering, 29 Great Peter Street, London, SW1P 3LW (2007)
Google Scholar
ABI Research: Twenty percent of mobile handsets will include near field communication by 2012. London, UK (2007) (accessed 10.10.2007), http://www.abiresearch.com/abiprdisplay.jsp?pressid=838
Java Community Process: Contactless Communication API, JSR 257, v. 1.0. Nokia Corporation, Espoo, Finland (2006) (accessed 10.10.2007), http://www.jcp.org/en/jsr/detail?id=257 .
Java Community Process: Security and Trust Services API (SATSA) for Java^TM2 Platform, Micro Edition, v. 1.0. Sun Microsystems, Inc., Santa Clara, CA, USA (2004) (accessed 10.10.2007), http://www.jcp.org/en/jsr/detail?id=177
IBM Zurich Research Laboratory: JCOP Tools 3.0 (Eclipse plugin). technical brief, revision 1.0 (accessed 10.10.2007), ftp://ftp.software.ibm.com/software/pervasive/info/JCOPTools3Brief.pdf
Santesson, S., Polk, W., Barzin, P., Nystrom, M.: Internet X.509 public key infrastructure qualified certificates profile. Network Working Group, Request for Comments 3039 (2001) (accessed 10.10.2007)
Google Scholar

Download references

Author information

Authors and Affiliations

Department of Computer Science, University of Kuopio, POB 1627, FIN-70211, Kuopio, Finland
Konstantin Hyppönen & Marko Hassinen
Spansion International Inc., Willi-Brandt-Allee 4, 81829, Munich, Germany
Elena Trichina

Authors

Konstantin Hyppönen
View author publications
You can also search for this author in PubMed Google Scholar
Marko Hassinen
View author publications
You can also search for this author in PubMed Google Scholar
Elena Trichina
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Peter Lipp Ahmad-Reza Sadeghi Klaus-Michael Koch

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Hyppönen, K., Hassinen, M., Trichina, E. (2008). Pseudonymous Mobile Identity Architecture Based on Government-Supported PKI. In: Lipp, P., Sadeghi, AR., Koch, KM. (eds) Trusted Computing - Challenges and Applications. Trust 2008. Lecture Notes in Computer Science, vol 4968. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-68979-9_8

Download citation

DOI: https://doi.org/10.1007/978-3-540-68979-9_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-68978-2
Online ISBN: 978-3-540-68979-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics