Abstract
The worldwide introduction of ePassports presents a unique opportunity for the online identity community to implement trustworthy identity providers. The ePassport provides citizens with a strong authentication token within a global Public Key Infrastructure backed by government administrations. This paper studies the possibilities for leveraging the ePassport for user-centric identity and reports on an experiment in which ePassports are combined with the user-centric identity management framework Information Card. Note that no changes to already deployed ePassports are needed for our solution to work.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Aussel, J.-D.: Smart Cards and Digital Identity. Teletronikk 3/4, 66–78 (2007) ISSN 0085-7130
Broekhaar, S., Verschuren, J.: How to Obtain CSCA Certificates – The CSCA Overview List, MRTD report, 2, ICAO, 32–35 (2007)
Bruegger, B.P., Hühnlein, D., Kreutzer, M.: Towards global eID-Interoperability. In: BIOSIG 2007. LNI, vol. 108, pp. 127–140 (2007)
Cameron, K.: The Laws of Identity – as of 5/12/2005, Microsoft Corporation (2005)
Hoepman, J.-H., Hubbers, E., Jacobs, B., Oostdijk, M., Schreur, R.W.: Crossing Borders: Security and Privacy Issues of the European e-Passport. In: Yoshiura, H., Sakurai, K., Rannenberg, K., Murayama, Y., Kawamura, S.-i. (eds.) IWSEC 2006. LNCS, vol. 4266, pp. 152–167. Springer, Heidelberg (2006)
ICAO: Machine Readable Travel Documents, ICAO Doc 9303, part 1: Specifications for Electronically Enabled Passports with Biometric Identification Capability, 6th edn., vol. 2 (2006)
ISO: Information technology — Security techniques — Digital signature schemes giving message recovery — Part 2: Integer factorization based mechanisms, ISO/IEC 9796-2, 2nd edn. (2002)
Juels, A., Molnar, D., Wagner, D.: Security and Privacy Issues in E-passports. In: Proc. SecureComm 2005, pp. 74–88. IEEE Computer Society, Los Alamitos (2005)
Lekkas, D., Gritzalis, D.: e-Passports as a means towards the first world-wide Public Key Infrastructure. In: López, J., Samarati, P., Ferrer, J.L. (eds.) EuroPKI 2007. LNCS, vol. 4582, pp. 34–48. Springer, Heidelberg (2007)
Liu, Y., Kasper, T., Lemke-Rust, K., Paar, C.: E-Passport - Cracking Basic Access Control Keys. In: Meersman, R., Tari, Z. (eds.) OTM 2007, Part II. LNCS, vol. 4804, pp. 1531–1547. Springer, Heidelberg (2007)
Nadalin, A.J.: Mobile Identity. In: The European e-Identity Conference, The Hague (2008), http://www.eema.org/downloads/annual08/nadalin2c.pdf
Nanda, A.: Identity Selector Interoperability Profile, V1.0, Microsoft Corporation (2007)
OpenID: OpenID Authentication 2.0 – Final (2007), http://openid.net/specs/openid-authentication-2_0.html
Ortiz-Yepes, D.A.: Enhancing Authentication in eBanking with NFC-Enabled Mobile Phones. ERCIM News 76, 63–64 (2009)
SAML, OASIS specification (2005), http://saml.xml.org/saml-specifications
Vaudenay, S., Monnerat, J., Vuagnoux, M.: About Machine-Readable Travel Documents. In: Proc. International Conference on RFID Security 2007, pp. 15–28 (2007)
Vaudenay, S.: E-Passport Threats. IEEE Security & Privacy, 72–75 (November/December 2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Oostdijk, M., van Dijk, DJ., Wegdam, M. (2009). User–Centric Identity Using ePassports. In: Chen, Y., Dimitriou, T.D., Zhou, J. (eds) Security and Privacy in Communication Networks. SecureComm 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 19. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-05284-2_17
Download citation
DOI: https://doi.org/10.1007/978-3-642-05284-2_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-05283-5
Online ISBN: 978-3-642-05284-2
eBook Packages: Computer ScienceComputer Science (R0)