Abstract
Cloud computing promises to provide great advantages and many analysts expect a significant growth of the cloud services market. In a similar manner the forthcoming European regulation on electronic identification and trusted services for electronic transactions in the internal market [eIDAS-EP] is expected to ease electronic identification, authentication and signatures (eIDAS) in Europe. The present contribution discusses whether and how the two approaches can be combined in order to provide services for electronic identification and authentication of entities, the creation, verification, validation and preservation of electronic signatures and the registered delivery of documents in an efficient manner using cloud computing techniques.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
[1999/93/EC] Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures, http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:31999L0093
[2014/148/EU] Commission Implementing Decision of 17 March 2014 amending Decision 2011/130/EU establishing minimum requirements for the cross-border processing of documents signed electronically by competent authorities under Directive 2006/123/EC of the European Parliament and of the Council on services in the internal market, notified under document C(2014) 1640, Text with EEA relevance, http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX-:32014D0148
[BSI TR-03125] Federal Office for Information Security: Preservation of Evidence of Cryptographically Signed Documents, BSI TR-03125, https://www.bsi.bund.de/EN/Publications/TechnicalGuidelines/TR03125/BSITR03125.html
[BYV+09] R. Buyya, C. S. Yeo, S. Venugopal, J. Broberg & I. Brandic: Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility, Future Generation computer systems, 25(6), 599-616, 2009, https://svn.inf.ufsc.br/luis.custodio/TCC-Dantas/Artigos/Bom/10.1.1.144.8937.pdf
[CEN15480-3] Comité européen de normalisation (CEN): Identification card systems — European Citizen Card — Part 3: Interoperability using an application interface, CEN/TS 15480-3, 2014
[COM(2012)238] European Commission: Proposal for a regulation of the European Pariament and of the Council on electronic identification and trust services for electronic transactions in the internal market, 2012, http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2012:0238:FIN:EN:PDF
[eIDAS-PR] European Commission: Draft Regulation “on electronic identification and trusted services for electronic transactions in the internal market”, Press Release 20.09.2012, http://ec.europa.eu/digital-agenda/en/news/draft-regulation-electronic-identification-and-trusted-services-electronic-transactions-0
[eIDAS-EP] European Parliament: Electronic identification and trust services for electronic transactions in the internal market, as adopted by the European Parliament on 3rd of April 2014, http://www.europarl.europa.eu/sides/getDoc.do?type=TA&language=EN&reference=P7-TA-2014-0282 [ETSI102640] ETSI TS 102 640: Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM), Part 1-6
[HPS+12] D. Hühnlein, P. Petrautzki, J. Schmölz, T. Wich, M. Horsch, T. Wieland, J. Eichholz, A. Wiesmaier, J. Braun, F. Feldmann, S. Potzernheim, J. Schwenk, C. Kahlo, A. Kühne, H. Veit: On the design and implementation of the Open eCcard App. In: Sicherheit 2012 GI-LNI (2012), http://subs.emis.de/LNI/Proceedings/Proceedings195/95.pdf
[HHK+14] D. Hühnlein, G. Hornung, M. Kubach, V. Mladenov, H. Roßnagel, S. Sädtler, J. Schmölz, T. Wich: SkIDentity – Trusted Identities for the Cloud, in [KRR14]
[ISO29115] ISO/IEC 29115: Information technology — Security techniques — Entity authentication assurance framework, International Standard, 2013
[KRR14] H. Krcmar, R. Reussner, B. Rumpe (ed.): Trusted Cloud Computing, Springer, to appear
[MaM14] MarketsandMarkets: Cloud Computing Market (IaaS, PaaS, SaaS) to Reach $121.1 Billion by 2015 – New Report by MarketsandMarkets, Press Release 08.02.2014, http://www.prweb.com/releases/cloud-computing/market/prweb11560677.htm
[NIST-800-63-2] NIST: Electronic Authentication Guideline, Special Publication 800-63-2, August 2013, http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63-2.pdf
[NIST-800-145] National Institute of Standards and Technology: The NIST definition of cloud computing, NIST special publication 800-145, http://csrc.nist.gov/publications/PubsSPs.html#800-145, 2011
[RFC3161] C. Adams, P. Cain, D. Pinkas, R. Zuccherato: Internet X.509 Public Key Infrastructure – Time- Stamp Protocol (TSP), IETF RFC 3161, 2001, www.ietf.org/rfc/rfc3161.txt
[RFC4998] T. Gondrom, R. Brandner, U. Pordesch: Evidence Record Syntax (ERS), IETF RFC 4998, 2007, www.ietf.org/rfc/rfc4998.txt
[RFC6749] D. Hardt, Ed.: The OAuth 2.0 Authorization Framework, IETF RFC 6749, 2012, www.ietf.org/rfc/rfc6749.txt
[SAML(v2.0)] S. Cantor, J. Kemp, R. Philpott, E. Maler: Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V2.0, OASIS Standard, 15.03.2005, http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf, 2005
[STORK-D2.3] B. Hulsebosch, G. Lenzini, and H. Eertink: Quality authenticator scheme, STORK Deliverable D2.3, final, 03.03.2009, https://www.eid-stork.eu/dmdocuments/public/D2.3_final._1.pdf
[STORK-D.5.8.1b] J. Alcalde-Moraño, J. L. Hernández-Ardieta, A. Johnston, D. Martinez, B. Zwattendorfer: STORK Deliverable D5.8.1b – Interface Specification, 08.09.2009, https://www.eid-stork.eu/index.php?option=com_processes&Itemid=&act=streamDocument&did=960
[SuKa11] S. Subashini, V. Kavitha: A survey on security issues in service delivery models of cloud computing, Journal of Network and Computer Applications, 34(1), 2011, pp. 1-11
[TJA10] H. Takabi, J. B. Joshi, and G. J. Ahn: Security and Privacy Challenges in Cloud Computing Environments, IEEE Security & Privacy, 8(6), 2010, pp. 24-31
[TC-Europe] European Commission: Establishing a Trusted Cloud Europe, A policy vision document by the Steering Board of the European Cloud Partnership, 2014, http://ec.europa.eu/information_society/newsroom/cf/dae/document.cfm?doc_id=4935
[WHP+13] Wich, T., Horsch, M., Petrautzki, D., Schmölz, J., Hühnlein, D., Wieland, T., Potzernheim, S.: An extensible platform for eID, signatures and more, In: Proceedings of Open Identity Summit 2013, LNI, vol. 223, 2013. pp. 55–68, http://www.ecsec.de/pub/2013_OID_Platform.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer Fachmedien Wiesbaden
About this paper
Cite this paper
Hühnlein, D. (2014). Towards eIDAS as a Service. In: Reimer, H., Pohlmann, N., Schneider, W. (eds) ISSE 2014 Securing Electronic Business Processes. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-06708-3_20
Download citation
DOI: https://doi.org/10.1007/978-3-658-06708-3_20
Published:
Publisher Name: Springer Vieweg, Wiesbaden
Print ISBN: 978-3-658-06707-6
Online ISBN: 978-3-658-06708-3
eBook Packages: Computer ScienceComputer Science (R0)