loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Marco Pernpruner 1 ; 2 ; Giada Sciarretta 2 and Silvio Ranise 3 ; 2

Affiliations: 1 Department of Informatics, Bioengineering, Robotics and System Engineering, University of Genoa, Genoa, Italy ; 2 Security & Trust Research Unit, Fondazione Bruno Kessler, Trento, Italy ; 3 Department of Mathematics, University of Trento, Trento, Italy

Keyword(s): eDocuments, Enrollment, Onboarding, Risk Analysis, Security Analysis, Security Framework.

Abstract: More and more online services are characterised by the need for strongly verifying the real-world identity of end users, especially when sensitive operations have to be carried out: just imagine a fully-remote signature of a contract, and what could happen whether someone managed to perform it by using another person’s name. For this reason, the identity management lifecycle contains specific procedures – called enrollment or onboarding – providing a certain level of assurance on digital users’ real identities. These procedures must be as secure as possible to prevent frauds and identity thefts. In this paper, we present a framework composed of a specification language, a security analysis methodology and a risk analysis methodology for enrollment solutions. For concreteness, we apply our framework to a real use case (i.e., fully-remote solutions relying on electronic documents as identity evidence) in the context of a collaboration with an Italian FinTech startup. Beyond validating the framework, we analyse and highlight the essential role of mitigations on the overall security of enrollment procedures. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.118.2.15

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Pernpruner, M.; Sciarretta, G. and Ranise, S. (2021). A Framework for Security and Risk Analysis of Enrollment Procedures: Application to Fully-remote Solutions based on eDocuments. In Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT; ISBN 978-989-758-524-1; ISSN 2184-7711, SciTePress, pages 222-233. DOI: 10.5220/0010554502220233

@conference{secrypt21,
author={Marco Pernpruner. and Giada Sciarretta. and Silvio Ranise.},
title={A Framework for Security and Risk Analysis of Enrollment Procedures: Application to Fully-remote Solutions based on eDocuments},
booktitle={Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT},
year={2021},
pages={222-233},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010554502220233},
isbn={978-989-758-524-1},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT
TI - A Framework for Security and Risk Analysis of Enrollment Procedures: Application to Fully-remote Solutions based on eDocuments
SN - 978-989-758-524-1
IS - 2184-7711
AU - Pernpruner, M.
AU - Sciarretta, G.
AU - Ranise, S.
PY - 2021
SP - 222
EP - 233
DO - 10.5220/0010554502220233
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic