Abstract
Secure user authentication, provision of identity attributes, privacy preservation, and cross-border applicability are key requirements of security and privacy sensitive ICT based services. The EU large scale pilot STORK provides a European cross-border authentication framework that satisfies these requirements by establishing interoperability between existing national eID infrastructures. To allow for privacy preservation, the developed framework supports the provision of partial identity information and pseudonymization. In this paper we present the pilot application SaferChat that has been developed to evaluate and demonstrate the functionality of the STORK authentication framework. SaferChat makes use of age claim based authentication mechanisms that allow for an online environment where kids and teenagers are able to communicate with their peers in a safe way. We first identify relevant prerequisites for the SaferChat pilot application and then give an introduction to the basic architecture of the STORK authentication framework. We finally show how this framework has been integrated into the SaferChat pilot application to meet the identified requirements and to implement a secure and privacy preserving cross-border user authentication mechanism.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
European Commission: The European eGovernment Action Plan 2011-2015, COM(2010) 743, Brussels (2010)
European Commission: A Digital Agenda for Europe, COM(2010) 215 final/2, Brussels (2010)
Leitold, H., Zwattendorfer, B.: STORK: Architecture, Implementation and Pilots. Securing Electronic Business Processes. In: ISSE (2010)
Moodle, http://moodle.org/
Ferraiolo, D.F., Cugini, J.A., Kuhn, D.R.: Role-based access control (RBAC): Features and motivations. NIST (1995)
Kessler, G.C.: Passwords – Strengths and Weaknesses. In: Cavanagh, J.P. (ed.) Internet and Networking Security, Auerbach (1997)
Yang, G., Wong, D., Wang, H., Deng, X.: Two-factor mutual authentication based on smart cards and passwords, vol. 74, pp. 1160–1172 (2008)
Berbecaru, D., et al.: D5.7.2 Functional Design for PEPS, MW models and interoperability. STORK Deliverable (2010)
OASIS, Security Assertion Markup Language (SAML), http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security
Alcalde-Morano, J., Hernández-Ardieta, J.L., Johnston, A., Martinez, D., Zwattendorfer, B., Stern, M.: D5.8.1b Interface Specification. STORK Deliverable (2009)
Bjarnason, H., Knall, T., Axfjörð, A.F.: D6.2.1 SaferChat - Functional Specification. STORK Deliverable (2009)
Bjarnason, H., Knall, T., Axfjörð, A.F, Jónsson, G. K.: D6.2.3 SaferChat Detailed Planning. STORK Deliverable (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Knall, T., Tauber, A., Zefferer, T., Zwattendorfer, B., Axfjord, A., Bjarnason, H. (2011). Secure and Privacy-Preserving Cross-Border Authentication: The STORK Pilot ‘SaferChat’. In: Andersen, K.N., Francesconi, E., Grönlund, Å., van Engers, T.M. (eds) Electronic Government and the Information Systems Perspective. EGOVIS 2011. Lecture Notes in Computer Science, vol 6866. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22961-9_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-22961-9_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22960-2
Online ISBN: 978-3-642-22961-9
eBook Packages: Computer ScienceComputer Science (R0)