Abstract
The new EU regulation on electronic identification and trust services for electronic transactions in internal market aims to overcome cross-border barriers regarding identity and signature services. According to the Head of the European Commission DG CONNECT Task Force “Legislation Team”, the eIDAS regulation sets out to “strengthen EU single market by boosting TRUST and CONVENIENCE in secure and seamless cross-border electronic transactions”.
Although the proposed regulation is technology-neutral, we believe that the technology used by the Mobile, Social and Cloud triad can greatly boost the deployment of applications and, therefore, may accelerate the achievement of the eIDAS vision. Mobile devices have become the something-you-have authentication factor that has been generally delegated to hardware tokens. Smartphones allow deploying highly-secure yet user-friendly mechanisms that can complement existing national eIDs and overcome user-experience drawbacks. Furthermore, identity services are not solely useful for backing up identities provisioned and managed by Member States but can also enhance services by federating and elevating trust on social and other consumer identities. Finally, light Web formats and modern user-centric and privacy-aware standards like OAuth and OpenID Connect make it easy for developers to combine identities and functionality and may revolutionize the quantity and quality of applications, owing both to the plethora of access devices and the advantages of Cloud computing delivery.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
[EU99] Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. Official Journal L 013, 19/01/2000 P. 0012 – 0020
[EU14] European Parliament legislative resolution of 3 April 2014 on the proposal for a regulation of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market
[Google13] “Our Mobile Planet: Spain. Understanding the Mobile Consumer”, Google, May 2013, http://services.google.com/fh/files/misc/omp-2013-es-en.pdf, seen on July 10th 2014
[ITU14] “The world in 2014. ICT Facts and Figures”, ICT Data and Statistics Division Telecommunication Development Bureau, ITU, April 2014
[Cisco14] “Cisco Visual Networking Index: Forecast and Methodology, 2013–2018”, Cisco, June 2014
[FB14] Statistic Brain – Facebook Statistics, January 2014, http://www.statisticbrain.com/facebook-statistics/,seen on July 10th 2014
[Gartner13] E. Anderson et al., “Forecast Overview: Public Cloud Services, Worldwide, 2011-2016, 4Q12 Update”, Gartner Inc., February 2013
[UKAuth00] “Authentication Framework v1.0”, Office of the e-Envoy, December 2000
[NIST06] W. E. Burr, D. F. Dodson and W. T. Polk, “Electronic Authentication Guideline”, Special Publication 800-63, Version 1.0.2, National Institute of Standards and Technology, April 2006
[OAuth12] D. Hardt, “The OAuth 2.0 Authorization Framework”, RFC 6749, IETF, October 2012
[Connect14] N. Sakimura, J. Bradley, M. Jones, B. de Medeiros, C. Mortimore, “OpenID Connect Core 1.0”, February 2014
[SAML05] S. Cantor et al., “Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0”, OASIS SSTC, March 2005
[PKCS03] J. Jonsson, B. Kaliski, “Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography. Specifications Version 2.1”, RFC 3447, IETF, February 2003
[CEN13] Draft for publication of CEN/TS 419241 Security Requirements for Trustworthy Systems Supporting Server Signing, European Committee for Standardization, December 2013
[MaBa12] Maler, Eve; Barton, Tom: The Future of Federated Identity or, Whither SAML? InCommon, July 2012
[FIDO14] The FIDO Alliance, https://fidoalliance.org, seen on July 10th 2010
[Pope13] N. Pope, J. C. Cruellas, I. Khan, J. Olnes, A. Tauber, “Rationalised Framework of Standards for Advanced Electronic Signatures in Mobile Environment”, SR 019 020 (Draft), ETSI, December 2013
[OASIS14] OASIS Electronic Identity Credential Trust Elevation Methods (Trust Elevation)
[SCIM14] K. Grizzle, P. Hunt, E. Wahlstroem, C. Mortimore, “System for Cross-Domain Identity Management: Core Schema”, Internet Draft, IETF, June 2014
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer Fachmedien Wiesbaden
About this paper
Cite this paper
Jordan, F., Pujol, H., Ruana, D. (2014). Achieving the eIDAS Vision Through the Mobile, Social and Cloud Triad. In: Reimer, H., Pohlmann, N., Schneider, W. (eds) ISSE 2014 Securing Electronic Business Processes. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-06708-3_6
Download citation
DOI: https://doi.org/10.1007/978-3-658-06708-3_6
Published:
Publisher Name: Springer Vieweg, Wiesbaden
Print ISBN: 978-3-658-06707-6
Online ISBN: 978-3-658-06708-3
eBook Packages: Computer ScienceComputer Science (R0)