Using Smart Cards for Authenticating in Public Services: A Comparative Study

  • D. Arroyo Guardeño
  • V. Gayoso Martínez
  • L. Hernández Encinas
  • A. Martín Muñoz
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 369)

Abstract

Smart cards are well-known tamper-resistant devices, and as such they represent an excellent platform for implementing strong authentication. Many services requesting high levels of security rely on smart cards, which provide a convenient security token due to their portability. This contribution analyses two Spanish smart card deployments intended to be used for accessing eGoverment services, comparing their respective contents and capabilities.

Keywords

Cryptography Digital signature Electronic prescription Smart cards 

References

  1. 1.
    European Commission: European eGoverment action plan 2011–2015. https://ec.europa.eu/digital-agenda/en/european-egovernment-action-plan-2011-2015 (2011)
  2. 2.
  3. 3.
    ISO/IEC: Identification cards—Integrated circuit cards—Part 3: Cards with contacts—Electrical interface and transmission protocols. International Organization for Standardization/International Electrotechnical Commission. ISO/IEC 7816–3, 3rd edn. (2006)Google Scholar
  4. 4.
    ISO/IEC: Identification cards—Integrated circuit cards—Part 4: Organization, security and commands for interchange. International Organization for Standardization/International Electrotechnical Commission. ISO/IEC 7816-4, 3rd edn. (2013)Google Scholar
  5. 5.
    Fábrica Nacional de Moneda y Timbre: Electronic signature. https://www.sede.fnmt.gob.es/en/normativa/firma-electronica
  6. 6.
    Direccinó General de la Policía: Página oficial de la DGP—Notas de prensa. http://www.policia.es/prensa/20150112_1.html (2015)
  7. 7.
    Espinosa García, J., Hernández Encinas, L., Queiruga Dios, A.: The new Spanish electronic identity card: DNI-e. In: Proceedings of the International Conference on Information Technologies (InfoTech’2007), volume I: Technological Aspects of the e-Governance and Data Protection, pp. 77–82 (2007)Google Scholar
  8. 8.
    Ministerio del Interior de España: Portal oficial sobre el DNI electrónico. http://www.dnielectronico.es/ (2013)
  9. 9.
    Gayoso Martínez, V., Hernández Encinas, L., Martín Muñoz, A.: La tarjeta de identidad española como método de autenticación en redes sociales. In: VII Congreso Iberoamericano de Seguridad Informática 2013 (CIBSI 2013), pp. 32–44 (2013)Google Scholar
  10. 10.
    CEN: Application interface for smart cards used as secure signature creation devices—Part 1: basic services. European Committee for Standardization. UNE-EN 14890–1. http://www.cen.eu/cen/Sectors/TechnicalCommitteesWorkshops/CENTechnicalCommittees/Pages/Standards.aspx?param=6205&title=CEN%2FTC+224. (2009)
  11. 11.
    Ministerio del Interior de España: Documento Nacional de Identidad electrónico: Guía de referencia técnica (2012)Google Scholar
  12. 12.
    Health and Social Care Information Centre: Electronic prescription service. http://systems.hscic.gov.uk/eps (2015)
  13. 13.
    Department of Human Services: Electronic prescribing and dispensing of medicines. http://www.medicareaustralia.gov.au/provider/pbs/pharmacists/dispense.jsp (2014)
  14. 14.
  15. 15.
    Oficina para la Ejecución de la Reforma de la Administración: Informe de Progreso de la Comisión para la Reforma de las Administraciones Públicas. http://www.seap.minhap.gob.es/dms/es/areas/reforma_aapp/proceso/CORA-Informe-anual-de-progreso--Diciembre-2014/CORA-Informe%20anual%20de%20progreso.%20Diciembre%202014.pdf (2015)
  16. 16.
    Sociedad Española de Farmacia Comunitaria: Estudio de implantacin de la receta electrónica en España. http://www.farmaceuticoscomunitarios.org/sites/default/files/wysiwyg/181_brizuelarodicioluis_recetaelectronica_recetaelectronica.pdf (2014)
  17. 17.
    Gaceta Médica: Madrid culmina la implantación de la e-receta. http://www.gacetamedica.com/noticias-medicina/articulo.aspx?idart=884387&idcat=797&tipo=2 (2015)
  18. 18.
  19. 19.
    Chambersign: About us. http://www.chambersign.com/about-us (2015)
  20. 20.
    ISO/IEC: Identification cards—Integrated circuit cards—Part 15: cryptographic information application. International Organization for Standardization/International Electrotechnical Commission. ISO/IEC 7816-15 (2004)Google Scholar
  21. 21.
    ANSSI: Produit certifié Critères Communs (réf: 2005/40). Agence Nationale de la Sécurité des Systèmes d’Information. http://www.ssi.gouv.fr/fr/produits-et-prestataires/produits-certifies-cc/certificat_2005_40.html (2005)
  22. 22.
    CCN: Informe de certificación INF-148. Centro Criptológico Nacional. http://www.dnielectronico.es/seccion_integradores/cc1_p.jpg (2007)

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • D. Arroyo Guardeño
    • 1
  • V. Gayoso Martínez
    • 2
  • L. Hernández Encinas
    • 2
  • A. Martín Muñoz
    • 2
  1. 1.Grupo de Neurocomputación Biológica, Departamento de Ingeniería Informática, Escuela Politécnica SuperiorUniversidad Autónoma de MadridMadridSpain
  2. 2.Institute of Physical and Information Technologies (ITEFI)Spanish National Research Council (CSIC)MadridSpain

Personalised recommendations