Advertisement

The FICEP Infrastructure

How We Deployed the Italian eIDAS Node in the Cloud
  • Paolo SmiragliaEmail author
  • Marco De BenedictisEmail author
  • Andrea AtzeniEmail author
  • Antonio LioyEmail author
  • Massimiliano PucciarelliEmail author
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 792)

Abstract

The EU Regulation No 910/2014 imposes to each EU Member State to notify its electronic identification scheme and to recognize the ones notified by the other Member States by 29 September 2018. In this process, Italy will notify SPID, an authentication scheme that allows citizens and business entities to access online services provided by the public administration and private bodies with a unique set of credentials. Technological and operational aspects related to the infrastructure that will allow the SPID notification represent the core business of the FICEP project. This paper offers an overview of the architectural and technological aspects that made possible the deployment of the FICEP architecture in the cloud.

Keywords

eIDAS Regulation Federated authentication Cloud computing 

Notes

Acknowledgement

The work described in this paper is part of the FICEP project, co-financed by the European Union’s Connecting European Facility under the grant agreement no. INEA/CEF/ICT/A2014/0041.

References

  1. 1.
  2. 2.
    BitBucket - FICEP. https://bitbucket.org/ficep
  3. 3.
    Cloud for Europe. http://www.cloudforeurope.eu
  4. 4.
  5. 5.
  6. 6.
    Docker - Build, Ship and Run Any App, Anywhere. https://www.docker.com
  7. 7.
  8. 8.
    Elasticsearch - RESTful, Distributed Search & Analytics. https://www.elastic.co/products/elasticsearch
  9. 9.
  10. 10.
    FICEP - First Italian Crossborder eIDAS Proxy Service. http://www.agid.gov.it/agenda-digitale/infrastrutture-architetture/progetto_ficep
  11. 11.
    Filebeat - Lightweight Shipper for Logs. https://www.elastic.co/products/beats/filebeat
  12. 12.
    Heat - OpenStack Orchestration. https://wiki.openstack.org/wiki/Heat
  13. 13.
  14. 14.
  15. 15.
    Jinja - The Python Template Engine. http://jinja.pocoo.org
  16. 16.
    Kafka - A distributed streaming platform. https://kafka.apache.org
  17. 17.
    Kibana - Explore, Visualize, Discover Data. https://www.elastic.co/products/kibana
  18. 18.
    Knox - Secret management service. https://github.com/pinterest/knox
  19. 19.
    Kubernetes - Production-Grade Container Orchestration. https://kubernetes.io
  20. 20.
    Logstash - Collect, Parse, Transform Logs. https://www.elastic.co/products/logstash
  21. 21.
  22. 22.
    OpenStack - Open Source Cloud Computing Software. https://www.openstack.org
  23. 23.
    Portainer - Simple management UI for Docker. http://portainer.io
  24. 24.
    rkt - A security-minded, standards-based container engine. https://coreos.com/rkt
  25. 25.
    SaltStack - Intelligent orchestration for the software-defined data center. https://saltstack.com
  26. 26.
  27. 27.
  28. 28.
    SPC Cloud - Servizi di Cloud Computing per la Pubblica Amministrazione. https://www.cloudspc.it
  29. 29.
    SPID - Sistema Pubblico di Identità Digitale. https://www.spid.gov.it
  30. 30.
    STORK - Secure idenTity acrOss boRders linKed. https://www.eid-stork2.eu
  31. 31.
    Vault - A Tool for Managing Secrets. https://www.vaultproject.io
  32. 32.
  33. 33.
    X-Pack - Extend Elasticsearch, Kibana & Logstash. https://www.elastic.co/products/x-pack
  34. 34.
  35. 35.
  36. 36.
  37. 37.
    Mell, P., Grance, T.: The NIST definition of cloud computing. Special Publication, 800-145, NIST, Sep 2011Google Scholar
  38. 38.
    Merkel, D.: Docker: lightweight linux containers for consistent development and deployment. Linux J. 2, p. 239 (2014). http://dl.acm.org/citation.cfm?id=2600239.2600241
  39. 39.
    Organization for the Advancement of Structured Information Standards (OASIS): Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0. https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
  40. 40.
    Zwattendorfer, B., Slamanig, D.: Privacy-preserving realization of the STORK framework in the public cloud. In: SECRYPT-2013 - International Conference on Security and Cryptography, pp. 1–8, Jul 2013Google Scholar
  41. 41.
    Zwattendorfer, B., Slamanig, D.: The Austrian eID ecosystem in the public cloud: how to obtain privacy while preserving practicality. J. Inf. Secur. Appl. 27–28, 35–53 (2016)Google Scholar
  42. 42.
    Zwattendorfer, B., Stranacher, K., Tauber, A., Reichstädter, P.: Cloud computing in E-Government across Europe, pp. 181–195 (2013). http://dx.doi.org/10.1007/978-3-642-40160-2_15

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Dip. Automatica e InformaticaPolitecnico di TorinoTorinoItaly
  2. 2.Agenzia per l’Italia Digitale (AgID)RomaItaly

Personalised recommendations