Secure and Privacy-Preserving Cross-Border Authentication: The STORK Pilot ‘SaferChat’
Secure user authentication, provision of identity attributes, privacy preservation, and cross-border applicability are key requirements of security and privacy sensitive ICT based services. The EU large scale pilot STORK provides a European cross-border authentication framework that satisfies these requirements by establishing interoperability between existing national eID infrastructures. To allow for privacy preservation, the developed framework supports the provision of partial identity information and pseudonymization. In this paper we present the pilot application SaferChat that has been developed to evaluate and demonstrate the functionality of the STORK authentication framework. SaferChat makes use of age claim based authentication mechanisms that allow for an online environment where kids and teenagers are able to communicate with their peers in a safe way. We first identify relevant prerequisites for the SaferChat pilot application and then give an introduction to the basic architecture of the STORK authentication framework. We finally show how this framework has been integrated into the SaferChat pilot application to meet the identified requirements and to implement a secure and privacy preserving cross-border user authentication mechanism.
Keywordse-ID interoperability authentication privacy security e-Learning Moodle STORK
Unable to display preview. Download preview PDF.
- 1.European Commission: The European eGovernment Action Plan 2011-2015, COM(2010) 743, Brussels (2010) Google Scholar
- 2.European Commission: A Digital Agenda for Europe, COM(2010) 215 final/2, Brussels (2010) Google Scholar
- 3.Leitold, H., Zwattendorfer, B.: STORK: Architecture, Implementation and Pilots. Securing Electronic Business Processes. In: ISSE (2010) Google Scholar
- 4.Moodle, http://moodle.org/
- 5.Ferraiolo, D.F., Cugini, J.A., Kuhn, D.R.: Role-based access control (RBAC): Features and motivations. NIST (1995) Google Scholar
- 6.Kessler, G.C.: Passwords – Strengths and Weaknesses. In: Cavanagh, J.P. (ed.) Internet and Networking Security, Auerbach (1997)Google Scholar
- 7.Yang, G., Wong, D., Wang, H., Deng, X.: Two-factor mutual authentication based on smart cards and passwords, vol. 74, pp. 1160–1172 (2008) Google Scholar
- 8.Berbecaru, D., et al.: D5.7.2 Functional Design for PEPS, MW models and interoperability. STORK Deliverable (2010) Google Scholar
- 9.OASIS, Security Assertion Markup Language (SAML), http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security
- 10.Alcalde-Morano, J., Hernández-Ardieta, J.L., Johnston, A., Martinez, D., Zwattendorfer, B., Stern, M.: D5.8.1b Interface Specification. STORK Deliverable (2009) Google Scholar
- 11.Bjarnason, H., Knall, T., Axfjörð, A.F.: D6.2.1 SaferChat - Functional Specification. STORK Deliverable (2009) Google Scholar
- 12.Bjarnason, H., Knall, T., Axfjörð, A.F, Jónsson, G. K.: D6.2.3 SaferChat Detailed Planning. STORK Deliverable (2009) Google Scholar