On Privacy-Preserving Ways to Porting the Austrian eID System to the Public Cloud

Abstract : Secure authentication and unique identification of Austrian citizens are the main functions of the Austrian eID system. To facilitate the adoption of this eID system at online applications, the open source module MOA-ID has been developed, which manages identification and authentication based on the Austrian citizen card (the official Austrian eID) for service providers. Currently, the Austrian eID system treats MOA-ID as a trusted entity, which is locally deployed in every service provider’s domain. While this model has indeed some benefits, in some situations a centralized deployment approach of MOA-ID may be preferable. In this paper, we therefore propose a centralized deployment approach of MOA-ID in the public cloud. However, the move of a trusted service into the public cloud brings up new obstacles since the cloud can not be considered trustworthy. We encounter these obstacles by introducing and evaluating three distinct approaches, thereby retaining the workflow of the current Austrian eID system and preserving citizens’ privacy when assuming that MOA-ID acts honest but curious.
Document type :
Conference papers
Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.300-314, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_23〉
Liste complète des métadonnées

Cited literature [12 references]  Display  Hide  Download

https://hal.inria.fr/hal-01463834
Contributor : Hal Ifip <>
Submitted on : Thursday, February 9, 2017 - 5:24:05 PM
Last modification on : Thursday, February 9, 2017 - 5:37:19 PM
Document(s) archivé(s) le : Wednesday, May 10, 2017 - 2:38:48 PM

File

978-3-642-39218-4_23_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Bernd Zwattendorfer, Daniel Slamanig. On Privacy-Preserving Ways to Porting the Austrian eID System to the Public Cloud. Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.300-314, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_23〉. 〈hal-01463834〉

Share

Metrics

Record views

110

Files downloads

12