Skip to Main content Skip to Navigation
Conference papers

Improvements of pan-European IDM Architecture to Enable Identity Delegation Based on X.509 Proxy Certificates and SAML

Abstract : To foster the secure use of telematic services provided by public institutions, most European countries - and others in the rest of the world - are promoting electronic identification systems among their citizens to enable fully reliable identification. However, in today's globalized environment, it is becoming more common for citizens and entities of a given country, with their own electronic credentials under the legal framework of their country, to seek access to the public services provided by other countries with different legal frameworks and credentials. At present, a number of projects in the European Union are attempting to solve the problem through the use of pan-European identity management systems that ensure interoperability between the public institutions of different Member States. However, the solutions adopted to date are inadequate, for they do not envision all possible cases of user interaction with institutions. Specifically, they fail to address a very important aspect provided in different national legal systems, namely delegation of identity, by which a citizen can authorize another to act on his or her behalf in accessing certain services provided by public institutions. This paper provides a thorough analysis of problems of delegation and proposes an architecture based on X.509 Proxy Certificates and SAML assertions to enable delegation in provision of services in the complex and heterogeneous environment presented by the public institutions of the European Union as a whole.
Document type :
Conference papers
Complete list of metadata

Cited literature [10 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, August 14, 2014 - 5:51:42 PM
Last modification on : Friday, August 11, 2017 - 3:12:59 PM
Long-term archiving on: : Thursday, November 27, 2014 - 1:37:59 AM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Sergio Sánchez García, Ana Gómez Oliva. Improvements of pan-European IDM Architecture to Enable Identity Delegation Based on X.509 Proxy Certificates and SAML. 4th IFIP WG 11.2 International Workshop on Information Security Theory and Practices: Security and Privacy of Pervasive Systems and Smart Devices (WISTP), Apr 2010, Passau, Germany. pp.183-198, ⟨10.1007/978-3-642-12368-9_13⟩. ⟨hal-01056087⟩



Record views


Files downloads