On Privacy-Preserving Ways to Porting the Austrian eID System to the Public Cloud

Abstract : Secure authentication and unique identification of Austrian citizens are the main functions of the Austrian eID system. To facilitate the adoption of this eID system at online applications, the open source module MOA-ID has been developed, which manages identification and authentication based on the Austrian citizen card (the official Austrian eID) for service providers. Currently, the Austrian eID system treats MOA-ID as a trusted entity, which is locally deployed in every service provider’s domain. While this model has indeed some benefits, in some situations a centralized deployment approach of MOA-ID may be preferable. In this paper, we therefore propose a centralized deployment approach of MOA-ID in the public cloud. However, the move of a trusted service into the public cloud brings up new obstacles since the cloud can not be considered trustworthy. We encounter these obstacles by introducing and evaluating three distinct approaches, thereby retaining the workflow of the current Austrian eID system and preserving citizens’ privacy when assuming that MOA-ID acts honest but curious.
Type de document :
Communication dans un congrès
Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.300-314, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_23〉
Liste complète des métadonnées

Littérature citée [12 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01463834
Contributeur : Hal Ifip <>
Soumis le : jeudi 9 février 2017 - 17:24:05
Dernière modification le : jeudi 9 février 2017 - 17:37:19
Document(s) archivé(s) le : mercredi 10 mai 2017 - 14:38:48

Fichier

978-3-642-39218-4_23_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Bernd Zwattendorfer, Daniel Slamanig. On Privacy-Preserving Ways to Porting the Austrian eID System to the Public Cloud. Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.300-314, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_23〉. 〈hal-01463834〉

Partager

Métriques

Consultations de la notice

154

Téléchargements de fichiers

18