{"title":"STORK框架在公共云中隐私保护的实现","authors":"Bernd Zwattendorfer, Daniel Slamanig","doi":"10.5220/0004533204190426","DOIUrl":null,"url":null,"abstract":"The STORK framework — enabling secure eID federation across European countries — will be the dominant identification and authentication framework across Europe in the future. While still in its start up phase, adoption of the STORK framework is continuously increasing and high loads can be expected, since, theoretically, the entire population of the European Union will be able to run authentications through this framework. This can easily lead to scalability issues, especially for the proxy-based (PEPS) approach in STORK, which relies on a central gateway being responsible for managing and handling citizen authentications. In order to mitigate the associated scalability issues, the PEPS approach could be moved into the public cloud. However, a move of a trusted service into the public cloud brings up new obstacles, especially with respect to citizens' privacy. In this paper we propose an approach how this move could be successfully realized by still preserving citizens' privacy and keeping existing national eID infrastructures untouched. We present the approach in detail and evaluate its capability with respect to citizens' privacy protection as well as its practicability. We conclude, that the proposed approach is a viable way of realizing an efficient and scalable Pan-European citizen identification and authentication framework.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Privacy-preserving realization of the STORK framework in the public cloud\",\"authors\":\"Bernd Zwattendorfer, Daniel Slamanig\",\"doi\":\"10.5220/0004533204190426\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The STORK framework — enabling secure eID federation across European countries — will be the dominant identification and authentication framework across Europe in the future. While still in its start up phase, adoption of the STORK framework is continuously increasing and high loads can be expected, since, theoretically, the entire population of the European Union will be able to run authentications through this framework. This can easily lead to scalability issues, especially for the proxy-based (PEPS) approach in STORK, which relies on a central gateway being responsible for managing and handling citizen authentications. In order to mitigate the associated scalability issues, the PEPS approach could be moved into the public cloud. However, a move of a trusted service into the public cloud brings up new obstacles, especially with respect to citizens' privacy. In this paper we propose an approach how this move could be successfully realized by still preserving citizens' privacy and keeping existing national eID infrastructures untouched. We present the approach in detail and evaluate its capability with respect to citizens' privacy protection as well as its practicability. We conclude, that the proposed approach is a viable way of realizing an efficient and scalable Pan-European citizen identification and authentication framework.\",\"PeriodicalId\":174026,\"journal\":{\"name\":\"2013 International Conference on Security and Cryptography (SECRYPT)\",\"volume\":\"3 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-07-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 International Conference on Security and Cryptography (SECRYPT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.5220/0004533204190426\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on Security and Cryptography (SECRYPT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5220/0004533204190426","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Privacy-preserving realization of the STORK framework in the public cloud
The STORK framework — enabling secure eID federation across European countries — will be the dominant identification and authentication framework across Europe in the future. While still in its start up phase, adoption of the STORK framework is continuously increasing and high loads can be expected, since, theoretically, the entire population of the European Union will be able to run authentications through this framework. This can easily lead to scalability issues, especially for the proxy-based (PEPS) approach in STORK, which relies on a central gateway being responsible for managing and handling citizen authentications. In order to mitigate the associated scalability issues, the PEPS approach could be moved into the public cloud. However, a move of a trusted service into the public cloud brings up new obstacles, especially with respect to citizens' privacy. In this paper we propose an approach how this move could be successfully realized by still preserving citizens' privacy and keeping existing national eID infrastructures untouched. We present the approach in detail and evaluate its capability with respect to citizens' privacy protection as well as its practicability. We conclude, that the proposed approach is a viable way of realizing an efficient and scalable Pan-European citizen identification and authentication framework.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
