Abstract
Identity-management systems play a key role in various
areas of applications and e-Government processes where access to sensitive
data needs to be protected. To protect this sensitive data, the
identity-management system provides all necessary functionality to service
providers to manage digital identities and to handle the identification
and authentication process. Identity management per se is no
new topic and hence several identity-management systems have evolved
over time, which are deployed in almost all European countries. However,
identity management is constantly evolving in terms of new technical
or legal requirements, higher secure protocols, new identification
and authentication mechanism, or new fields of applications. In particular,
the need for exchanging or federating identities across domains or
even borders requires new interoperable solutions and flexible identity
management architectures. In this paper we present a flexible and modular
identity management architecture which focuses on federation and
interoperability capabilities based on plug-able components. Due to that,
new arising requirements can be easily fulfilled by implementing appropriate
plug-ins. Hence, our proposed architecture is especially applicable
for high qualified identification systems such as national eIDs for
e-Government applications and their federation across borders. We further
illustrate the applicability of our architecture by implementing it to
be used as an identity provider for Austrian eGovernment applications,
on the one side being applicable for national authentications and, on the
other side, in a cross-border context.
areas of applications and e-Government processes where access to sensitive
data needs to be protected. To protect this sensitive data, the
identity-management system provides all necessary functionality to service
providers to manage digital identities and to handle the identification
and authentication process. Identity management per se is no
new topic and hence several identity-management systems have evolved
over time, which are deployed in almost all European countries. However,
identity management is constantly evolving in terms of new technical
or legal requirements, higher secure protocols, new identification
and authentication mechanism, or new fields of applications. In particular,
the need for exchanging or federating identities across domains or
even borders requires new interoperable solutions and flexible identity
management architectures. In this paper we present a flexible and modular
identity management architecture which focuses on federation and
interoperability capabilities based on plug-able components. Due to that,
new arising requirements can be easily fulfilled by implementing appropriate
plug-ins. Hence, our proposed architecture is especially applicable
for high qualified identification systems such as national eIDs for
e-Government applications and their federation across borders. We further
illustrate the applicability of our architecture by implementing it to
be used as an identity provider for Austrian eGovernment applications,
on the one side being applicable for national authentications and, on the
other side, in a cross-border context.
Original language | English |
---|---|
Title of host publication | Lecture Notes in Business Information Processing |
Publisher | Springer |
Pages | 123-143 |
Volume | 246 |
ISBN (Electronic) | 978-3-319-30996-5 |
ISBN (Print) | 978-3-319-30995-8 |
Publication status | Published - Apr 2016 |
Keywords
- Identification
- Authentication
- Identity Provider,
- Federation
ASJC Scopus subject areas
- Information Systems
Fields of Expertise
- Information, Communication & Computing