Personal tools



Jump to: navigation, search

Conference proceedings article

Title Personal Identification in the Web Using Electronic Identity Cards and a Personal Identity Provider
Author André Zúquete, Hélder Gomes, Cláudio Teixeira
Booktitle 8th Workshop in Information Security Theory and Practice (WISTP’14)
Address Heraklion, Greece
Month June
Year 2014
Group Information Systems and Processing
Group (before 2015) Information Systems and Telematics Laboratory
Indexed by ISI Yes
Scope International

This paper presents a new paradigm for implementing the authentication of individuals withinWeb sessions. Nowadays many countries have deployed electronic identity cards (eID tokens) for their citizens' personal identification, but these are not yet well integrated with the authentication of people in Web sessions. We used the concept of Personal Identity Provider (PIdP) to replace (or complement) the role ordinarily given to institutional Identity Providers (IdPs), which are trusted third parties to which service providers delegate the identification and the authentication of their clients. By running locally on a citizen's computer, the PIdP paradigm is well suited to assist his/her eID-based authentication. In this paper we describe an eID-based authentication protocol handled by a PIdP, its implementation and its integration in a production scenario (a campus-wide, Shibboleth IdP-based authentication infrastructure used in University of Aveiro).

Slides available here.