Transcript Fraunhofer Activities in SWEB

SWEB
SWEB Security and Privacy Technologies –
Implementation Aspects
Venue:
SWEB Day in APV, Novi Sad
Author(s):
Dr. Milan Marković
Organisations:
MISANU Belgrade
Date:
26/03/2009
SWEB
SWEB user types
 JAVA mobile client
 .NET mobile client
 SELIS client
 Civil Servant client
SWEB
Security of communications between the client and SWEB platform
 XML signature
 Time Stamping
 SAML token
 WS-Security (WS-Encryption and/or WS-Signature)
SWEB
User authentication and authorization
 Username/password to access the client application and
asymmetric private key
 User’s digital certificate to be authenticated by the STS server
 SAML token issued to the user for authentication to the particular
service
 User profile (digital certificate) for user authorization to the platform
SWEB
Secure communication between two SWEB platforms
 Digital certificate for authentication to the STS server
 SAML token for authentication to the service
 User’s profile (digital certificate) for user authorization
SWEB
Identities of users
 Digital certificates
 PKI hierarchy
 XKMS for certificate locating (LocateRequest) and
validating (ValidateRequest)
SWEB
SWEB
SWEB
The Residence Certification Service
Cross-Border request scenario
SWEB
SWEB Security Aspects
Summary
 X.509 certificate
 XML Digital Signatures and Encryption
 WS-security
 Time stamping
 Federation Identity - Security Token (SAML)
 XKMS
 Smart cards for Civil Servants
 Future upgrade include PKI SIM cards
SWEB
Future research directions
 Implementing JAVA mobile application into the JAVA CDC 1.1
enabled mobile devices
 Full implementation of advanced electronic signature formats (e.g.
XAdeS)
 Integration of PKI SIM technology in the Mobile Client application
 Using SWEB-like system for other PKI based e/m-governmental
services (strong user authentication to other e-gov web portals,
signing documents prepared through some other communication
channels, qualified signatures, etc.)
SWEB
Thank You!!