View
214
Download
0
Category
Preview:
Citation preview
SWEBSWEBSWEB Security and Privacy Technologies –
Implementation Aspects
Venue: SWEB Day in APV, Novi Sad
Author(s): Dr. Milan Marković
Organisations: MISANU Belgrade
Date: 26/03/2009
SWEBSWEBSWEB user types
JAVA mobile client
.NET mobile client
SELIS client
Civil Servant client
SWEBSWEBSecurity of communications between the client and SWEB platform
XML signature
Time Stamping
SAML token
WS-Security (WS-Encryption and/or WS-Signature)
SWEBSWEBUser authentication and authorization
Username/password to access the client application and
asymmetric private key
User’s digital certificate to be authenticated by the STS server
SAML token issued to the user for authentication to the particular
service
User profile (digital certificate) for user authorization to the platform
SWEBSWEBSecure communication between two SWEB platforms
Digital certificate for authentication to the STS server
SAML token for authentication to the service
User’s profile (digital certificate) for user authorization
SWEBSWEBIdentities of users
Digital certificates
PKI hierarchy
XKMS for certificate locating (LocateRequest) and
validating (ValidateRequest)
SWEBSWEB
SWEBSWEB
SWEBSWEB
The Residence Certification Service Cross-Border request scenario
SWEBSWEBSWEB Security Aspects Summary
X.509 certificate XML Digital Signatures and Encryption WS-security Time stamping Federation Identity - Security Token (SAML) XKMS Smart cards for Civil Servants Future upgrade include PKI SIM cards
SWEBSWEBFuture research directions
Implementing JAVA mobile application into the JAVA CDC 1.1 enabled mobile devices
Full implementation of advanced electronic signature formats (e.g. XAdeS)
Integration of PKI SIM technology in the Mobile Client application
Using SWEB-like system for other PKI based e/m-governmental services (strong user authentication to other e-gov web portals, signing documents prepared through some other communication channels, qualified signatures, etc.)
SWEBSWEB
Thank You!!
Recommended