Design and Application of a Secure and Flexible Server-Based Mobile eID and e-Signature Solution

Rath, Christof; Roth, Simon; Schallar, Manuel; Zefferer, Thomas

Home // International Journal On Advances in Security, volume 7, numbers 3 and 4, 2014 // View article

Design and Application of a Secure and Flexible Server-Based Mobile eID and e-Signature Solution

Authors:
Christof Rath
Simon Roth
Manuel Schallar
Thomas Zefferer

Keywords: e-government, e-business, eID, electronic identity, electronic signature, identity management, mobile security

Abstract:
Electronic identities (eID) and electronic signatures are basic concepts of various applications and services from security-critical domains including e-government, e-business, and e-commerce. During the past years, server-based approaches have been increasingly followed to implement these concepts. Unfortunately, existing server-based eID and electronic-signature solutions are usually tailored to a specific use case or deployment scenario. This renders a deployment of these solutions in arbitrary application scenarios difficult. To overcome this issue, we propose a flexible server-based eID and electronic-signature solution that can be easily deployed in arbitrary application scenarios while still providing a sufficient level of security and usability. The feasibility of the proposed solution is demonstrated by means of a concrete implementation. Furthermore, the claimed flexibility of the developed solution is shown by integrating it into a productive web-based time-tracking application. Its successful deployment and integration shows that the proposed solution provides a secure and flexible alternative to existing eID and electronic-signature solutions and that it has the potential to improve the security of security-critical services and applications from arbitrary domains.

Pages: 50 to 61

Publication date: December 30, 2014

Published in: journal

ISSN: 1942-2636