This follows an earlier collaboration and the publication of the ‘Security Issues in Cross-border Electronic Authentication’ paper.
In the new report, ‘Mapping security services to authentication levels’, the authors explain eID management and authentication using real world examples. They detail the key concepts needed to understand why a common EU-wide approach to quality and security is necessary for the providers and users of electronic services. Such services may include electronic tax declarations or benefit receipts from health care services based on identification using an eID card.
It reviews the applicability of a known quality model developed by European initiatives (authentication levels). The mappings are illustrated using everyday life examples. The report explains encountered or potential issues with applying the model of authentication levels to electronic services and provides recommendations for further improvements.
It also provides a general overview of recent European efforts, with particular emphasis on the activities of the European STORK (Secure IdenTity AcrOss BoRders LinKed) project in relation to the authentication levels and their mappings. STORK aims to implement an EU-wide eID interoperability platform that will allow citizens to establish new eRelations with other member countries, by means of cross-border eID identification and authentication.
Additionally, it examines the technological barriers to cross-border interoperability of eGovernment solutions and services and considers what the STORK project is doing in this area.
“The EU is heading towards a common service market,” says Markus Hartmann, managing director of HJP Consulting. “Therefore citizens must be enabled to authenticate themselves online, cross-border, without any barriers.”
The report was written by HJP’s eID experts Stephan Körting and Diana Ombelli and was supervised by Slawomir Gorniak, from ENISA’s Technical Competence Department.
It is available for download from ENISA’s website: www.enisa.europa.eu/act/it/library/deliverables/map-auth-lev
---
Quelle/Source: Security Document World, 04.04.2011
Bitte besuchen Sie/Please visit:
