Qualified Mobile Server Signature

Orthacker, Clemens; Centner, Martin; Kittl, Christian

doi:10.1007/978-3-642-15257-3_10

Cited by 27 publications

(16 citation statements)

References 3 publications

(8 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These middleware approaches are used to access citizen card implementations which are based on smart cards. Other citizen card implementations can also be server-based such as the mobile phone-based alternative of Orthacker et al (2010), which in fact require no local software installations on the client. The approach of Orthacker et al (2010) uses short messages (SMS) to transfer transaction codes to the citizen's mobile phone.…”

Section: 2mentioning

confidence: 99%

Design strategies for a privacy-friendly Austrian eID system in the public cloud

Zwattendorfer

Slamanig

2015

Computers & Security

View full text Add to dashboard Cite

Section: 2mentioning

confidence: 99%

Design strategies for a privacy-friendly Austrian eID system in the public cloud

Zwattendorfer

Slamanig

2015

Computers & Security

View full text Add to dashboard Cite

“…A second approach using mobile phones for authentication gets well established at the moment. The concept of this approach has been described in detail by Orthacker et al [6].…”

Section: A the Austrian Citizen Card Conceptmentioning

confidence: 99%

A privacy-preserving eID based Single Sign-On solution

Zwattendorfer¹,

Tauber²,

Zefferer³

2011

2011 5th International Conference on Network and System Security

View full text Add to dashboard Cite

Single Sign-On (SSO) has become a popular technology allowing users to identify and authenticate once and to gain access to different resources in a distributed computing environment. Austrian e-Government relies on a secure and privacy-preserving sectoral identity management model. Even if a sectoral identifier model improves privacy, it also negatively affects the usability of authentication processes. In Austria, most public sector applications use an open-source identity provider called MOA-ID. However, due to the sectoral identity management MOA-ID has not been Single Sign-On-capable. In this paper we present a security architecture that enables Single Sign-On between different governmental applications using MOA-ID as identity provider while meeting the requirements for sectoral data privacy protection at the same time. We achieve this by transforming unique sectoral identifiers of users with the help of an additional trusted attribute provider.

show abstract

“…In particular, the model applies to the concept proposed by Orthacker et al [9] and to the Austrian Mobile Phone Signature. Considering concrete implementations of the derived model, the secure and reliable realization of possession proofs is the challenging part.…”

Section: Limitations Of Existing Solutionsmentioning

confidence: 99%

“…The ServerBKU supports the server-based creation of electronic signatures and thus already implements the functionality of the components Signature Service and SSCD defined by the functional model. As it relies on the concept proposed by Orthacker et al [9], the ServerBKU makes use of the classical SMS-TAN approach to authenticate users. The authentication factor possession is covered by a TAN, which is sent to the user via SMS and has to be returned by the user to prove possession of the SIM.…”

Section: Prototype Implementationmentioning

confidence: 99%

See 1 more Smart Citation

A Server-Based Signature Solution for Mobile Devices

Zefferer

2014

Proceedings of the 12th International Conference on Advances in Mobile Computing and Multimedia

View full text Add to dashboard Cite

Electronic signatures are frequently used in security-critical fields of application such as e-government or e-banking. During the past years, especially server-based signature solutions have gained popularity, as they solve usability problems of traditional client-based approaches. Unfortunately, server-based signature solutions and their underlying security concepts are usually tailored to classical end-user devices such as desktop PCs or laptops. Therefore, these solutions cannot be used on mobile end-user devices such as smartphones. This excludes an increasing number of potential users, who prefer mobile end-user devices to access egovernment and e-banking applications. To solve this problem, we propose a new server-based signature solution that is tailored to the special characteristics of mobile devices. The proposed solution is evaluated by means of a concrete prototype implementation. This prototype proves the feasibility of the proposed solution and demonstrates its capability to leverage the use of electronic signature based applications on mobile end-user devices.

show abstract

Qualified Mobile Server Signature

Cited by 27 publications

References 3 publications

Design strategies for a privacy-friendly Austrian eID system in the public cloud

Design strategies for a privacy-friendly Austrian eID system in the public cloud

A privacy-preserving eID based Single Sign-On solution

A Server-Based Signature Solution for Mobile Devices

Contact Info

Product

Resources

About