SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi...
-
Upload
piers-barnaby-miles -
Category
Documents
-
view
214 -
download
0
Transcript of SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi...
![Page 1: SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f155503460f94c2a6b4/html5/thumbnails/1.jpg)
SWEBSWEBSWEB Security and Privacy Technologies –
Implementation Aspects
Venue: SWEB Day in APV, Novi Sad
Author(s): Dr. Milan Marković
Organisations: MISANU Belgrade
Date: 26/03/2009
![Page 2: SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f155503460f94c2a6b4/html5/thumbnails/2.jpg)
SWEBSWEBSWEB user types
JAVA mobile client
.NET mobile client
SELIS client
Civil Servant client
![Page 3: SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f155503460f94c2a6b4/html5/thumbnails/3.jpg)
SWEBSWEBSecurity of communications between the client and SWEB platform
XML signature
Time Stamping
SAML token
WS-Security (WS-Encryption and/or WS-Signature)
![Page 4: SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f155503460f94c2a6b4/html5/thumbnails/4.jpg)
SWEBSWEBUser authentication and authorization
Username/password to access the client application and
asymmetric private key
User’s digital certificate to be authenticated by the STS server
SAML token issued to the user for authentication to the particular
service
User profile (digital certificate) for user authorization to the platform
![Page 5: SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f155503460f94c2a6b4/html5/thumbnails/5.jpg)
SWEBSWEBSecure communication between two SWEB platforms
Digital certificate for authentication to the STS server
SAML token for authentication to the service
User’s profile (digital certificate) for user authorization
![Page 6: SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f155503460f94c2a6b4/html5/thumbnails/6.jpg)
SWEBSWEBIdentities of users
Digital certificates
PKI hierarchy
XKMS for certificate locating (LocateRequest) and
validating (ValidateRequest)
![Page 7: SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f155503460f94c2a6b4/html5/thumbnails/7.jpg)
SWEBSWEB
![Page 8: SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f155503460f94c2a6b4/html5/thumbnails/8.jpg)
SWEBSWEB
![Page 9: SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f155503460f94c2a6b4/html5/thumbnails/9.jpg)
SWEBSWEB
The Residence Certification Service Cross-Border request scenario
![Page 10: SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f155503460f94c2a6b4/html5/thumbnails/10.jpg)
SWEBSWEBSWEB Security Aspects Summary
X.509 certificate XML Digital Signatures and Encryption WS-security Time stamping Federation Identity - Security Token (SAML) XKMS Smart cards for Civil Servants Future upgrade include PKI SIM cards
![Page 11: SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f155503460f94c2a6b4/html5/thumbnails/11.jpg)
SWEBSWEBFuture research directions
Implementing JAVA mobile application into the JAVA CDC 1.1 enabled mobile devices
Full implementation of advanced electronic signature formats (e.g. XAdeS)
Integration of PKI SIM technology in the Mobile Client application
Using SWEB-like system for other PKI based e/m-governmental services (strong user authentication to other e-gov web portals, signing documents prepared through some other communication channels, qualified signatures, etc.)
![Page 12: SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f155503460f94c2a6b4/html5/thumbnails/12.jpg)
SWEBSWEB
Thank You!!