Enhancing privacy of users in eID schemes

Kris Shrishak, Zekeriya Erkin, Remco Schaar

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

36 Downloads (Pure)

Abstract

In todays world transactions are increasingly being performed over the internetbut require identication of users as in face-to-face transactions. In order to facilitate eGovernance as well as other eCommerce services Electronic Identiation(eID) schemes, which intend to provide unique and reliable identication andauthentication of the users, have been introduced. eID schemes commonly involve a Service Provider which provides a service, such as online shopping, to the user and an Identity Provider which veries the users identity and facilitates the user to identify itself to the Service Provider. Every transaction made over the Internet reveals bits of information about the user which can be accumulated and abused, thus necessitating security and privacy in order to prevent misuse of data and invasion of personal privacy. In this work, ve eID schemes which are in use or re proposed in EU countries is surveyed and the strengths and weaknesses of these schemes is investigated. All the schemes have given importance to security while only a few of them are designed with privacy in mind. Identity Providers in federated eID schemes are observed to be a privacy hotspot as they store user information and can uniquely identify the user. The use of homomorphic encryption and block chain in eID schemes is further explored in order to prevent the Identity Provider from becoming a privacy hotspot while fullling its role in the scheme.
Original languageEnglish
Title of host publication37th WIC Symposium on Information Theory in the Benelux / 6th WIC/IEEE SP Symposium on Information Theory and Signal Processing in the Benelux
Pages158-165
Number of pages8
Publication statusPublished - 2016
Event37th WIC Symposium on Information Theory in the Benelux / 6th WIC/IEEE SP Symposium on Information Theory and Signal Processing in the Benelux - Université Catholique de Louvain, Louvain, Belgium
Duration: 19 May 201620 May 2016
http://sites.uclouvain.be/sitb2016/

Conference

Conference37th WIC Symposium on Information Theory in the Benelux / 6th WIC/IEEE SP Symposium on Information Theory and Signal Processing in the Benelux
CountryBelgium
CityLouvain
Period19/05/1620/05/16
Internet address

Fingerprint Dive into the research topics of 'Enhancing privacy of users in eID schemes'. Together they form a unique fingerprint.

Cite this