Auflistung nach Autor:in "Wich, Tobias"
1 - 10 von 12
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragArchitecture for controlled credential issuance enhanced with single sign-on (ACCESSO)(2016) Nemmert, Daniel; Hühnlein, Detlef; Wich, Tobias; Hühnlein, TinaAs more than half of the EU Member States already have rolled out electronic identity cards (eIDs) [Le13], it seems to be a rewarding approach to investigate whether and how eIDs may be used for the purpose of controlling the log-on process for operating systems and similar local access control facilities. While this paper shows that all currently rolled out eIDs may be used for such access control purposes, our investigation also reveals that for some types of eIDs it is significantly harder to support this kind of use case.
- KonferenzbeitragAn extensible client platform for eID, signatures and more(Open Identity Summit 2013, 2013) Wich, Tobias; Horsch, Moritz; Petrautzki, Dirk; Schmölz, Johannes; Hühnlein, Detlef; Wieland, Thomas; Potzernheim, SimonThe present paper introduces an extensible client platform, which can be used for eID, electronic signatures and many more smart card enabled applications.
- KonferenzbeitragFuturetrust - future trust services for trustworthy global transactions(2016) Hühnlein, Detlef; Frosch, Tilman; Schwenk, Joerg; Piswanger, Carl-Markus; Sel, Marc; Hühnlein, Tina; Wich, Tobias; Nemmert, Daniel; Lottes, René; Somorovsky, Juraj; Mladenov, Vladislav; Condovici, Cristina; Leitold, Herbert; Stalla-Bourdillon, Sophie; Tsakalakis, Niko; Eichholz, Jan; Kamm, Frank-Michael; Kühne, Andreas; Wabisch, Damian; Dean, Roger; Shamah, Jon; Kapanadze, Mikheil; Ponte, Nuno; Martins, Jose; Portela, Renato; Karabat, Çağatay; Stojičić, Snežana; Nedeljkovic, Slobodan; Bouckaert, Vincent; Defays, Alexandre; Anderson, Bruce; Jonas, Michael; Hermanns, Christina; Schubert, Thomas; Wegener, Dirk; Sazonov, AlexanderAgainst the background of the regulation 2014/910/EU [EU1] on electronic identification (eID) and trusted services for electronic transactions in the internal market (eIDAS), the FutureTrust project, which is funded within the EU Framework Programme for Research and Innovation (Horizon 2020) under Grant Agreement No. 700542, aims at supporting the practical implementation of the regulation in Europe and beyond. For this purpose, the FutureTrust project will address the need for globally interoperable solutions through basic research with respect to the foundations of trust and trustworthiness, actively support the standardisation process in relevant areas, and provide Open Source software components and trustworthy services which will ease the use of eID and electronic signature technology in real world applications. The FutureTrust project will extend the existing European Trust Service Status List (TSL) infrastructure towards a “Global Trust List”, develop a comprehensive Open Source Validation Service as well as a scalable Preservation Service for electronic signatures and seals. Furthermore it will provide components for the eID-based application for qualified certificates across borders, and for the trustworthy creation of remote signatures and seals in a mobile environment. The present contribution provides an overview of the FutureTrust project and invites further stakeholders to actively participate as associated partners and contribute to the development of future trust services for trustworthy global transactions.
- KonferenzbeitragInnovative building blocks for versatile authentication within the skidentity service(Open Identity Summit 2015, 2015) Hühnlein, Detlef; Tuengerthal, Max; Wich, Tobias; Hühnlein, Tina; Biallowons, BenediktAccepting arbitrary electronic identity cards (eIDs) and similar authenticators in cloud and web applications has been a challenging task. Thanks to the multiply awarded 'SkIDentity Service' this has changed recently. This versatile authentication infrastructure combines open technologies, international eID standards and latest research results with respect to trusted cloud computing in order to offer electronic identification and strong authentication in form of a trustworthy, simple to use and cost efficient cloud computing service, which supports various European eIDs as well as alternative authenticators proposed by the FIDO Alliance for example. The present contribution exposes innovative and patent pending building blocks of the SkIDentity Service: (1) The 'Identity Broker', which eases the integration of authentication, authorization, federation and application services and in particular allows to derive secure credentials from conventional eID cards, which can be transferred to mobile devices for example. (2) The 'Universal Authentication Service' (UAS), which allows to execute arbitrary authentication protocols, which are specified by the recently introduced 'Authentication Protocol Specification' (APS) language, (3) the 'Cloud Connector' which eases the integration of federation protocols into web applications and last but not least (4) the 'SkIDentity Self-Service Portal', which makes it extremely easy for Service Providers to configure the necessary parameters in order to connect with the SkIDentity Service and use strong authentication in their individual applications.
- KonferenzbeitragOn the design and implementation of the Open eCard App(SICHERHEIT 2012 – Sicherheit, Schutz und Zuverlässigkeit, 2012) Hühnlein, Detlef; Petrautzki, Dirk; Schmölz, Johannes; Wich, Tobias; Horsch, Moritz; Wieland, Thomas; Eichholz, Jan; Wiesmaier, Alexander; Braun, Johannes; Feldmann, Florian; Potzernheim, Simon; Schwenk, Jörg; Kahlo, Christian; Kühne, Andreas; Veit, HeikoThe paper at hand discusses the design and implementation of the “Open eCard App”, which is a lightweight and open eID client, which integrates major international standards. It supports strong authentication and electronic signatures with numerous common electronic identity cards in desktop as well as mobile environments. The Open eCard App is designed to be as lightweight, usable and modular as possible to support a variety of popular platforms including Android for example. It will be distributed under a suitable open source license and hence may provide an interesting alternative to existing eID clients.
- KonferenzbeitragAn Open eCard Plug-in for accessing the German national Personal Health Record(Open Identity Summit 2013, 2013) Kuhlisch, Raik; Petrautzki, Dirk; Schmölz, Johannes; Kraufmann, Ben; Thiemer, Florian; Wich, Tobias; Hühnlein, Detlef; Wieland, ThomasAn important future application of the German electronic health card (elektronische Gesundheitskarte, eGK) is the national Personal Health Record (PHR), because it enables a citizen to store and retrieve sensitive medical data in a secure and self-determined manner. As the stored data is encrypted with an eGK- specific certificate and retrieving the encrypted data is only possible after TLS- based authentication, the citizen needs to use a so called “PHR Citizen Client”, which allows to use the eGK for strong authentication, authorization, and decryption purposes. Instead of building such an application from scratch, this paper proposes to use the Open eCard App and its extension mechanism for the efficient creating of a PHR Citizen Client by developing an Open eCard Plug-in for accessing the German national Personal Health Record.
- KonferenzbeitragOpeneGK – Benutzerfreundliche und sichere Authentisierung für Mehrwertdienste im Gesundheitswesen(perspeGKtive 2010. Workshop „Innovative und sichere Informationstechnologie für das Gesundheitswesen von morgen“, 2010) Eske, Daniel; Hühnlein, Detlef; Paulus, Sachar; Schmölz, Johannes; Wich, Tobias; Wieland, ThomasDieser Beitrag zeigt, wie die elektronische Gesundheitskarte (eGK) in Verbindung mit dem OpenID-Protokoll bei web-basierten Mehrwertdiensten im Gesundheitswesen zur sicheren, datenschutzund benutzerfreundlichen Registrierung und Authentisierung genutzt werden kann. Außerdem verspricht die Kombination mit dem weit verbreiteten OpenID-Protokoll eine schnellere Akzeptanz und Verbreitung der eGK-basierten Authentisierung im Internet.
- KonferenzbeitragQuality management in open source projects - experiences from the open ecard project(Open Identity Summit 2015, 2015) Nemmert, Daniel; Haase, Hans-Martin; Hühnlein, Detlef; Wich, TobiasOpen Source Software (OSS) has immensely increased in popularity over the years and it is well known, that software with public access to the sources is on average less error prone than closed source software, especially if the project is supported by a large community which peer reviews the sources [Kua02]. For new and smaller projects however there is no large community yet and hence achieving and maintaining sufficient product quality is challenging. Against this background the present paper discusses aspects of product quality management for OSS in general and shares the experiences gathered in the Open eCard project, which has developed an ISO/IEC 24727 based eID client.
- KonferenzbeitragEine Referenzarchitektur für die Authentisierung und elektronische Signatur im Gesundheitswesen(INFORMATIK 2012, 2012) Hühnlein, Detlef; Schmölz, Johannes; Wich, Tobias; Biallowons, Benedikt; Horsch, Moritz; Hühnlein, TinaVor dem Hintergrund der differenzierten Empfehlungen für den Einsatz elektronischer Signaturen und Zeitstempel in Versorgungseinrichtungen des Gesundheitswesens [SKB+10] wird in diesem Beitrag auf Basis der Vorarbeit aus einschlägigen Projekten sowie unter Berücksichtigung der relevanten BSI-Richtlinien und internationalen Standards eine umfassende und zukunftsfähige Referenzarchitektur für die starke Authentisierung und elektronische Signatur im Gesundheitswesen entwickelt.
- KonferenzbeitragSAML Privacy-Enhancing Profile(Open Identity Summit 2014, 2014) Horsch, Moritz; Tuengerthal, Max; Wich, TobiasWe present the SAML Privacy-Enhancing (PE) profile which empowers users to take control of the authentication process and their personal data. Users have the full control of the application flow and get detailed information about the involved participants and the revealed attributes. This enables users to give informed consent for the authentication. The new profile builds on well-established standards and technologies. We use the common SAML Authentication Request and provide the additional information as extensions based on SAML Metadata.