Logo des Repositoriums

Auflistung nach Autor:in "Wich, Tobias"

1 - 10 von 14
  • Konferenzbeitrag
    Architecture for controlled credential issuance enhanced with single sign-on (ACCESSO)
    (2016) Nemmert, Daniel; Hühnlein, Detlef; Wich, Tobias; Hühnlein, Tina
    As more than half of the EU Member States already have rolled out electronic identity cards (eIDs) [Le13], it seems to be a rewarding approach to investigate whether and how eIDs may be used for the purpose of controlling the log-on process for operating systems and similar local access control facilities. While this paper shows that all currently rolled out eIDs may be used for such access control purposes, our investigation also reveals that for some types of eIDs it is significantly harder to support this kind of use case.
  • Konferenzbeitrag
    An extensible client platform for eID, signatures and more
    (Open Identity Summit 2013, 2013) Wich, Tobias; Horsch, Moritz; Petrautzki, Dirk; Schmölz, Johannes; Hühnlein, Detlef; Wieland, Thomas; Potzernheim, Simon
    The present paper introduces an extensible client platform, which can be used for eID, electronic signatures and many more smart card enabled applications.
  • Konferenzbeitrag
    Futuretrust - future trust services for trustworthy global transactions
    (2016) Hühnlein, Detlef; Frosch, Tilman; Schwenk, Joerg; Piswanger, Carl-Markus; Sel, Marc; Hühnlein, Tina; Wich, Tobias; Nemmert, Daniel; Lottes, René; Somorovsky, Juraj; Mladenov, Vladislav; Condovici, Cristina; Leitold, Herbert; Stalla-Bourdillon, Sophie; Tsakalakis, Niko; Eichholz, Jan; Kamm, Frank-Michael; Kühne, Andreas; Wabisch, Damian; Dean, Roger; Shamah, Jon; Kapanadze, Mikheil; Ponte, Nuno; Martins, Jose; Portela, Renato; Karabat, Çağatay; Stojičić, Snežana; Nedeljkovic, Slobodan; Bouckaert, Vincent; Defays, Alexandre; Anderson, Bruce; Jonas, Michael; Hermanns, Christina; Schubert, Thomas; Wegener, Dirk; Sazonov, Alexander
    Against the background of the regulation 2014/910/EU [EU1] on electronic identification (eID) and trusted services for electronic transactions in the internal market (eIDAS), the FutureTrust project, which is funded within the EU Framework Programme for Research and Innovation (Horizon 2020) under Grant Agreement No. 700542, aims at supporting the practical implementation of the regulation in Europe and beyond. For this purpose, the FutureTrust project will address the need for globally interoperable solutions through basic research with respect to the foundations of trust and trustworthiness, actively support the standardisation process in relevant areas, and provide Open Source software components and trustworthy services which will ease the use of eID and electronic signature technology in real world applications. The FutureTrust project will extend the existing European Trust Service Status List (TSL) infrastructure towards a “Global Trust List”, develop a comprehensive Open Source Validation Service as well as a scalable Preservation Service for electronic signatures and seals. Furthermore it will provide components for the eID-based application for qualified certificates across borders, and for the trustworthy creation of remote signatures and seals in a mobile environment. The present contribution provides an overview of the FutureTrust project and invites further stakeholders to actively participate as associated partners and contribute to the development of future trust services for trustworthy global transactions.
  • Konferenzbeitrag
    Innovative building blocks for versatile authentication within the skidentity service
    (Open Identity Summit 2015, 2015) Hühnlein, Detlef; Tuengerthal, Max; Wich, Tobias; Hühnlein, Tina; Biallowons, Benedikt
    Accepting arbitrary electronic identity cards (eIDs) and similar authenticators in cloud and web applications has been a challenging task. Thanks to the multiply awarded 'SkIDentity Service' this has changed recently. This versatile authentication infrastructure combines open technologies, international eID standards and latest research results with respect to trusted cloud computing in order to offer electronic identification and strong authentication in form of a trustworthy, simple to use and cost efficient cloud computing service, which supports various European eIDs as well as alternative authenticators proposed by the FIDO Alliance for example. The present contribution exposes innovative and patent pending building blocks of the SkIDentity Service: (1) The 'Identity Broker', which eases the integration of authentication, authorization, federation and application services and in particular allows to derive secure credentials from conventional eID cards, which can be transferred to mobile devices for example. (2) The 'Universal Authentication Service' (UAS), which allows to execute arbitrary authentication protocols, which are specified by the recently introduced 'Authentication Protocol Specification' (APS) language, (3) the 'Cloud Connector' which eases the integration of federation protocols into web applications and last but not least (4) the 'SkIDentity Self-Service Portal', which makes it extremely easy for Service Providers to configure the necessary parameters in order to connect with the SkIDentity Service and use strong authentication in their individual applications.
  • Konferenzbeitrag
    On the design and implementation of the Open eCard App
    (SICHERHEIT 2012 – Sicherheit, Schutz und Zuverlässigkeit, 2012) Hühnlein, Detlef; Petrautzki, Dirk; Schmölz, Johannes; Wich, Tobias; Horsch, Moritz; Wieland, Thomas; Eichholz, Jan; Wiesmaier, Alexander; Braun, Johannes; Feldmann, Florian; Potzernheim, Simon; Schwenk, Jörg; Kahlo, Christian; Kühne, Andreas; Veit, Heiko
    The paper at hand discusses the design and implementation of the “Open eCard App”, which is a lightweight and open eID client, which integrates major international standards. It supports strong authentication and electronic signatures with numerous common electronic identity cards in desktop as well as mobile environments. The Open eCard App is designed to be as lightweight, usable and modular as possible to support a variety of popular platforms including Android for example. It will be distributed under a suitable open source license and hence may provide an interesting alternative to existing eID clients.
  • Konferenzbeitrag
    An Open eCard Plug-in for accessing the German national Personal Health Record
    (Open Identity Summit 2013, 2013) Kuhlisch, Raik; Petrautzki, Dirk; Schmölz, Johannes; Kraufmann, Ben; Thiemer, Florian; Wich, Tobias; Hühnlein, Detlef; Wieland, Thomas
    An important future application of the German electronic health card (elektronische Gesundheitskarte, eGK) is the national Personal Health Record (PHR), because it enables a citizen to store and retrieve sensitive medical data in a secure and self-determined manner. As the stored data is encrypted with an eGK- specific certificate and retrieving the encrypted data is only possible after TLS- based authentication, the citizen needs to use a so called “PHR Citizen Client”, which allows to use the eGK for strong authentication, authorization, and decryption purposes. Instead of building such an application from scratch, this paper proposes to use the Open eCard App and its extension mechanism for the efficient creating of a PHR Citizen Client by developing an Open eCard Plug-in for accessing the German national Personal Health Record.
  • Konferenzbeitrag
    OpeneGK – Benutzerfreundliche und sichere Authentisierung für Mehrwertdienste im Gesundheitswesen
    (perspeGKtive 2010. Workshop „Innovative und sichere Informationstechnologie für das Gesundheitswesen von morgen“, 2010) Eske, Daniel; Hühnlein, Detlef; Paulus, Sachar; Schmölz, Johannes; Wich, Tobias; Wieland, Thomas
    Dieser Beitrag zeigt, wie die elektronische Gesundheitskarte (eGK) in Verbindung mit dem OpenID-Protokoll bei web-basierten Mehrwertdiensten im Gesundheitswesen zur sicheren, datenschutzund benutzerfreundlichen Registrierung und Authentisierung genutzt werden kann. Außerdem verspricht die Kombination mit dem weit verbreiteten OpenID-Protokoll eine schnellere Akzeptanz und Verbreitung der eGK-basierten Authentisierung im Internet.
  • Konferenzbeitrag
    Qualified Electronic Signatures with the EU Digital Identity Wallet
    (Open Identity Summit 2024, 2024) Wich, Tobias; Hühnlein, Detlef; Otto, Florian; Prechtl, Mike
    Art. 5a of the amended eIDAS-Regulation (EU) 2024/1183 establishes the European Digital Identity Framework and introduces the European Digitial Identity Wallet (EUDIW), which will meet the requirements of assurance level “high” for identity proofing and authentication (see Art. 5a Nr. 11) and is envisioned to be able to create Qualified Electronic Signatures (QES) free of charge for non-professional purposes (see Art. 5a Nr. 4 (e) and Nr. 5 (g)). As it will not be feasible in practice to certify the secure elements of all smartphones in the market as Qualified Signature Creation Device (QSCD), one needs to look at remote signature solutions along the lines of ETSI TS 119 432 and the specification developed within the Cloud Signature Consortium (CSC) . The Architecture and Reference Framework (ARF) makes it clear that the EUDIW will support Verifiable Credentials (VCs) for the purpose of strong identification and authentication and the only missing step to enable QES in the EUDIW seems to be the integration of Verifiable Credentials and Verifiable Presentations according to W3C with the remote signature protocol of the CSC-API. The present paper shows how to integrate the two worlds to enable QES in the EUDIW using emerging standards, such as Selective Disclosure JSON Web Tokens (SD-JWT) and OpenID for Verifiable Presentations (OID4VP).
  • Konferenzbeitrag
    Quality management in open source projects - experiences from the open ecard project
    (Open Identity Summit 2015, 2015) Nemmert, Daniel; Haase, Hans-Martin; Hühnlein, Detlef; Wich, Tobias
    Open Source Software (OSS) has immensely increased in popularity over the years and it is well known, that software with public access to the sources is on average less error prone than closed source software, especially if the project is supported by a large community which peer reviews the sources [Kua02]. For new and smaller projects however there is no large community yet and hence achieving and maintaining sufficient product quality is challenging. Against this background the present paper discusses aspects of product quality management for OSS in general and shares the experiences gathered in the Open eCard project, which has developed an ISO/IEC 24727 based eID client.
  • Konferenzbeitrag
    Eine Referenzarchitektur für die Authentisierung und elektronische Signatur im Gesundheitswesen
    (INFORMATIK 2012, 2012) Hühnlein, Detlef; Schmölz, Johannes; Wich, Tobias; Biallowons, Benedikt; Horsch, Moritz; Hühnlein, Tina
    Vor dem Hintergrund der differenzierten Empfehlungen für den Einsatz elektronischer Signaturen und Zeitstempel in Versorgungseinrichtungen des Gesundheitswesens [SKB+10] wird in diesem Beitrag auf Basis der Vorarbeit aus einschlägigen Projekten sowie unter Berücksichtigung der relevanten BSI-Richtlinien und internationalen Standards eine umfassende und zukunftsfähige Referenzarchitektur für die starke Authentisierung und elektronische Signatur im Gesundheitswesen entwickelt.