STORK: Architecture, Implementation and Pilots [chapter]

Herbert Leitold, Bernd Zwattendorfer
2011 ISSE 2010 Securing Electronic Business Processes  
Who one is on the Internet turns out essential once sensitive information is exchanged or transactions of value are carried out. Electronic identification and identity management provide the solutions. Governments are important players in the area, having a tradition of providing qualified means of identification of their citizens. However, migration to electronic identities often developed as national islands that are based on one country's domestic legal, administrative and socio-cultural
more » ... ition. Once the citizens are crossing borders electronically, these islands need to get connected and interoperability becomes an issue. The project STORK is an EU Large Scale Pilot driven by 17 EU/EEA Member States and the European Commission. The project promises to bridge national eID islands by developing and testing common specifications for electronic identity interoperability. Taking the existing national infrastructures as a basis, models have been developed for the cross-border interoperability framework. The framework is tested in six real-world pilot applications. This paper describes the project STORK. It discusses the interoperability models that have been developed. These are the "proxy model" that introduces national identity gateways and the "middleware model" that is limited to a client to service provider relationship. Rationales for selecting a particular model are given and the principle architecture of STORK is discussed. Introduction Electronic identity (eID) is understood as key-enabler for a variety of services on the Internet. Once the identity of communicating entities is established with a level of certainty matching the value associated with the service, the communication partners can gain the confidence and trust needed for concluding the transaction. Such transactions can range from social networks to get in touch with friends, to buying a book at an online shop, to have a look at one's stock deposit and to trade a few shares, to file a tax declaration, or to access one's medical data in an electronic health record. In each case authentication is involved, i.e. claiming an identity and proving it true. As the examples also show, value associated with a transaction can be pecuniary in case of e-commerce, legal duties in case of e-government, or can touch fundamental data protection questions when in e-health sensitive data is involved. The more we get active on the Internet and the more value transactions get carried out, the higher the importance of high levels of assurance by secure means of authentication linked to qualified identities gets. E-government is such an area where high assurance in the citizen's
doi:10.1007/978-3-8348-9788-6_13 dblp:conf/isse/LeitoldZ10 fatcat:ggpo7ejmunazxpvvx4a3o5ydaa