Presentation is loading. Please wait.

Presentation is loading. Please wait.

SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.

Similar presentations


Presentation on theme: "SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU."— Presentation transcript:

1 SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU Belgrade Date: 26/03/2009

2 SWEB SWEB user types  JAVA mobile client .NET mobile client  SELIS client  Civil Servant client

3 SWEB Security of communications between the client and SWEB platform  XML signature  Time Stamping  SAML token  WS-Security (WS-Encryption and/or WS-Signature)

4 SWEB User authentication and authorization  Username/password to access the client application and asymmetric private key  User’s digital certificate to be authenticated by the STS server  SAML token issued to the user for authentication to the particular service  User profile (digital certificate) for user authorization to the platform

5 SWEB Secure communication between two SWEB platforms  Digital certificate for authentication to the STS server  SAML token for authentication to the service  User’s profile (digital certificate) for user authorization

6 SWEB Identities of users  Digital certificates  PKI hierarchy  XKMS for certificate locating (LocateRequest) and validating (ValidateRequest)

7 SWEB

8

9 The Residence Certification Service Cross-Border request scenario

10 SWEB SWEB Security Aspects Summary  X.509 certificate  XML Digital Signatures and Encryption  WS-security  Time stamping  Federation Identity - Security Token (SAML)  XKMS  Smart cards for Civil Servants  Future upgrade include PKI SIM cards

11 SWEB Future research directions  Implementing JAVA mobile application into the JAVA CDC 1.1 enabled mobile devices  Full implementation of advanced electronic signature formats (e.g. XAdeS)  Integration of PKI SIM technology in the Mobile Client application  Using SWEB-like system for other PKI based e/m-governmental services (strong user authentication to other e-gov web portals, signing documents prepared through some other communication channels, qualified signatures, etc.)

12 SWEB Thank You!!


Download ppt "SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU."

Similar presentations


Ads by Google