Klaus John, Proxy Authenticator Approach of a Signature based Single Sign on Proxy Solution for e-­‐Government Applications
Upcoming SlideShare
Loading in...5
×
 

Klaus John, Proxy Authenticator Approach of a Signature based Single Sign on Proxy Solution for e-­‐Government Applications

on

  • 685 views

#CeDEM13 Day 2 afternoon, Reflections, Main Hall, Chair: Morten Meyerhoff Nielsen

#CeDEM13 Day 2 afternoon, Reflections, Main Hall, Chair: Morten Meyerhoff Nielsen

Statistics

Views

Total Views
685
Views on SlideShare
664
Embed Views
21

Actions

Likes
0
Downloads
0
Comments
0

1 Embed 21

http://digitalgovernment.wordpress.com 21

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Klaus John, Proxy Authenticator Approach of a Signature based Single Sign on Proxy Solution for e-­‐Government Applications Klaus John, Proxy Authenticator Approach of a Signature based Single Sign on Proxy Solution for e-­‐Government Applications Presentation Transcript

  • Service  Layer  Help  Layer  Customer  Layer  Browser    www.Help.gv.at  Portal    MOA-­‐ID  STORK   MOCCA  STORK  eDelivery   eSafe   HV-­‐Services  CiDzen  MOCCA  Server  MOA-­‐ID  Server  Graphics  Internet  Internet  eDelivery   eSafe   HV-­‐Services  26.05.13   1  Proxy  AuthenDcator  eGovernment  official  Channel  InformaDon    
  • Help.gv.at:  Login  via  Mobile  26.05.13   2  eGovernment  official  Channel  InformaDon    
  • Customer  Layer  myHelp  Layer  Service  Layer  Browser  eDelivery   eSafe   HV-­‐Services  MOA-­‐ID  STORK   MOCCA  STORK   MOA-­‐ID  STORK   MOCCA  STORK  CerDficate  &  Private  Key  in  accordance  to  §35  ZustG  in  Austria  CiDzen  MOCCA  Server  MOA-­‐ID  Server  Graphics  eDelivery,  eSave,  HV-­‐Services    CerDficate    GeneraDon  (pkcs12  Container)  ‚  [RegistraDon/Re-­‐entry  (a^er  First  RegistraDon)]  opDonal  CerDficate  Private  Key  1  2  CerDficate  GeneraDon  Internet  Internet  1  2  26.05.13   3    www.myHelp.gv.at  Portal    MOA-­‐ID  STORK   MOCCA  STORK  eSafe   HV-­‐Services  CerDficate  &    Private  Key  1  eDelivery  2  1  
  • BRZ  eDelivery  Service:  Create  CerDficate  26.05.13   4  
  • BRZ  eDelivery  Service:  pkcs12  Container  saved    26.05.13   5  
  • Help.gv.at:  Connect  to  BRZ  eDelivery  Service  26.05.13   6  BRZ  eDelivery  Service  
  • Service  Domain  myHelp  Domain    Private  User  Domain  Domain  Model:  Login  Request  26.05.13   7  CiDzen‘s  Client  Proxy  AuthenDcator  (Client  Proxy)  myHelp.gv.at  Key  Share  Holder  1  BRZ  login  page,  …  eDelivery  Service  meinBrief  login  page,  …  eDelivery  Service  Post  Server  login  page,  …  eDelivery  Service  Key  Share  Holder  n  1. URL  2. request  login  shared  Key  n  shared  Key  1  shared  Key      request  shared      Key  1-­‐n  
  • BRZ  eDelivery  Service:  Upload  pkcs12  Container  26.05.13   8  
  • BRZ  eDelivery  Service:  Show  Inbox  (2  Objects)  26.05.13   9  
  • Sequence  Diagram  Data  Access  CiDzen   myHelp   ProxyAuthenDcator   KeySharholder  1   KeySharholder  n   Database   meinBrief  getData  validaDon  <  <  <  <  getData  getSharedKeyPart  1  getSharedKeyPart  n  validaDon  <   reconstructSharedKey  <  loadPrivateKey  +  CerDficate  <   decryptPrivateKey  +  CerDficate    <   connect  Post  Server  BRZ  eDeliveryService  26.05.13   10  
  • Components  for  secure  saving  of  the    eDelivery  CerDficates  in  myHelp.gv.at  Key  Upload  Policy  Server  LDAP  MeinBrief  eDelivery  Service  load  access  Data  Key1  Access  (eDelivery  Correspondence)  myHelp.gv.at  load  CerDficate  +  Policy  Key  Site  Minder  (AuthenDcaDon)  store  CerDficate  +  Policy  Key  store  get  Key2+Key3  Key3  upload  CerDficate  +  Private    Key  MySQL  Post  Server  eDelivery  Service  BRZ  eDelivery  Service  Key2  based  on  (bPK+Key2+Key3)  26.05.13   11