ENISA
https://www.enisa.europa.eu
Main security risks for trust service providers
https://www.enisa.europa.eu/events/eid-workshop/proceedings/03-02-UniversityOfOslo/view
Audun Jøsang (University of Oslo)No publishereID2013/10/01 15:46:57 GMT+2FileMain security risks for trust service providers
https://www.enisa.europa.eu/events/eid-workshop/proceedings/03-01-Bundesdruckerei/view
Kim Nguyen (Bundesdruckerei / D-Trust) No publishereID2013/10/01 15:46:57 GMT+2FileThe legal, standartization and certification frameworks of trust service security
https://www.enisa.europa.eu/events/eid-workshop/proceedings/02-02-DigiCert/view
Ben Wilson (DigiCert)No publishereID2013/10/01 15:46:57 GMT+2FileThe legal, standartization and certification frameworks of trust service security
https://www.enisa.europa.eu/events/eid-workshop/proceedings/02-01-ETSI/view
Nick Pope (Thales / ETSI)No publishereID2013/10/01 15:46:57 GMT+2FileeIDAS legislative process
https://www.enisa.europa.eu/events/eid-workshop/proceedings/01-02-EuropeanCommission/view
Andrea Servida (European Commission)No publishereID2013/10/01 15:46:57 GMT+2FileIntroduction and ENISA work
https://www.enisa.europa.eu/events/eid-workshop/proceedings/01-01-ENISA/view
Sławomir Górniak (ENISA)No publishereID2013/10/01 15:46:57 GMT+2Fileproceedings
https://www.enisa.europa.eu/events/eid-workshop/proceedings
No publishereID2013/10/01 15:31:16 GMT+2FolderWorkshop - security aspects of Trust Service Providers
https://www.enisa.europa.eu/news/enisa-news/enisa-workshop-on-security-aspects-of-trust-service-providers
On September 24, 2013, ENISA is organising a workshop to present and discuss the interim results of its studies on Trust Service Providers (TSPs).No publishereIDIdentity & Trust2013/07/03 17:55:00 GMT+2News ItemNational eIDs in pan-European e-Government Services
https://www.enisa.europa.eu/publications/egov
Since the beginning of the 21st century, European Member States have been planning, developing and implementing new solutions to offer electronic services to citizens and businesses on a digital platform in order to improve administrative efficiency, accessibility and user-friendliness and, above all, reduce costs. Policy makers and experts agreed on the desirability of finding solutions that would allow all stakeholders to work together across (digital) borders, while respecting the autonomy of the Member States. One of the directions taken defined a model, which included levels of authentication. ENISA reviewed the authentication levels and their mapping to public electronic services in the eGovernment programme framework, which require an authentication of the user (security servicesNo publishereID2011/10/27 13:20:00 GMT+2Report/StudyManaging multiple identities
https://www.enisa.europa.eu/publications/mami
Nowadays each person has the opportunity of living multiple lives in parallel, in the real as well as in the virtual world. A trend observed over the last years, first in the research community, but now also in commercial offerings is the increase of interactions between these two worlds, making real-world information accessible to services on the Internet. An area of particular interest is the management of multiple identities, where “identity” is being considered in a broad sense. Issues related with this area include anonymity, pseudonymity, unlinkability and unobservability. The increasingly digital nature of relationships between people is central to dealing with those issues. It is not a question simply of hardware or software, but more importantly of enabling people to enjoy and benefit from their online experiences, while dealing with potential issues. The problems might include a lack of knowledge or training, difficult personal circumstances or simply irritation at the diversity and unpredictability of online privacy and identity mechanisms. It is therefore vital that we should have strong, reliable mechanisms, which can be easily understood and relied upon across the course of a lifetime. This paper introduces the key concepts of electronic identity and presents available methods of managing multiple identities.No publishereID2011/04/20 16:00:00 GMT+2Report/StudyMapping security services to authentication levels
https://www.enisa.europa.eu/publications/map-auth-lev
This report reviews the authentication levels and their mapping to public electronic services in the eGovernment programme framework, which require an authentication of the user (security services). It gives a general overview of European efforts and particularly the activities of STORK (Secure idenTity acrOss boRders linKed) in relation to the levels and the mapping. Essential concepts in IT security are explained and the mappings are illustrated by everyday life examples.No publishereID2011/03/08 19:15:00 GMT+2Report/StudyMobile Identity Management
https://www.enisa.europa.eu/publications/Mobile%20IDM
This paper reports on information security risks and best-practice in the area of Mobile Identity Management (Mobile IDM). It also provides recommendations of systems, protocols and/or approaches to address these challenges.No publishereID2010/04/13 09:00:00 GMT+2Report/StudySecurity Issues in Cross-border Electronic Authentication
https://www.enisa.europa.eu/publications/xborderauth
Improving the interoperability of electronic identification and authentication systems is a European task and a task for all Member States. Considerable efforts have been made in several projects to face the challenges of pan-European interoperability of electronic authentication and to assess the feasibility of differing approaches. ENISA analysed the current situation and assessed the security risks of electronic authentication in cross-border solutions. To visualize these risks, two different projects offering cross-border authentication have been exemplarily examined and evaluated, NETC@RDS and STORK.No publishereID2010/02/03 12:25:00 GMT+2Report/Study Privacy and Security Risks when Authenticating on the Internet with European eID Cards
https://www.enisa.europa.eu/publications/eid-online-banking
Whenever we use internet services, the first steps we take are usually identification (we input our names) and authentication (we prove that it is us). How we actually identify and authenticate ourselves depends on the security level of the application. The means used can vary from a simple combination of username and password, through a secret PIN, to a PIN generated by some external device or a smart card using cryptography. Smart cards are being used increasingly for authentication purposes. Many European identity cards now contain a smart-card chip, equipped with functionalities for online authentication. They are usually called 'electronic identity cards' (eID cards). This report focuses on authentication using smart cards and compares this approach with other common means of authentication.No publishereID2009/11/23 12:25:00 GMT+2Report/StudySecurity Issues in the Context of Authentication Using Mobile Devices (Mobile eID)
https://www.enisa.europa.eu/publications/mobile-eid
Mobile devices, like smart phones and PDAs, will play an increasingly important role in the digital environment. However, the pervasive use of mobile devices also brings new security and privacy risks. Persons who make extensive use of mobile devices continuously leave traces of their identities and transactions, sometimes even by just carrying the devices around in their pockets. Throughout this paper we will look at different use-cases for electronic authentication using mobile devices. We will identify the security risks which need to be overcome, give an opinion about their relevance, and present mechanisms that help mitigate these risks.No publishereID2009/06/24 16:05:00 GMT+2Report/Study