Security architecture of the Austrian citizen card concept

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn 2002-January, Issue , 2002, Pages 391-400

  Leitold, Herbert ^a   Hollosi, Arno ^b   Posch, Reinhard ^c  

^a Center Austria A SIT   (Austria)

^b Federal CIO Office   (Austria)

^c Federal Chief Information Officer ^*  (Austria)

Author keywords

Councils; Data security; Digital signatures; Electronic government; Information security; Information technology; Internet; Law; Legal factors; Scalability

Indexed keywords

AUTHENTICATION; ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; GOVERNMENT DATA PROCESSING; INFORMATION TECHNOLOGY; INTERNET; SCALABILITY; SECURITY OF DATA; SECURITY SYSTEMS; SMART CARDS;

AUSTRIAN CITIZEN CARDS; COUNCILS; E-GOVERNMENT APPLICATIONS; ELECTRONIC GOVERNMENT; FORWARD COMPATIBILITY; LAW; LEGAL FACTORS; SECURITY ARCHITECTURE;

NETWORK SECURITY;

EID: 84948946968     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSAC.2002.1176311     Document Type: Conference Paper

References (28)

1. Posch R., Leitold H.: "Weissbuch Bürgerkarte", Federal Ministry for Public Services and Sports, Federal IT-Coordination, June 2001. (in German)
2. Directive 1999/93/EC of the European Parliament and of the Council of 13. December 1999 on a community framework for electronic signatures
3. European Electronic Signature Standardization Initiative: "EESSI explanatory document: Description of deliverables", EESSI Steering Group, 2000
4. European Electronic Signature Standardization Initiative: "Algorithms and Parameters for Secure Electronic Signatures, v2.1", EESSI algorithm group, 2001
5. RSA Laboratories: "RSA Cryptography Standard", PKCS #1 v2.1 draft 2, 2001
6. National Institute of Standards and Technology: "Digital Signature Standard (DSS)", NIST FIPS Publication 186-2, 2000
7. American National Standards Institute: "Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA)", ANSI X9.62-1998, 1998
8. International Organization for Standardization: "Information technology-Security techniques-Evaluation criteria for IT security", ISO/IEC 15408-1 to 15408-3, 1999
9. European Committee for Standardization: "Security Requirements of Secure Signature Creation Devices (SSCD-PP)", CWA 14169, 2002
10. European Committee for Standardization: "Cryptographic Module for CSP Signing Operations-Protection Profile (CMCSO-PP)", CWA 14167-2, 2002
11. Austrian signature law: "Bundesgesetz über elektronische Signaturen (Signaturgesetz-SigG)", BGBl. I Nr. 190/1999, BGBl. I Nr. 137/2000, BGBl. I Nr. 32/2001. (in German5)
12. Austrian signature order: "Verordnung des Bundeskanzlers über elektronische Signaturen (Signaturverordnung-SigV)", StF: BGBl. II Nr. 30/2000. (in German6)
13. Cremers, A.B., Spalka, A., Langweg, H.: "Protecting the Creation of Digital Signatures with Trusted Computing Platform Technology Against Attacks by Trojan Horse Programs", Proceedings of IFIP/SEC'01, 2001
14. Scheibelhofer K.: "What You See Is What You Sign-Trustworthy Display of XML Documents for Signing and Verification", Proceedings of IFIP Communications and Multimedia Security CMS, 2001
15. European Committee for Standardization: "Security Requirements for Signature Creation Applications", CWA 14170, 2001
16. European Committee for Standardization: "Guideleines for the implementation of Secure Signature-Creation Devices", CWA 14355, 2002
17. Austrian registration implementation regulation: "Verordnung des Bundesministers für Inneres über die Durchführung des Meldegesetzes (Meldegesetz-Durchführungsverordnung-MeldeV)", StF: BGBl. II Nr. 66/2002. (in German)
18. Holossi A.: "XML-Definition der Personenbindung, Spezifikation Version 1.1.0", Chief Information Office Austria, 2002. (in German)
19. Eastlake D., Reagle J., and Solo D.: "XMLSignature Syntax and Processing", W3C Recommendation, 2002
20. Administration reform law: "Verwaltungsreform Gesetz", 2001 amending "Allgemeines Verwaltungsverfahrensgesetz (AVG)" BGBl. Nr. 51/1991
21. Notification delivery law: "Bundesgesetz vom 1. April 1982 über die Zustellung behördlicher Schriftstücke", BGBl. I Nr. 137/2001. (in German)
22. Council of the European Union, Commission of the European Communities: "eEurope2002: An Information Society for all", 2000
23. Karlinger G.: " Anforderungen an die Bürgerkarten-Umgebung nach dem Konzept Bürgerkarte, Spezifikation Version 1.0.0", Chief Information Office Austria, 2002. (in German)
24. Trusted Computing Platform Alliance: "Trusted Platform Module Protection Profile Version 1.9.4" TCPA Membership, 2002
25. International Organization for Standardization "Identification cards-Integrated circuit cards with contacts-Part 4: Interindustry commands for interchange and Part 8: Security related interindustry commands", ISO/IEC 7816-4:1995, 7816-8:1999
26. Hously, R.: "Cryptographic Message Syntax (CMS)", IETF Request For Comment RFC 2630, 1999
27. Dierks T., Allen C.: "The Transport Layer Security (TLS) Protocol, Version 1.0", IETF Request For Comment RFC 2246, 1999
28. Holossi A., Karlinger G.: "Schnittstellenspezifikation des Security-Layers der Bürgerkarte, Version 1.0.0", Chief Information Office Austria, 2002. (in German)