Kerry Pianoforte02.09.12
As part of the 22nd SIT-SmartCard Workshop organized each year in Darmstadt by the Fraunhofer Institute for Secure Information Technology (SIT), Bundesdruckerei presented new forms of mobile use for the eID functions of the new German ID card. In addition, the 2012 SmartCard Award went to Dr. Walter Fumy, chief scientist at Bundesdruckerei.
For more than a year now, German citizens have been able to use the online functions of their new ID cards to securely confirm their identity online; however, this is restricted to stationary use, i.e. from a PC with a reading device. But Frank Dietrich, who had an important role to play in setting up Bundesdruckerei's own eID Service, showed that this does not have to stay that way.
"Since the importance of the mobile Internet is growing, the eID functionalities of the new German ID card must also be available to mobile applications,” Dietrich said. “To achieve this, we have to enable secure deriving of document-based ID attributes and their linking to a reliable ‘secure element.’ The SIM card in a mobile phone, for instance, can be used to generate and store private key material."
In order to meet with the high security requirements for protecting private data, an Anonymous Credential System is used where issuing and using ID are strictly separated.
"Our approach foresees a specially authorized body, the so-called trusted service manager (TSM), who, in its capacity as a neutral broker and administrator, is the only body that can install this proof -of-ID application on a secure element. This is similar to existing payment applications in the electronic wallet, such as a credit-card application. In this case, the TSM, just like Bundesdruckerei's eID Service, acts as a trustworthy broker between the different service providers," Dietrich said.
Bundesdruckerei is firmly convinced that the role of a TSM could also be an interesting option for smart metering gateways. This is a topic that was also addressed by this year's winner of the SmartCard prize. Dr. Fumy, whose work was highly praised in the laudatory speech by Dr. Gisela Meister, herself a winner of the 2004 SmartCard Award, expressed his profuse thanks for the honor bestowed upon him.
"I am extremely happy to receive this award," said Dr. Fumy, who has been working as chief scientist at Bundesdruckerei since 2009. "It shows that we are on the right track and that we will be able to continue setting trends in Secure ID." Dr. Fumy, co-editor of the “Handbook of eID Security” published last year, has for many years chaired the ISO/IEC Committee SC 27 (IT Security Techniques) and is head of the Security Management workgroup at the IT industry association BITKOM (Bundesverband Informationswirtschaft, Telekommunikation und neue Medien e.V.). The title of his paper at this year's SmartCard Workshop is "Smart eID Security Technologies.”
For more than a year now, German citizens have been able to use the online functions of their new ID cards to securely confirm their identity online; however, this is restricted to stationary use, i.e. from a PC with a reading device. But Frank Dietrich, who had an important role to play in setting up Bundesdruckerei's own eID Service, showed that this does not have to stay that way.
"Since the importance of the mobile Internet is growing, the eID functionalities of the new German ID card must also be available to mobile applications,” Dietrich said. “To achieve this, we have to enable secure deriving of document-based ID attributes and their linking to a reliable ‘secure element.’ The SIM card in a mobile phone, for instance, can be used to generate and store private key material."
In order to meet with the high security requirements for protecting private data, an Anonymous Credential System is used where issuing and using ID are strictly separated.
"Our approach foresees a specially authorized body, the so-called trusted service manager (TSM), who, in its capacity as a neutral broker and administrator, is the only body that can install this proof -of-ID application on a secure element. This is similar to existing payment applications in the electronic wallet, such as a credit-card application. In this case, the TSM, just like Bundesdruckerei's eID Service, acts as a trustworthy broker between the different service providers," Dietrich said.
Bundesdruckerei is firmly convinced that the role of a TSM could also be an interesting option for smart metering gateways. This is a topic that was also addressed by this year's winner of the SmartCard prize. Dr. Fumy, whose work was highly praised in the laudatory speech by Dr. Gisela Meister, herself a winner of the 2004 SmartCard Award, expressed his profuse thanks for the honor bestowed upon him.
"I am extremely happy to receive this award," said Dr. Fumy, who has been working as chief scientist at Bundesdruckerei since 2009. "It shows that we are on the right track and that we will be able to continue setting trends in Secure ID." Dr. Fumy, co-editor of the “Handbook of eID Security” published last year, has for many years chaired the ISO/IEC Committee SC 27 (IT Security Techniques) and is head of the Security Management workgroup at the IT industry association BITKOM (Bundesverband Informationswirtschaft, Telekommunikation und neue Medien e.V.). The title of his paper at this year's SmartCard Workshop is "Smart eID Security Technologies.”