Handbook of eID Security: Concepts, Practical Experiences, Technologies

In the forthcoming years, citizens of many countries will be provided with electronic identity cards. elD solutions may not only be used for passports, but also for communication with government authorities or local administrators, as well as for secure personal identification, authentication and access control in eBusiness. Further elD applications will be implemented in the healthcare sector. For some of these solutions we will rely on physical tokens, for others we will not need a physical data carrier at all.
The Handbook of elD Security is the first source presenting a comprehensive overview of this strongly discussed topic. It provides profound information on the following questions:which are the latest concepts, technical approaches, applications and trends in the field of elD?which areas of application are covered by the different elD concepts?which security mechanisms are in place, for what reasons, and how is their quality ensured?how is the security of personal data guaranteed?
This book is a perfect source of information for all persons working in industry, banking, healthcare, research institutes, administrations and public authorities:who are involved in the development of elD application concepts and of devices interfacing to elDs.who have or will have to do with elD solutions and applications in their daily work, andwho participate in informing and discussing about the security, privacy and transparency of elD solutions.      

Spis treści:
Part I: Concepts and Trends.
1 Challenges in eID Security.
1.1 Fighting Identity Fraud.
1.2 ID Document Security.
1.3 Trust, Data Control and Usability.
1.4 Interoperability.
1.5 Role of Personal Devices.
1.6 Privacy Protection.
1.7 How to Read this Book – a Recommendation.
2 More Freedom – more Security.
2.1 The Mobile Internet is Transforming Lifes tyles.
2.2 Secure Identity in the Digital World.
2.3 Standards are the Key to Widespread Use.
2.4 Electronic Identities are an Economic Factor.
3 Pseudonymity and Anonymity.
3.1 Privacy and Communication.
3.2 Privacy and Databases.
3.3 Privacy and Location–Based Services.
3.4 Limitations.
3.5 Pseudonymity, Trust and Reputation.
3.6 Conclusions.
4 Documentless Proof of Identity.
4.1 Scaling Identification from the Village to a Global Level.
4.2 From Global to Universal – Introducing Personal Identities to the Internet.
4.3 Building Blocks for Documentless Proof of Identity.
5 Trends in eID Security – Enterprise View.
5.1 Electronic IDs in Enterprises.
5.2 Use Cases and Applications.
5.3 Security Requirements.
5.4 National eIDs within Enterprises.
5.5 Conclusion.
6 Trends in eID Security – Public Sector View.
6.1 Motivation.
6.2 Established Authentication Concepts.
6.3 New Authentication Concepts.
6.4 Trends.
6.5 Examples.
6.6 Conclusion.
Part II: Solutions and Practical Experiences.
7 Machine Readable Travel Documents.
7.1 The International Civil Aviation Organization.
7.2 History of MRTDs.
7.3 ICAO Document 9303, Sixth Edition.
7.4 Passports of the European Union.
7.5 Deployment.
8 Overview of European Electronic Identity Cards.
8.1 Introduction.
8.2 Technicalities of the Cards.
8.3 Applications.
8.4 Interoperability.
8.5 Where to Find Information.
9 The Belgian eID Approach.
9.1 Introduction and Scope.
9.2 Overview of eID Credentials Issued by the Belgian Government.
9.3 History of the Belgian eID Card.
9.4 Non–Cryptographic Functionalities of the Belgian eID Card.
9.5 Cryptographic Functionalities of the Belgian eID Card.
9.6 Authentication Assurance Supported by the Belgian eID Card.
9.7 Current Use of the Belgian eID Card.
9.8 Concl usion and Outlook.
10 The Italian eID Solution.
10.1 Overview.
10.2 Issuing Infrastructure and Model.
10.3 Card Description and Features.
10.4 Data Protection and Interoperability.
11 The New German eID Card.
11.1 Introduction.
11.2 The German eID Card.
11.3 Electronic Functions of the eID Card.
11.4 German eID Card Infrastructure.
11.5 Conclusions.
12 eID Interoperability.
12.1 Introduction.
12.2 Authentication Process Model.
12.3 Requirements for Interoperability.
12.4 Privacy Considerations.
12.5 STORK.
12.6 Open Issues and Future Directions.
12.7 Conclusion.
Part III: Technologies and Standards.
13 Document Security.
13.1 Introduction.
13.2 Materials.
13.3 Security Printing.
13.4 Copy Protection, Optically Variable Devices.
13.5 Issuing Techniques.
13.6 Outlook.
14 Cryptographic Techniques.
14.1 Introduction.
14.2 Digital Signature Schemes.
14.3 Hash Functions.
14.4 Cryptographic Protocols.
14.5 Secure Implementations.
14.6 Conclusions.
15 Cryptographic Protocols.
15.1 Introduction and Objectives.
15.2 Passports as a Case Example: Basic Access Control (BAC) and Active Authentication (AA).
15.3 Passports as a Case Example: Extended Access Control (EAC).
15.4 eID Cards as an Application Case.
16 Biometric Technology.
16.1 Biometrics – Principles and History.
16.2 Biometrics and Authentication.
16.3 Modalities.
16.4 Interoperability.
16.5 Reference Data Quality and Template Ageing.
16.6 Multi–biometric Fusion.
16.7 Ease of Use.
16.8 Fingerprint Technology & its Applications.
16.9 Other Issues to be Considered.
17 eID Chips.
17.1 Technology.
17.2 Embedded Non–volatile Memory (EEPROM/Flash).
17.3 CPU.
17.4 ROM (Read Only Memory).
17.5 RAM.
17.6 Cryptographic Functions.
17.7 Random Number Generator.
17.8 Sens ors, Secure Hardware and other Security Features.
17.9 Contact eID Chips.
17.10 Contactless eID Chips.
17.11 Other Peripheral Functions – Display Card.
18 Displays on Smartcards.
18.1 Introduction.
18.2 Requirements.
18.3 System Description.
18.4 Document Integration.
18.5 Applications.
18.6 Conclusion and Outlook.
Glossary and Abbreviations.
Authors and Editors.
References.
Index.

Nota biograficzna:
DR. WALTER FUMY is Chief Scientist at Bundesdruckerei GmbH, where he is responsible for overseeing research and development in the area of eID security which includes to monitor and/or influence appropriate standards bodies and forums.
DR. MANFRED PAESCHKE is Senior Vice President Innovation at Bundesdruckerei GmbH. He is responsible for strategy of research and development.

Okładka tylna:
In the forthcoming years, citizens of many countries will be provided with electronic identity cards. elD solutions may not only be used for passports, but also for communication with government authorities or local administrators, as well as for secure personal identification, authentication and access control in eBusiness. Further elD applications will be implemented in the healthcare sector. For some of these solutions we will rely on physical tokens, for others we will not need a physical data carrier at all.
The Handbook of elD Security is the first source presenting a comprehensive overview of this strongly discussed topic. It provides profound information on the following questions:which are the latest concepts, technical approaches, applications and trends in the field of elD?which areas of application are covered by the different elD concepts?which security mechanisms are in place, for what reasons, and how is their quality ensured?how is the security of personal data guaranteed?
This book is a perfect sourc e of information for all persons working in industry, banking, healthcare, research institutes, administrations and public authorities:who are involved in the development of elD application concepts and of devices interfacing to elDs.who have or will have to do with elD solutions and applications in their daily work, andwho participate in informing and discussing about the security, privacy and transparency of elD solutions.