Abstract
The Belgian Electronic Identity Card enables Belgian citizens to prove their identity digitally and to sign electronic documents. At the end of 2009, every Belgian citizen older than 12 years will have such an eID card. In the future, usage of the eID card may be mandatory. However, irresponsible use of the card may cause harm to individuals.
Currently, there exist some privacy and security problems related to the use of the eID card. This paper focuses on solutions to tackle these problems. A new authentication protocol is introduced to substantially reduce the risk of abusing the single sign-on authentication and privacy friendly identity files are proposed to improve the citizen’s privacy.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
De Cock, D., Wolf, C., Preneel, B.: The Belgian Electronic Identity Card (Overview). In: Dittmann, J. (ed.) Sicherheit 2005: Sicherheit - Schutz und Zuverlässigkeit, Beiträge der 3rd Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.v (GI), Magdeburg,DE. Lecture Notes in Informatics, vol. LNI P-77, pp. 298–301. Bonner Köllen Verlag, Magdeburg (2006)
De Cock, D., Wouters, K., Preneel, B.: Introduction to the Belgian EID Card. In: Katsikas, S.K., Gritzalis, S., López, J. (eds.) EuroPKI 2004. LNCS, vol. 3093, pp. 1–13. Springer, Heidelberg (2004)
Stern, M.: Belgian Electronic Identity Card content, 2nd edn. Zetes, CSC (2003)
Ramlot, G.: eID Hierarchy and Certificate Profiles, 3rd edn. Zetes, Certipost (2006)
Belgian certificate revocation list, http://status.eid.belgium.be/
Andries, P.: eID Middleware Architecture Document. Zetes, 1st edn. (2003)
Rommelaere, J.: Belgian Electronic Identity Card Middleware Programmers Guide, 1st edn. Zetes (2003)
De Decker, B., Naessens, V., Lapon, J., Verhaeghe, P.: Kritische beoordeling van het gebruik van de Belgische eID kaart. Report CW524 (2008)
Advanced security mechanisms for machine readable travel documents – extended access control (eac) and password authenticated connection establishment (pace). Technical Guideline TR-03110 (2008)
SSL Authentication Reverse Proxy, http://eid.belgium.be/nl/Achtergrondinfo/De_eID_technisch/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Verhaeghe, P., Lapon, J., De Decker, B., Naessens, V., Verslype, K. (2009). Security and Privacy Improvements for the Belgian eID Technology. In: Gritzalis, D., Lopez, J. (eds) Emerging Challenges for Security, Privacy and Trust. SEC 2009. IFIP Advances in Information and Communication Technology, vol 297. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01244-0_21
Download citation
DOI: https://doi.org/10.1007/978-3-642-01244-0_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-01243-3
Online ISBN: 978-3-642-01244-0
eBook Packages: Computer ScienceComputer Science (R0)