Abstract
The German eCard-strategy aims at harmonizing the various government projects which issue or use smart cards for authentication and signature purposes. Against this background the German government developed the eCard-API-Framework [eCard-TR] which aims at supporting arbitrary smart cards and facilitating the integration of them into various eID-applications. The present contribution provides a brief overview of the main features of the eCard-API-Framework, highlights current standardization efforts at CEN and ISO and provides an outlook how this approach might form the basis for a comprehensive eID-framework for Europe and beyond.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Microsoft: CardSpace, via http://cardspace.netfx3.com/
Comité européen de normalisation (CEN): General guidelines for electronic signature verification, CEN Workshop Agreement, May 2004, via ftp://ftp.cenorm.be/PUBLIC/CWAs/e-Europe/eSign/ c wal 4171-00-2004-May.pdf
Comité européen de normalisation (CEN): Application Interface for smart cards used as Secure Signature Creation Devices — Part 2: Additional Services, CEN Workshop Agreement, May 2004, via ftp://ftp.cenorm.be/PUBLIC/CWAs/e-Europe/eSign/cwal4890-02-2004-May.pdf
Comité européen de normalisation (CEN): Identification card systems — European Citizen Card — Part I: Physical, electrical and transport protocol characteristics, prCEN/TS 15480-1, proposed Technical Standard, 2007
Comité européen de normalisation (CEN): Identification card systems — European Citizen Card — Part 2: Logical data structures and card services, prCEN/TS 15480-2, proposed Technical Standard, 2007
Comité européen de normalisation (CEN): Identification card systems — European Citizen Card — Part 3: European Citizen Card Interoperability using an application interface, prCEN/TS 15480-3, Working Draft, 2007
Federal Office for Information Security: eCard-API-Framework — Technical Directive BSI 03112, 2007
gematik: The Specification of the German Electronic Health Card eHC, Part 1: Commands, Algorithms and Functions of the COS Platform, via http://www.gematik.de/upload/gematik_eGK_Specification_Parti_e_Vl_1_0_518.pdf Part 2: Applications and application-related Structures, via http://www.ge-matik.de/upload/gematik_eGK_Specification_Part2_e_Vl_l_l_516.pdf, Part 3: Layout andPhysical Properties, vai http://www.gematik.de/upload/gematik_eGK_Specification_Part3_e_Vl_l_0_514.p
ETSI: Electronic Signature Formats, Electronic Signatures and Infrastructures (ESI) — Technical Specification, ETSI TS 101 733 VI.5.1, 2003-12, via http://portal.etsi.org/docbox/EC_Files/EC_Files/ ts_101733v010501p.pdf
ETSI: XML Advanced Electronic Signatures (XAdES), Technical Specification, TS 101 903 VI.2.2 (2004-04), via http://uri.etsi.org/01903/vl.2.2/ts_101903v010202p.pdf
ETSI: Mobile Signature Service — Web Service Interface, Technical Specification TS 102 204 VI. 1.4, via http://portal.etsi.oig/docbox/EC_Files/EC_Files/ts_l02204v010104p.pdf
ETSI: Provision of harmonized Trust Service Provider (TSP) status information, Technical Specification TS 102 231, via http://portal.etsi.org/stfs/STF_HomePages/STF290/draft_ts_102231v010201p&RGW.doc
Higgins Team: Higgins Trust Framework Project Home, via http://www.eclipse.org/higgins
D. Hühnlein, M. Bach: How to use ISO/IEC 24727-3 with arbitrary Smart Cards, in C. Lambrinou-dakis, G. Pernul, A.M. Tjoa (Eds.): TrustBus 2007, LNCS 4657, SS. 280–289, 2007
ISO/IEC: Identification cards — Integrated circuit cards — Part 4:Organization, security and commands for interchange, ISO7816-4, Version 2005-01-15
ISO/IEC: Information technology — Identification cards — Integrated circuits) cards with contacts — Part 15: Cryptographic information application, ISO/IEC 7816-15, 2003
ISO/IEC: Identification Cards — Integrated Circuit Cards Programming In-terfaces — Part 1: Architecture, ISO/IEC 24727-1, Final Draft International Standard, 2006
ISO/IEC: Identification Cards — Integrated Circuit Cards Programming In-terfaces — Part 2: Generic Card Interface, ISO/IEC 24727-3, Committee Draft, 2006
ISO/IEC: Identification Cards — Integrated Circuit Cards Programming Interfaces — Part 3: Application Interface, ISO/IEC 24727-3, Committee Draft, 2006
ISO/IEC: Identification Cards — Integrated Circuit Cards Programming Interface — Part 4: API Administration, ISO/IEC 24727-4, Working Draft, 2007
B. Kowalski: A survey of the eCard-Strategy of the German Federal Government, (in German), Proceedings of BIOSIG 2007, GI Lecture Notes in Informatics, 2007
F. Leyman: e-ID interoperability large scale pilot — STORK, Talk at the EEMA-Conference “The European e-Identity Conference”, Paris, June 2007
Liberty Alliance Project: The Liberty Alliance, via http://www.projectliberty.org/
Ministerial declaration, approved unanimously on 24 November 2005, Manchester, United Kingdom, via http://archive.cabinetoffice.gov.uk/egov2005conference/documents/proceedings/ pdf/051124declaration.pdf
Microsoft Inc.: Cryptography Reference (Microsoft CryptoAPI), Platform SDK: Security, via http:// msdn.microsoft.com/library/en-us/security/security/cryptographyreference.asp
Microsoft Inc.: Cryptography API: Next Generation http://msdn.microsoft.com/library/en-us/seccrypto/security/cryptography_api_nextgeneration.asp
OASIS: Digital Signature Service Core Protocols, Elements, and Bindings, Version 1.0, OASIS Standard, via http://docs.oasis-open.org/dss/vl.0/oasis-dss-core-spec-vl.0-os.pdf
M. Faher: Onom@Topic — project, presentation at Porvoo 9, May 2006, via http://porvoo9.gov.si/ pdf/FRI_15_1000_MFaher_AXALTO_Porvoo9.pdf
PC/SC Workgroup: PC/SC Workgroup Specifications 1.0/2.0, via http://pcscworkgroup.com
T. Dierks, C. Allen: The TLSProtocol-Version 1.0, RFC2246, via http://www.ietf.org/rfc/rfc2246.txt
M. Myers, R. Ankney, A. Malpani, S. Galperin, C. Adams: X.509 Internet Public Key Infrastructure — Online Certificate Status Protocol — OCSP, IETF RFC 2560, via http://www.ietf.org/rfc/rfc3161.txt
C. Adams, P. Cain, D. Pinkas, R. Zuccherato: Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP). IETF RFC 3161, August 2001, via http://www.ietf.org/rfc/rfc3161.txt
R. Housley: Cryptographic Message Syntax (CMS), IETF RFC 3369., via http://www.ietf.org/rfc/ rfc3369.txt
TeleTrusT: SICCT-Spezifikation, Version 1.1.0, 2006-12-19, via http://www.teletrust.de/fileadmin/ files/publikationen/Spezifikationen/SICCTSpezifikationl. 10.pdf
W3C Recommendation: XML Encryption Syntax and Processing, 10. Dezember 2002, via http://www. w3.org/TR/xmlenc-core/
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2007 Friedr. Vieweg & Sohn Verlag | GWV Fachverlage GmbH, Wiesbaden
About this chapter
Cite this chapter
Hühnlein, D., Bach, M. (2007). From the eCard-API-Framework Towards a Comprehensive eID-Framework for Europe. In: ISSE/SECURE 2007 Securing Electronic Business Processes. Vieweg. https://doi.org/10.1007/978-3-8348-9418-2_29
Download citation
DOI: https://doi.org/10.1007/978-3-8348-9418-2_29
Publisher Name: Vieweg
Print ISBN: 978-3-8348-0346-7
Online ISBN: 978-3-8348-9418-2
eBook Packages: Computer ScienceComputer Science (R0)