• Embed Doc
  • Copy Link
  • Readcast
  • Collections
  • CommentGo Back
Download
 
 
www.enisa.europa.eu
February
09
Position Paper
Privacy Features of EuropeaneID Card Specifications
 
 
Privacy Features of European eID Card Specifications
ENISA Position Paper2Version: 1.0.1 | Date: 2009-01-27ENISA Position Papers represent expert opinion on important NIS topics. They areproduced by a group selected for their expertise in the area. The content of this paper wasdiscussed between July 2008 and January 2009 via e-mails and personal communication.The table entries are based on the information given by the experts and on the referenceslisted in the last section. The content of this paper was edited by ENISA and the finalversion has been reviewed by the people listed below.Authors:
Ingo Naumann, Giles Hogben
European Network and Information Security Agency (ENISA)E-Mail: eid@enisa.europa.euContributors:
Herbert Leitold Zentrum für sichere Informationstechnologie(A-SIT),
 Austria
Frank Leyman, Marc Stern
 
Fedict,
Belgium
Tarvi Martens AS Sertifitseerimiskeskus (SK),
Estonia
Jens Bender, Dennis Kügler Bundesamt für Sicherheit in derInformationstechnik (BSI),
Germany 
Andrea de Maria Istituto Poligrafico e Zecca dello Stato(IPZS),
 Italy 
André Vasconcelos
 
Agency for the Public Services Reform (AMA),
Portugal 
Roberth Lundin CEN TC 224 WG 15 (European Citizen Card)
Group members participate as individuals. This paper should therefore not be taken asrepresenting the views of any company or other organisation, and does not in any waybind group members when dealing with the issues it covers in other contexts.
Legal notice
Notice must be taken that this publication represents the views and interpretations of the authors and editors,unless stated otherwise. This publication should not be construed to be an action of ENISA or the ENISA bodiesunless adopted pursuant to the ENISA Regulation (EC) No 460/2004. This publication does not necessarilyrepresent state-of the-art and it might be updated from time to time.Third-party sources are quoted as appropriate. ENISA is not responsible for the content of the external sourcesincluding external websites referenced in this publication.This publication is intended for educational and information purposes only. Neither ENISA nor any person actingon its behalf is responsible for the use that might be made of the information contained in this publication.Reproduction is authorised provided the source is acknowledged.© European Network and Information Security Agency (ENISA), 2009
 
 
 
Privacy Features of European eID Card Specifications
ENISA Position Paper3
Contents
Privacy Features of European eID Card Specifications
...................................................................... 1Contents ............................................................................................................................................... 3Abstract ................................................................................................................................................ 41. Introduction ................................................................................................................................ 42. Privacy Threats ........................................................................................................................... 72.1. Assets .................................................................................................................................. 72.2. Threats ................................................................................................................................ 73. Addressing Privacy Threats ......................................................................................................... 83.1. Available Privacy Features of eID cards .............................................................................. 83.2. Examples in Existing Specifications .................................................................................. 103.3. Privacy Enhanced PKI ........................................................................................................ 104. Overview of card features with impact on privacy .................................................................. 114.1. Interfaces and functionality .............................................................................................. 124.2. Writing Data to a Card ...................................................................................................... 124.3. Deployed Privacy Features ............................................................................................... 134.3.1. Access Control .............................................................................................................. 134.3.2. Authentication vs. Digital Signature ............................................................................. 144.3.3. Contactless eID Cards ................................................................................................... 164.3.4. Personal Information and Linkable Identifiers ............................................................. 165. Conclusions ............................................................................................................................... 206. Terminology and Abbreviations ............................................................................................... 207. References and eID Card Specifications ................................................................................... 21Austria ............................................................................................................................................ 21Belgium .......................................................................................................................................... 21Estonia ............................................................................................................................................ 21Finland ............................................................................................................................................ 21Germany ......................................................................................................................................... 21Italy................................................................................................................................................. 21The Netherlands ............................................................................................................................. 22Poland ............................................................................................................................................ 22Portugal .......................................................................................................................................... 22Spain ............................................................................................................................................... 22Sweden ........................................................................................................................................... 22United Kingdom ............................................................................................................................. 22European Union ............................................................................................................................. 22Other .............................................................................................................................................. 23
of 00

Leave a Comment

You must be to leave a comment.
Submit
Characters: ...
You must be to leave a comment.
Submit
Characters: ...