Download (PDF, 589 KB, Datei ist nicht barrierefrei
Download (PDF, 589 KB, Datei ist nicht barrierefrei Download (PDF, 589 KB, Datei ist nicht barrierefrei
thE BsI the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik - BSI) is Germany’s central It security service provider: a neutral, independent authority for issues relating to It security in the information society. the BsI provides information on risks and threats relating to the use of information and communication technology, develops security guidelines, advises manufacturers, distributors and users. the BsI primarily advises public administrations on the national, state and local levels, but also seeks to exchange information with businesses and private users. Contents ContEnts 1. The new identity card – secure, standardized proof of identity in the digital world 4 2. User-oriented requirements for the identification function of the new identity card 6 3. Application software for users – AusweisApp 8 4. Security mechanisms for the identification function of the new ID card 9 4.1 Password Authenticated Connection Establishment (PACE) 10 4.2 Extended Access Control (EAC), readers and EAC box 11 4.3 Passive Authentication (PA) 14 4.4 Public Key Infrastructures (PKI) for electronic identity documents 15 4.4.1 Country Signing Certificate Authority (CSCA) 15 4.4.2 Country Verifying Certificate Authority (CVCA) 16 5. The eID server – interface for web applications 19 6. Revocation management in the new German identity card 20 7. References 23 Imprint 24 2 3
- Page 1: Innovations for an eID Architecture
- Page 6: DAtA ProtECtIon DAtA ProtECtIon 2.
- Page 10: sECurIty PKI Public Key Infrastruct
- Page 14: sECurIty 4.3 Passive Authentication
- Page 18: sECurIty FEAturEs to sum up, the ar
- Page 22: EVoCAtIon MAnAGEMEnt A revocation k
thE BsI<br />
the German Federal Office for Information Security<br />
(Bundesamt für Sicherheit in der Informationstechnik - BSI)<br />
is Germany’s central It security service provider: a neutral,<br />
independent authority for issues relating to It security in the<br />
information society. the BsI provides information on risks<br />
and threats relating to the use of information and communication<br />
technology, develops security guidelines, advises<br />
manufacturers, d<strong>ist</strong>ributors and users. the BsI primarily<br />
advises public admin<strong>ist</strong>rations on the national, state and<br />
local levels, but also seeks to exchange information with<br />
businesses and private users.<br />
Contents<br />
ContEnts<br />
1. The new identity card – secure, standardized<br />
proof of identity in the digital world 4<br />
2. User-oriented requirements for the<br />
identification function of the new identity card 6<br />
3. Application software for users – AusweisApp 8<br />
4. Security mechanisms for the identification<br />
function of the new ID card 9<br />
4.1 Password Authenticated Connection<br />
Establishment (PACE) 10<br />
4.2 Extended Access Control (EAC),<br />
readers and EAC box 11<br />
4.3 Passive Authentication (PA) 14<br />
4.4 Public Key Infrastructures (PKI)<br />
for electronic identity documents 15<br />
4.4.1 Country Signing Certificate Authority (CSCA) 15<br />
4.4.2 Country Verifying Certificate Authority (CVCA) 16<br />
5. The eID server – interface for web applications 19<br />
6. Revocation management in the new<br />
German identity card 20<br />
7. References 23<br />
Imprint 24<br />
2 3