Extending the Belgian eID technology with mobile security functionality

The Belgian Electronic Identity Card was introduced in 2002. The card enables Belgian citizens to prove their identity digitally and to sign electronic documents. Today, only a limited number of citizens really use the card in electronic applications. A major reason is the lack of killer functionality and killer applications. This paper presents two reusable extensions to the Belgian eID technology that opens up new opportunities for application developers. First, a secure and ubiquitously accessible remote storage service is presented. Second, we show how the eID card can be used to issue new certificates. To demonstrate the applicability and feasibility of both extensions, they are combined in the development of a secure e-mail application. The proposed solution offers strong privacy, security and key management properties while increasing the accessibility of confidential e-mail compared to existing solutions (such as PGP and S/MIME). ispartof: pages:97-109 ispartof: Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering vol:17 pages:97-109 ispartof: MobiSec location:Turin, Italy date:3 Jun - 5 Jun 2009 status: published