An identity framework for providing access to FIWARE OAuth 2.0-based services according to the eIDAS European Regulation

Secure electronic identification (eID) is one of the key enablers of data protection, privacy, and the prevention of online fraud. However, until now, the lack of common legal basis prevented European Member States from recognizing and accepting eIDs issued in the other Member States. The electronic...

Descripción completa

Detalles Bibliográficos
Autores: Alonso González, Álvaro, Pozo Huertas, Alejandro, Choque Ollachica, Johnny|||0000-0002-6049-8280, Bueno Lozano, María Gloria, Salvachúa Rodríguez, Joaquín Luciano, Díez Fernández, Luis Francisco, Marín Guerrero, Jorge, Chas Alonso, Pedro Luis
Tipo de recurso: artículo
Fecha de publicación:2019
País:España
Institución:Universidad de Cantabria (UC)
Repositorio:UCrea Repositorio Abierto de la Universidad de Cantabria
Idioma:inglés
OAI Identifier:oai:repositorio.unican.es:10902/17237
Acceso en línea:http://hdl.handle.net/10902/17237
Access Level:acceso abierto
Palabra clave:Access control
eIDAS
Electronic identification
Identity
FIWARE
Descripción
Sumario:Secure electronic identification (eID) is one of the key enablers of data protection, privacy, and the prevention of online fraud. However, until now, the lack of common legal basis prevented European Member States from recognizing and accepting eIDs issued in the other Member States. The electronic identification and trust services (eIDAS) regulation provides a solution to these issues by ensuring the cross-border mutual recognition of eIDs. FIWARE is a European initiative that provides a rather simple yet powerful set of application programming interfaces (APIs) that ease the development of smart applications in multiple vertical sectors and oriented to the future internet. In this paper, we propose a model that enables the connection of FIWARE OAuth 2.0-based services with the eID authentication provided by eIDAS reference. Thanks to this model, services already connected with an OAuth 2.0 identity provider can be automatically connected with eIDAS nodes for providing eID authentication to European citizens. For validating the proposed model, we have deployed an instance of the FIWARE identity manager connected to the Spanish eIDAS node. Then, we have registered two services, a private videoconferencing system, and a public smart city deployment, and extended their functionalities for enriching the user experience leveraging the eID authentication. We have evaluated the integration of both services in the eIDAS network with real users from seven different countries. We conclude that the proposed model facilitates the integration of generic and FIWARE-based OAuth 2.0 services to the eIDAS infrastructure, making the connection transparent for developers.