An identity framework for providing access to FIWARE OAuth 2.0-based services according to the eIDAS European Regulation

Secure electronic identification (eID) is one of the key enablers of data protection, privacy, and the prevention of online fraud. However, until now, the lack of common legal basis prevented European Member States from recognizing and accepting eIDs issued in the other Member States. The electronic...

ver descrição completa

Detalhes bibliográficos
Autores: Alonso González, Álvaro, Pozo Huertas, Alejandro, Choque Ollachica, Johnny|||0000-0002-6049-8280, Bueno Lozano, María Gloria, Salvachúa Rodríguez, Joaquín Luciano, Díez Fernández, Luis Francisco, Marín Guerrero, Jorge, Chas Alonso, Pedro Luis
Formato: artículo
Fecha de publicación:2019
País:España
Recursos:Universidad de Cantabria (UC)
Repositorio:UCrea Repositorio Abierto de la Universidad de Cantabria
Idioma:inglés
OAI Identifier:oai:repositorio.unican.es:10902/17237
Acesso em linha:http://hdl.handle.net/10902/17237
Access Level:acceso abierto
Palavra-chave:Access control
eIDAS
Electronic identification
Identity
FIWARE
id ES_4da5cc2ce5e99210f9a8d1bef240c4ba
oai_identifier_str oai:repositorio.unican.es:10902/17237
network_acronym_str ES
network_name_str España
repository_id_str
spelling An identity framework for providing access to FIWARE OAuth 2.0-based services according to the eIDAS European RegulationAlonso González, ÁlvaroPozo Huertas, AlejandroChoque Ollachica, Johnny|||0000-0002-6049-8280Bueno Lozano, María GloriaSalvachúa Rodríguez, Joaquín LucianoDíez Fernández, Luis FranciscoMarín Guerrero, JorgeChas Alonso, Pedro LuisAccess controleIDASElectronic identificationIdentityFIWARESecure electronic identification (eID) is one of the key enablers of data protection, privacy, and the prevention of online fraud. However, until now, the lack of common legal basis prevented European Member States from recognizing and accepting eIDs issued in the other Member States. The electronic identification and trust services (eIDAS) regulation provides a solution to these issues by ensuring the cross-border mutual recognition of eIDs. FIWARE is a European initiative that provides a rather simple yet powerful set of application programming interfaces (APIs) that ease the development of smart applications in multiple vertical sectors and oriented to the future internet. In this paper, we propose a model that enables the connection of FIWARE OAuth 2.0-based services with the eID authentication provided by eIDAS reference. Thanks to this model, services already connected with an OAuth 2.0 identity provider can be automatically connected with eIDAS nodes for providing eID authentication to European citizens. For validating the proposed model, we have deployed an instance of the FIWARE identity manager connected to the Spanish eIDAS node. Then, we have registered two services, a private videoconferencing system, and a public smart city deployment, and extended their functionalities for enriching the user experience leveraging the eID authentication. We have evaluated the integration of both services in the eIDAS network with real users from seven different countries. We conclude that the proposed model facilitates the integration of generic and FIWARE-based OAuth 2.0 services to the eIDAS infrastructure, making the connection transparent for developers.Institute of Electrical and Electronics Engineers Inc.Universidad de Cantabria20192019-07-03journal articlehttp://purl.org/coar/resource_type/c_6501NAhttp://purl.org/coar/version/c_be7fb7dd8ff6fe43info:eu-repo/semantics/articlehttp://hdl.handle.net/10902/17237IEEE Access, 2019, 7, 88435-88449reponame:UCrea Repositorio Abierto de la Universidad de Cantabriainstname:Universidad de Cantabria (UC)Inglésengopen accesshttp://purl.org/coar/access_right/c_abf2Atribución 3.0 Españahttp://creativecommons.org/licenses/by/3.0/es/info:eu-repo/semantics/openAccessoai:repositorio.unican.es:10902/172372026-06-02T12:39:31Z
dc.title.none.fl_str_mv An identity framework for providing access to FIWARE OAuth 2.0-based services according to the eIDAS European Regulation
title An identity framework for providing access to FIWARE OAuth 2.0-based services according to the eIDAS European Regulation
spellingShingle An identity framework for providing access to FIWARE OAuth 2.0-based services according to the eIDAS European Regulation
Alonso González, Álvaro
Access control
eIDAS
Electronic identification
Identity
FIWARE
title_short An identity framework for providing access to FIWARE OAuth 2.0-based services according to the eIDAS European Regulation
title_full An identity framework for providing access to FIWARE OAuth 2.0-based services according to the eIDAS European Regulation
title_fullStr An identity framework for providing access to FIWARE OAuth 2.0-based services according to the eIDAS European Regulation
title_full_unstemmed An identity framework for providing access to FIWARE OAuth 2.0-based services according to the eIDAS European Regulation
title_sort An identity framework for providing access to FIWARE OAuth 2.0-based services according to the eIDAS European Regulation
dc.creator.none.fl_str_mv Alonso González, Álvaro
Pozo Huertas, Alejandro
Choque Ollachica, Johnny|||0000-0002-6049-8280
Bueno Lozano, María Gloria
Salvachúa Rodríguez, Joaquín Luciano
Díez Fernández, Luis Francisco
Marín Guerrero, Jorge
Chas Alonso, Pedro Luis
author Alonso González, Álvaro
author_facet Alonso González, Álvaro
Pozo Huertas, Alejandro
Choque Ollachica, Johnny|||0000-0002-6049-8280
Bueno Lozano, María Gloria
Salvachúa Rodríguez, Joaquín Luciano
Díez Fernández, Luis Francisco
Marín Guerrero, Jorge
Chas Alonso, Pedro Luis
author_role author
author2 Pozo Huertas, Alejandro
Choque Ollachica, Johnny|||0000-0002-6049-8280
Bueno Lozano, María Gloria
Salvachúa Rodríguez, Joaquín Luciano
Díez Fernández, Luis Francisco
Marín Guerrero, Jorge
Chas Alonso, Pedro Luis
author2_role author
author
author
author
author
author
author
dc.contributor.none.fl_str_mv Universidad de Cantabria
dc.subject.none.fl_str_mv Access control
eIDAS
Electronic identification
Identity
FIWARE
topic Access control
eIDAS
Electronic identification
Identity
FIWARE
description Secure electronic identification (eID) is one of the key enablers of data protection, privacy, and the prevention of online fraud. However, until now, the lack of common legal basis prevented European Member States from recognizing and accepting eIDs issued in the other Member States. The electronic identification and trust services (eIDAS) regulation provides a solution to these issues by ensuring the cross-border mutual recognition of eIDs. FIWARE is a European initiative that provides a rather simple yet powerful set of application programming interfaces (APIs) that ease the development of smart applications in multiple vertical sectors and oriented to the future internet. In this paper, we propose a model that enables the connection of FIWARE OAuth 2.0-based services with the eID authentication provided by eIDAS reference. Thanks to this model, services already connected with an OAuth 2.0 identity provider can be automatically connected with eIDAS nodes for providing eID authentication to European citizens. For validating the proposed model, we have deployed an instance of the FIWARE identity manager connected to the Spanish eIDAS node. Then, we have registered two services, a private videoconferencing system, and a public smart city deployment, and extended their functionalities for enriching the user experience leveraging the eID authentication. We have evaluated the integration of both services in the eIDAS network with real users from seven different countries. We conclude that the proposed model facilitates the integration of generic and FIWARE-based OAuth 2.0 services to the eIDAS infrastructure, making the connection transparent for developers.
publishDate 2019
dc.date.none.fl_str_mv 2019
2019-07-03
dc.type.none.fl_str_mv journal article
http://purl.org/coar/resource_type/c_6501
NA
http://purl.org/coar/version/c_be7fb7dd8ff6fe43
dc.type.openaire.fl_str_mv info:eu-repo/semantics/article
format article
dc.identifier.none.fl_str_mv http://hdl.handle.net/10902/17237
url http://hdl.handle.net/10902/17237
dc.language.none.fl_str_mv Inglés
eng
language_invalid_str_mv Inglés
language eng
dc.rights.none.fl_str_mv open access
http://purl.org/coar/access_right/c_abf2
Atribución 3.0 España
http://creativecommons.org/licenses/by/3.0/es/
dc.rights.openaire.fl_str_mv info:eu-repo/semantics/openAccess
rights_invalid_str_mv open access
http://purl.org/coar/access_right/c_abf2
Atribución 3.0 España
http://creativecommons.org/licenses/by/3.0/es/
eu_rights_str_mv openAccess
dc.publisher.none.fl_str_mv Institute of Electrical and Electronics Engineers Inc.
publisher.none.fl_str_mv Institute of Electrical and Electronics Engineers Inc.
dc.source.none.fl_str_mv IEEE Access, 2019, 7, 88435-88449
reponame:UCrea Repositorio Abierto de la Universidad de Cantabria
instname:Universidad de Cantabria (UC)
instname_str Universidad de Cantabria (UC)
reponame_str UCrea Repositorio Abierto de la Universidad de Cantabria
collection UCrea Repositorio Abierto de la Universidad de Cantabria
repository.name.fl_str_mv
repository.mail.fl_str_mv
_version_ 1869407705465094144
score 15,300724