Abstract
In the real world, we usually identify persons by their appearance, voice, and so on. If this is not sufficient, identity cards are used. In the virtual world the situation is different. The basic concepts of the internet provide for unique identification of devices, not of their users. Hence, some kind of identity management system is required, which can be provided either by the state or by the private sector. Official electronic identity schemes, such as the Austrian Citizen Card, are being established in more and more countries. The carrier media of the Citizen Card is a smart card but, since 2009, the mobile phone signature is offered as a more comfortable alternative. However, much more widespread than that are simple user accounts with passwords, one for each individual service. This system has significant flaws. A solution can be provided by the concept of identity federation: an ‘identity ecosystem’ can be established in which a user can choose among several identity providers, authorise them to identify him towards service providers, authorise attribute providers to provide particular qualified user information to a service provider, etc. In this paper the different concepts mentioned above are elaborated and their interrelations and legal difficulties are described.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
