How the UK identity card scheme stacks up against others in Europe

By Ron Condon, UK bureau chief 14 May 2008 | SearchSecurity.co.UK

Digg This!     StumbleUpon     Del.icio.us

But has any other European Government made a better job of handling e-identities? Not in the opinion of Siddartha Arora, who has made a study of various approaches across Europe and who says that while each of the schemes has something to recommend it, none is the perfect answer.

Arora's findings are outlined in a newly published article on SearchSecuirty.co.uk, the latest in our series based on recent MSc theses from Royal Holloway University of London (RHUL). In the article, he compares the UK proposals with schemes in Belgium and Austria, and also provides an insight to into some of the strategic ogals that the European Commission would like to achieve – such as a uniform mechanism for handling electronic signatures.

He warns that most of the schemes have been carried out in isolation, and we may therefore have the missed the opportunity to create an interoperable system that would work across the EU. He makes the point that Government applications have been the main drivers for the schemes, but with more support from the private sector, we could have more effective schemes that could also support the broader secure use of e-commerce.

Arora, a consultant with IBM based in Switzerland, began his career at the Zurich Research Lab where he got his first taste for information security. He did his course at RHUL via distance learning, and by fitting his studies in with work.

"The use of e-IDs and e-ID cards for the representation of national identity is still at its infancy," he says. "Their use within and beyond the public sector has only had limited success. I think it is important to understand why that is the case, such that future developments can look towards addressing some of the barriers discovered in my research."

He adds: "e-IDs can act as Secure Signature Creation Devices (SSCDs) to digitally sign documents and processes for the private sector. This article illustrates, however, that there are some challenges with the way schemes are presently set-up. Most notably, there is a clear lack of interoperability between national schemes. As companies (and governments) operate in a more pan-European manner, we could face practical limitations in the use of e-IDs."

Click here to see the full article, which will also provide a link through to Arora's full thesis.

Tags: Threat and Vulnerability Management,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Secure Identity and Access Management Could you immunize systems against future threats? Intrusion detection: it's a machine's work Royal Holloway University of London MSc thesis Series Security chief: Identity and access management oversold Threat and Vulnerability Management Microsoft issues temporary fix for Windows Shell zero-day Attackers target Windows Shell zero-day via USB sticks How to stop Conficker: Anti-Conficker patch management, defense Trojan virus attack using hijacked Web browser sessions hits UK banks Law firm security gets positive verdict with UTM device IBM to acquire BigFix for configuration, vulnerability management Perimeter defenses deemed ineffective against modern security threats Critical Adobe Reader, Acrobat update due today Twitter settles with FTC over security issues, careless policies Frustration growing over limited ability to shut down botnets

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Centre for the Protection of National Infrastructure  (SearchSecurityUK.com) Serious Organized Crime Agency  (SearchSecurityUK.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary