Pohlmann / Reimer / Schneider ISSE/SECURE 2007 Securing Electronic Business Processes
1. Auflage 2007
ISBN: 978-3-8348-9418-2
Verlag: Vieweg & Teubner
Format: PDF
Kopierschutz: 1 - PDF Watermark
Highlights of the Information Security Solutions Europe/SECURE 2007 Conference
E-Book, Englisch, 446 Seiten, Web PDF
Reihe: Computer Science
ISBN: 978-3-8348-9418-2
Verlag: Vieweg & Teubner
Format: PDF
Kopierschutz: 1 - PDF Watermark
The topics include: Identity Management, Information Security Management - PKI-Solutions, Economics of IT-Security - Smart Tokens, eID Cards, Infrastructure Solutions - Critical Information Infrastructure Protection, Data Protection, Legal Aspects.
Adequate information security is one of the basic requirements of all electronic business processes. It is crucial for effective solutions that the possibilities offered by security technology can be integrated with the commercial requirements of the applications. The reader may expect state-of-the-art: best papers of the Conference ISSE/SECURE 2007.
Zielgruppe
Professional/practitioner
Autoren/Hrsg.
Weitere Infos & Material
Legal, Technical and Social Aspects of Security.- Regulating Information Security: A Matter of Principle?.- ISTPA Operational Analysis of International Privacy Requirements.- The Legal Conflict between Security and Privacy in Addressing Crime and Terrorism on the Internet.- Data Encryption on File Servers.- Setting up an Effective Information Security Awareness Programme.- Saferinternet.pl Project — Educational Activities for Internet Safety in Poland.- Is Cyber Tribalism Winning Online Information Warfare?.- Phishing Across Interaction Channels: Methods, Experience and Best Practice.- IT-Security Beyond Borders — an Assessment of Trust Levels Across Europe.- Analyzing and Improving the Security of Internet Elections.- Remote Access Mechanics as a Source of Threats to Enterprise Network Infrastructure.- “Private Investigation” in the Computer Environment: Legal Aspects.- Identity, Information Security and Rights Management.- Design Rationale behind the Identity Metasystem Architecture.- Federated ID Management — Tackling Risk and Credentialing Users.- Information Security Governance for Executive Management.- Model Driven Security for Agile SOA-Style Environments.- The Business Perspective on Roles Including Root Causes of Implementation Problems and Proven Ways to Overcome them.- A Security Architecture for Enterprise Rights Management.- Rights Management Technologies: A Good Choice for Securing Electronic Health Records?.- Case Studies from Fuzzing Bluetooth, WiFi and WiMAX.- Evaluation of the Possible Utilization of anti-spam Mechanisms Against spit.- Modeling Trust Management and Security of Information.- Smart Tokens, eID Cards, Infrastructure Solutions and Interoperability.- Infrastructure for Trusted Environment: In Search of a Solution.- IntegrityCheck of Remote Computer Systems Trusted Network Connect.- Technical Guidelines for Implementation and Utilization of RFID-based Systems.- High Density Smart Cards: New Security Challenges and Applications.- ID Cards in Practice.- Large Scale Fingerprint Applications: Which Technology Should be Used?.- From the eCard-API-Framework Towards a Comprehensive eID-Framework for Europe.- Making Digital Signatures Work across National Borders.- Financial Fraud Information Sharing.- Enterprise Key Management Infrastructure.- Intrinsic Physical Unclonable Functions in Field Programmable Gate Arrays.- Security Evaluation and Testing — Past, Present and Future.- Economics of Security and PKI Applications.- Managing Information Security in Small and Medium Sized Enterprises: A Holistic Approach.- EKIAS — Success Criteria of PKI Implementations.- Embedded PKI in Industrial Facilities.- SIM-enabled Open Mobile Payment System Based on Nation-wide PKI.- Evidence Record Syntax — a new International Standard for Long-Term Archiving of Electronic Documents and Signed Data.- PKI and Entitlement — Key Information Security Management Solutions for Business and IT Compliance.- Future Diffusion of PK1-Technology — A German Delphi Study.- The Introduction of Health Telematics in Germany.- The German Identity Card — Concepts and Applications.- Infrastructures for Identification and Identity Documents.- The Security Infrastructure of the German Core Application in Public Transportation.- Applications of Citizen Portals.- Virtual Post Office in Practice.
Infrastructure for Identification and Identity Documents (S. 405-406)
Walter Landvogt
Bundesdruckerei GmbH
Systems House Solution Development
landvogt@bdr.de Abstract
The introduction of the new German biometric passport on 1st - quirements for the technical systems at the local passport authorities and the computing departments of the city administration. The capturing of biometric information and the process of assuring the usability of biometric data for the biometric information to the central production facilities of Bundesdruckerei. The identity document application process and the common level of security for the technical environment. However, the local administration bears responsibility for the concrete organization of the process and the kind and type of technical system.
1 Passport ,officies Germany
From a total of 12.400 communities in Germany about 5.300 provide local administration services which run necessary local infrastructural tasks and services for the citizens. Smaller communities in the the administration of the registration data and the enrolment and issuing of passports and identity documents. The two services a closely related, since they are typically based on a single software system that manages the registration database as well as the passport and identity document database. To provide a documents may be applied for and will be delivered to the applicant.
As the local administrations have to bear the cost of purchasing and maintenance for the technical equipment they make their own decision for a software product for registration and passport purposes and for wide range of different requirements concerning the performance of the software for registration and passport enrolment have led to a wide variety of systems and architectures in use.
2 The Application Process
Passports and identity documents are being manufactured at the central high security production facili- application records to the production server. Whereas in the past the passport data records had been mailed on paper formulas to Bundesdruckerei with the introduction of the biometric passport a change has taken place. Nowadays the electronic application process has become standard since the software systems being used at the local authorities have integrated standard software modules for the necessary digitalisation process for portrait photo and the applicant’s signature. By 1st of November 2007 the - gerprints and the digital acquisition of the based way to deliver the biometric information to the passport production.
2.1 Registration ,and Passport Application Software and Biometric Modules
Since the introduction of the new passport the software products were adapted to the new demands. At states each software product had a regional focus. Even more, administration software often had been developed an operated by computing centres, which were part of the state administration and designed business processes to the needs of their regional customers. Thus infrastructures can be found, where the the registration application.
On the other hand personnel computer based registration applications were The passport and identity document application process is above the registration data. For the application process a record set from the registration database is being taken and enriched by passport or - tration software the mandatory digital application process and the acquisition of the increase the requirement to handle multimedia data formats: video streams are transmitted from the multimedia data was not very common for administration software and the software systems and databases were not prepared for managing it.
