Online Submission!

Open Journal Systems

A DIGITAL IDENTITY SECURITY MODEL WITH SMART CARD AND PUBLIC KEY INFRASTRUCTURE

Ghizlane MOUKHLISS, Olaf MALASSE, RedaFilali Hilali, Hicham Belhadaoui

Abstract


Nowadays, dematerialization is an integral part of our daily lives, whether in the private sphere, the professional sphere or relations to the administration. The issue of dematerialization includes increased data security against fraud, trust, and the mechanism of cryptography. However, passwords are no longer an effective way to ensure digital identity security for access to digital services within a university. Yet, the use of PKI smart cards is appropriate for strong authentication. In this article, we present the deployment of our security solution, its reinforcement as well as the implementation of some attack scenarios. Our main objective is to ensure access control, authentication and prevent identity theft attacks.

Keywords


digital identity; smart cards; security; access control; Public Key Infrastructure;

Full Text:

PDF

References


Pernet, C., 2015, Sécurité et Espionnage Informatique : Connaissance de La Menace APT (Advanced Persistent Threat) et Du Cyberespionnage Ed. 1, Eyrolles, Paris.

Audit, conseil, installation et sécurisation des systèmes d’information, Éd., Sécurité informatique: ethical hacking apprendre l’attaque pour mieux se défendre, 3e édition. St Herblain: Éd. ENI, 2012.

Sullivan, C., and Stalla-Bourdillon, S., 2015, “Digital Identity and French Personality Rights – A Way Forward in Recognizing and Protecting an Individual’s Rights in His/Her Digital Identity,” Computer Law & Security Review, 31(2), pp. 268–279.

El Maliki, T., and Seigneur, J.-M., 2013, “Chapter 71 -Online Identity and User Management Services,” Computer and Information Security Handbook (Third Edition), J.R. Vacca, ed., Morgan Kaufmann, Boston, pp. 985–1009

Laurent, M., Denouël, J., Levallois-Barth, C., and Waelbroeck, P., 2015, “Digital Identity,” Digital Identity Management, London, ISTE Press, Elsevier, pp. 1–45. https://doi.org/10.1016/C2015-0-00282-9

Mouton, D. et.al., 2012, Sécurité de La Dématérialisation : De La Signature Électronique Au Coffre-Fort Numérique, Une Démarche de Mise En Oeuvre Ed. 1, Eyerolles, Paris.

Sullivan, C., 2014, “Protecting Digital Identity in the Cloud: Regulating Cross Border Data Disclosure,” Computer Law & Security Review, 30(2), pp. 137–152.

Sullivan, C., 2009, “Digital Identity – The Legal Person?,” Computer Law & Security Review, 25(3), pp. 227–236.

Sullivan, C., 2018, “Digital Identity – From Emergent Legal Concept to New Reality,” Computer Law & Security Review, 34(4), pp. 723–731.

Gill, B. C., Zampini, A. M., and Mehta, N. B., 2015, “Digital Identity: Develop One Before You’re Given One,” Urology, 85(6), pp. 1219–1223.

Samia, B., and Maryline, L., 2015, “Digital Identity Management,” Elsevier Science Publishers B. V. Amsterdam, The Netherlands, The Netherlands.

J. L. Camp, "Digital identity," in IEEE Technology and Society Magazine, vol. 23, no. 3, pp. 34-41, Fall 2004. doi: 10.1109/MTAS.2004.1337889.

Mui, L., Mohtashemi, M., and Halberstadt, A., 2002, “A Computational Model of Trust and Reputation,” Proceedings of the 35th Annual Hawaii International Conference on System Sciences, pp. 2431–2439.

Cameron, K. (2005), The Laws of Identity, published as weblog.

“ISO - ISO/IEC 27000:2016 - Technologies de l’information — Techniques de Sécurité — Systèmes de Gestion de Sécurité de l’information — Vue d’ensemble et Vocabulaire” [Online]. Available: https://www.iso.org/fr/standard/66435.html. [Accessed: 23-Sep-2019].

P. Simmonds, "The digital identity issue", Network Security, vol. 2015, no. 8, pp. 8-13, August 2015.

Karray, A., 2008, “Conception, mise en oeuvre et validation d’un environnement logiciel pour le calcul sécurisé sur une grille de cartes à puce de type Java,” p. 167..

Ghizlane, M., Reda, F. H., and Hicham, B., 2019, “A Smart Card Digital Identity Check Model for University Services Access,” Proceedings of the 2nd International Conference on Networking, Information Systems & Security, ACM, New York, NY, USA, pp. 67:1–67:4.

Ghizlane, M., Reda, F. H., and Hicham, B., 2018, “A Security Policy for Access Control to Academic Services Based on Public Key Infrastructures and Smart Cards,” 2018 6th International Conference on Multimedia Computing and Systems (ICMCS), pp. 1–6.

Moukhliss, G., Hilali, R. F., Belhadaoui, H., and Rifi, M., 2019, “A New Smart Cards Based Model for Securing Services,” 17(1), p. 15.

Rizcallah, M., 2004, Annuaires LDAP Ed. 2, Eyrolles, Paris.

Cloux, P.-Y., and Corvalan, R., 2004, Les annuaires LDAP: Méta-annuaire et e-provisioning, Dunod, Paris.




DOI: http://dx.doi.org/10.6084/ijact.v8i11.1038

Refbacks

  • There are currently no refbacks.




Copyright (c) 2019 COMPUSOFT: An International Journal of Advanced Computer Technology