Interoperability for electronic ID

Abstract

Electronic Business, including eBanking, eCommerce and eGovernmental services, is today based on a large variety of security solutions, comprising electronic IDs provided by a broad community of Public Key Infrastructure (PKI) vendors. Significant differences in implementations of those solutions introduce a problem of lack of interoperability in electronic business, which have not yet been resolved by standardization and interoperability initiatives based on existing PKI trust models. It is not only the technical interoperability of electronic IDs which today makes many electronic transactions impossible. The main obstacle to global interoperability of electronic IDs is the lack of trust in digital certificates issued by various Certification Authorities (CAs). Relying Parties (RPs) need to trust digital certificates in order to be able to validate them. We observe that the multi-vendor PKI community lacks an independent source of electronic IDs quality information, which could make digital certificate validation possible on a global scale. Therefore, this thesis presents the concept of a new PKI trust model which introduces a Validation Authority (VA) as a single trust point in the global PKI trust network. The main goal of this thesis is to develop a model of Global Validation Service (GVS), which uses Global Validation Authority (GVA), based on the VA concept, to provide digital certiÞcate validation and signature veriÞcation to Relying Parties. The presented research focuses on investigating technical, legal and business issues which would enable RPs to delegate the certificate validation to an independent Validation Authority.