Integrating Smart Card Authentication to Web Applications
2022 14th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT)(2022)
摘要
Using personal smart cards for authenticating with web services (like cloud storage) is not trivial due to the lack of open-source implementations, standardization, and documentation. In this paper, we explore the current possibilities of such operation and provide an example solution based on the Estonian Web-eID tool-set. Its primary purpose is to enable state-issued electronic ID cards. However, thanks to its extensibility and being an open-source solution, it is suitable even for custom-built web applications and smart cards. We present an extension of this repository in the form of a highly requested new authentication token validation library for PHP language, a Nextcloud application enabling Web-eID 2-factor authentication, and a new JavaCard applet fully compatible with the Web-eID solution. We use these results for a multi-academical project focused on the secure handling and storing of electronic evidence. We also present implementation results with the developed open-source JavaCard applet and evaluate the potential Czech electronic ID for the Web-eID system for easier and faster deployment in the future. Our contributions aim to help developers implement this strong-authentication method in their web application services using a high-level solution without relying on actual state-issued or proprietary solutions.
更多查看译文
关键词
Web-eID,Smart card,Web application,Cloud storage,Authentication
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要