Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.2: A study on PKI and biometrics
To avoid different regulations within member states, the EU approved Directive 1999/93/EC on the 13.12.1999 on a Community framework for electronic signatures. In this directive the following terms are defined:
Electronic signature
Means data in electronic form which are attached to or logically associated with other electronic data and which serve as a method of authentication
Advanced electronic signature
Means an electronic signature which meets the following requirements:
It is uniquely linked to the signatory
It is capable of identifying the signatory
It is created using means that the signatory can maintain under his sole control
It is linked to the data to which it relates in such a manner that any subsequent change of the data is detectable.
Signatory
Means a person who holds a signature-creation device and acts either on his own behalf or on behalf of the natural or legal person or entity he represents
Signature-creation data
Means unique data, such as codes or private cryptographic keys, which are used by the signatory to create an electronic signature
Signature-creation device
Means configured software or hardware used to implement the signature-creation data
Secure-signature-creation device
Means a signature-creation device which meets the requirements laid down in Annex III of the European Directive about electronic signatures
Signature-verification-data
Means data, such as codes or public cryptographic keys which are used for the purpose of verifying an electronic signature
Signature-verification device
Means configured software or hardware used to implement the signature-verification-data
Certificate
Means an electronic attestation which links signature-verification data to a person and confirms the identity of that person
Qualified certificate
Means a certificate which meets the requirements laid down in Annex I of the European Directive about electronic signatures and is provided by a certification service provider who fulfils the requirements laid down in Annex II
Certification service provider
Means an entity or a legal or natural person who issues certificates or provides other services related to electronic signatures
Electronic-signature product
Means hardware or software or relevant components thereof, which are intended to be used by a certification service provider for the provision of electronic-signature services or are intended to be used for the creation or verification of electronic signatures
Voluntary accreditation
Means any permission, setting out rights and obligations specific to the provision of certification services, to be granted upon request by the certification service provider concerned, by the public or private body charged with the elaboration of, and supervision of compliance with, such rights and obligations, where the certification service provider is not entitled to exercise the rights stemming from the permission until it has received the decision by the body.
Denis Royer | 8 / 40 |