Evaluation of an E-ID
Lead Management: University of Mannheim
With bwCard and bwIDM, the network of universities in Baden-Württemberg has two essential building blocks at its disposal on the way to more comprehensive concepts of a federally organised digital identity. However, if one wishes to open services on the basis of this E-ID, such as the statewide use of scientific libraries, the requirement of local data storage is always in the foreground here. At the same time, however, it is precisely this local data storage in the sense of purpose-related and saving storage as well as the requirements of transparent handling of personal data that should not be neglected.
The third focus will now explore how a concept that can meet these requirements could be designed. At the same time, it should also be possible to consider overarching concepts such as eIDAS or more recent initiatives such as VeriMe or NextID.
A concrete scenario that should be examined in this context would be, for example: An employee of the University of Stuttgart would like to use the services of the KIT library. After learning about the topic in the reading room, she wants to take some literature with her to Stuttgart. So far this has not been a problem: she goes to the counter, registers as a user and can then borrow the books. However, this is currently only possible during opening hours and involves considerable administrative effort.
Within the framework of the project, it is now to be investigated how such a registration can be designed in such a way that the user can carry it out directly in self-service. Since the KIT library needs reliable personal data according to its statutes, and the University of Stuttgart has this data available at the same time, a possible solution would be to exchange this data between the libraries. However, this can only be done with the consent and transparency of the data owner and at the same time with secure and reliable procedures.
On the basis of such scenarios, which are not limited to library use, this thematic focus will examine how such data exchange can take place and how the requirements for data protection, data transparency and data security can be implemented in the sense of a federal structure in accordance with the articles of association.
AP 3.1 E-ID as a common concept for bwIDM and bwCard
The aim of this work package is to combine these two approaches into a single concept, which on the one hand shows how the two services can mutually enrich each other and at the same time lead to new common benefits. Since the administration of the digital identity is and should always remain a task of the respective institution, local processes and systems must also be taken into consideration. Based on these, a technical and organizational system will be designed within the framework of the project, which will enable service providers to reliably exchange identity data for the usability of the service in such a way that they need it to provide their service.
AP 3.2 new card technology or mobile phone technology
Within the scope of the work package, alternatives to the existing technology used, such as optional transmission protocols to NFC, are to be investigated. Furthermore, new and innovative technologies shall be used, e.g. to what extent a blockchain can be used to enable administrative tasks and authentication. This includes, for example, the transfer and management of entitlements via a block chain. Finally, it will be examined to what extent a blockchain for offline use with the bwCard is possible. AP 3.2 will also examine whether contactless cards currently or in the future comply with the eIDAS guidelines, especially in the area of certificate exchange.
The aim of the work package is to record the findings and evaluate them to determine the extent to which implementation is possible and necessary for Baden-Württemberg universities in terms of experience and necessary further work in the field of card technology, bwIDM and mobile applications.