Key Factors in Coping with Large-Scale Security Vulnerabilities in the eID Field

被引：12

作者：

Lips, Silvia ^{[1
]}

Pappel, Ingrid ^{[2
]}

Tsap, Valentyna ^{[2
]}

Draheim, Dirk ^{[2
]}

机构：

[1] Politsei, Parnu Mnt 139, EE-15060 Tallinn, Estonia

[2] Tallinn Univ Technol, Large Scale Syst Grp, Akad Tee 15a, EE-12618 Tallinn, Estonia

来源：

ELECTRONIC GOVERNMENT AND THE INFORMATION SYSTEMS PERSPECTIVE, EGOVIS 2018 | 2018年 / 11032卷

关键词：

e-identity; e-governance; e-services; IT security Crisis management; Business continuity management;

D O I：

10.1007/978-3-319-98349-3_5

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In 2017, the encryption vulnerability of a widespread chip led to major, nation-wide eID card incidents in several EU countries. In this paper, we investigate the Estonian case. We start with an analysis of the Estonian eID field in terms of stakeholders and their responsibilities. Then, we describe the incident management from the inside perspective of the crisis management team, covering the whole incident timeline (including issues in response, continuity and recovery). From this, we are able to derive key factors in coping with large-scale security vulnerabilities in the eID field (public -private partnership, technical factors, crisis management, documentation), which encourages further research and systematization.

引用

页码：60 / 70

页数：11

共 50 条

[21] A Large-Scale Empirical Study of Security Patches
Li, Frank
Paxson, Vern
[J]. CCS'17: PROCEEDINGS OF THE 2017 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2017, : 2201 - 2215
[22] Network security policy for large-scale VPN
Shan, RS
Li, SH
Wang, MZ
Li, JH
[J]. 2003 INTERNATIONAL CONFERENCE ON COMMUNICATION TECHNOLOGY, VOL 1 AND 2, PROCEEDINGS, 2003, : 217 - 220
[23] Large-scale validation of a security inspection model
Drury, Colin G.
Ghylin, Kimberley M.
Schwaninger, Adrian
[J]. CONTEMPORARY ERGONOMICS 2007, 2007, : 209 - 214
[24] Key Technologies for Ultra Large-scale Integration
[J]. Bulletin of the Chinese Academy of Sciences, 2020, 34 (01) : 37 - 37
[25] Investigation on Key Technologies in Large-Scale MIMO
Xin Su
Jie Zeng
Li-Ping Rong
Yu-Jun Kuang
[J]. Journal of Computer Science and Technology, 2013, 28 : 412 - 419
[26] Investigation on Key Technologies in Large-Scale MIMO
Su, Xin
Zeng, Jie
Rong, Li-Ping
Kuang, Yu-Jun
[J]. JOURNAL OF COMPUTER SCIENCE AND TECHNOLOGY, 2013, 28 (03) : 412 - 419
[27] Is BIM the Key to a successful Large-scale Project?
Fischer, Oliver
[J]. BETON- UND STAHLBETONBAU, 2017, 112 (07) : 379 - 379
[28] Cyber-Security Vulnerabilities of the Active Power Control Scheme in Large-Scale Wind-Integrated Power Systems
Ansari, M.
Ghafouri, M.
Ameli, A.
[J]. 2022 IEEE ELECTRICAL POWER AND ENERGY CONFERENCE (EPEC), 2022, : 79 - 84
[29] Practical large-scale distributed key generation
Canny, J
Sorkin, S
[J]. ADVANCES IN CRYPTOLOGY - EUROCRYPT 2004, PROCEEDINGS, 2004, 3027 : 138 - 152
[30] Investigation on Key Technologies in Large-Scale MIMO
粟欣
曾捷
容丽萍
邝育军
[J]. Journal of Computer Science & Technology, 2013, 28 (03) : 412 - 419

← 1 2 3 4 5 →