Towards Transactional Electronic Services on Mobile End-user Devices - A Sustainable Architecture for Mobile Signature Solutions

Thomas Zefferer

Abstract

In the European Union, transactional e-services from security-critical domains such as e-government or e-banking often require users to create legally binding electronic signatures. Currently available solutions, which enable users to create such signatures, have usually been designed for classical end-user devices such as desktop computers or laptops and cannot be applied on mobile end-user devices. This complicates a use of transactional e-services on mobile devices and excludes a growing number of users, who prefer mobile access to services. To address this problem, this paper develops a mobile signature solution that can be applied on mobile end-user devices. Possible architectures for this solution are systematically derived from a generic model first. The best alternative is subsequently determined by means of systematic assessments. This finally yields a technology-agnostic mobile signature solution that can be used as a basis for concrete implementations. By keeping the proposed solution on a rather abstract level, its validity is assured, even if available mobile technologies and the current state of the art change. This way, the proposed solution represents a sustainable basis for future signature solutions and paves the way for transactional e-services on mobile end-user devices.

References

  1. A-Trust (2015). Handy-Signatur - Your digital identity. https://www.handy-signatur.at.
  2. Ageˆncia para a Modernizac¸a˜o Administrativa (2015). Carta˜o de Cidada˜o. http://www.cartaodecidadao.pt.
  3. Al-Hadidi, A. and Rezgui, Y. (2009). Critical Success Factors for the Adoption and Diffusion of m-Government Services: A Literature Review. In Proceedings of the European Conference on e-Government, ECEG, pages 21-28.
  4. Al-khamayseh, S., Lawrence, E., and Zmijewska, A. (2007). Towards Understanding Success Factors in Interactive Mobile Government.
  5. ANSI (2005). Public Key Cryptography for the Financial Services Industry, The Elliptic Curve Digital Signature Algorithm (ECDSA). http:// webstore. ansi.org/ RecordDetail.aspx?sku=ANSI+X9.62%3A2005.
  6. Apple (2015). iOS 8. https://www.apple.com/at/ios/.
  7. CEN (2004). CWA 14169 - Secure Signature-Creation Devices ”EAL 4+”. Technical report, European Committee for Standardization.
  8. Chin, E., Felt, A. P., Greenwood, K., and Wagner, D. (2011). Analyzing Inter-Application Communication in Android. In Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, MobiSys 2011, MobiSys 7811, pages 239-252. ACM Press.
  9. Common Criteria (2013). Common http://www.commoncriteriaportal.org/.
  10. El-Kiki, T. (2007). mGovernment: A Reality Check. In Conference Proceedings - 6th International Conference on the Management of Mobile Business, ICMB 2007, page 37. IEEE.
  11. El-Kiki, T. and Lawrence, E. (2006). Mobile User Satisfaction and Usage Analysis Model of mGovernment Services. In Proceedings of the Second European Mobile Government Conference, pages 91-102.
  12. Enck, W., Ongtang, M., and McDaniel, P. (2009). Understanding Android Security. IEEE Security & Privacy, 7:50-57.
  13. Fairchild, A. and de Vuyst, B. (2012). The Evolution of the e-ID card in Belgium: Data Privacy and MultiApplication Usage. In The Sixth International Conference on Digital Society, pages 13-16, Valencia.
  14. Google (2015). Android. https://www.android.com/.
  15. Harrison, R., Flood, D., and Duce, D. (2013). Usability of Mobile Applications: Literature Review and Rationale for a New Usability Model. Journal of Interaction Science, 1(1):1.
  16. ID.ee (2015). Mobiil-ID. http://id.ee/index.php?id=36881.
  17. Karan, K. and Khoo, M. (2008). Mobile Diffusion and Development: Issues and Challenges of m-Government with India in Perspective. In Proceedings of the 1st International Conference on M4D Mobile Communication Technology for Development, pages 138-149.
  18. Leitold, H., Hollosi, A., and Posch, R. (2002). Security Architecture of the Austrian Citizen Card Concept. In 18th Annual Computer Security Applications Conference, 2002. Proceedings., pages 391-400.
  19. mobiForge (2015). Mobile software statistics 2014. http://mobiforge.com/research-analysis/mobilesoftware-statistics-2014.
  20. Network Working Group (2008). The Transport Layer Security (TLS) Protocol Version 1.2. http://tools.ietf.org/ rfcmarkup/5246.
  21. Rivest, R. L., Shamir, A., and Adleman, L. (1978). A Method for Obtaining Digital Signatures and PublicKey Cryptosystems. Commun. ACM, 21(2):120-126.
  22. Rogers, M. and Goadrich, M. (2012). A Hands-on Comparison of iOS vs. Android. In Proceedings of the 43rd ACM Technical Symposium on Computer Science Education, SIGCSE 7812, page 663, New York, NY, USA. ACM.
  23. The European Parliament and the Council of the European Union (1999). Directive 1999/93/EC of the European Parliament and of The Council of 13 December 1999 on a Community framework for electronic signatures. http://eur-lex.europa.eu/LexUriServ/LexUriServ.do? uri=OJ:L:2000:013:0012:0020:EN:PDF.
  24. The European Parliament and the Council of the European Union (2014). Regulation (EU) No 910/2014 of the European Parliament and of The Councilof 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC. http:// eur-lex.europa.eu/legal-content/EN/TXT/HTML/ ?uri=CELEX:32014R0910&from=EN.
  25. Zefferer, T., Kreuzhuber, S., and Teufl, P. (2013). Assessing the Suitability of Current Smartphone Platforms for Mobile Government. In Technology-Enabled Innovation for Democracy, Government and Governance, pages 125-139.
  26. Zefferer, T. and Krnjic, V. (2012). Usability Evaluation of Electronic Signature Based E-Government Solutions. In Proceedings of the IADIS International Conference WWW/INTERNET 2012, pages 227-234.
Download


Paper Citation


in Harvard Style

Zefferer T. (2015). Towards Transactional Electronic Services on Mobile End-user Devices - A Sustainable Architecture for Mobile Signature Solutions . In Proceedings of the 11th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-989-758-106-9, pages 586-597. DOI: 10.5220/0005482405860597


in Bibtex Style

@conference{webist15,
author={Thomas Zefferer},
title={Towards Transactional Electronic Services on Mobile End-user Devices - A Sustainable Architecture for Mobile Signature Solutions},
booktitle={Proceedings of the 11th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2015},
pages={586-597},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005482405860597},
isbn={978-989-758-106-9},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - Towards Transactional Electronic Services on Mobile End-user Devices - A Sustainable Architecture for Mobile Signature Solutions
SN - 978-989-758-106-9
AU - Zefferer T.
PY - 2015
SP - 586
EP - 597
DO - 10.5220/0005482405860597