F&C eID
Scenari Innovativi di Identità Digitale
Overview
The project aims at studying emerging technologies in digital identity with the goal of implementing a POC in the context of “Enter with CIE” digital identity scheme.
The project is focus on the following research topics:
- OpenID Connect (OIDC): design and security assessment of the OIDC profile for the CIE id digital identity system, we a focus on federation, cross-domain sharing and session management solutions.
- Fast IDentity Online (FIDO): study of the state-of-the-art of and design of FIDO solutions for online authentication at Level 2 in federated and non-federated contexts and a solution for unlocking a digital identity wallet supporting the offline scenario.
- Digital Wallet: design and security analysis of features related to the European Digital Identity Wallet, we focus on trust model, PID/(Q)EAA data model and PID/(Q)EAA issuance flows adopting several features of the “OpenID for Verifiable Credential Issuance”.
- Face verification: survey on face verification threats and attack patterns that can be used in remote identity proofing and design for the PUK recovery solution.
Details
- Period: from 01/04/2022 until 31/12/2023.
Related Tools
- Micro-Id-Gym [documentation, code]
Related Collaborations
Related Publications
-
Andrea Flamini, Giada Sciarretta, Mario Scuro, Amir Sharif, Alessandro Tomasi, Silvio Ranise
On Cryptographic Mechanisms for the Selective Disclosure of Verifiable Credentials
In: Journal of Information Security and Applications (JISA) (DOI, news) -
Amir Sharif, Francesco Antonio Marino, Giada Sciarretta, Giuseppe De Marco, Roberto Carbone, Silvio Ranise
Cross-Domain Sharing of User Claims: A Design Proposal for OpenID Connect Attribute Authorities
In: 18th International Conference on Availability, Reliability and Security (ARES 2023) (DOI, news) -
Amir Sharif, Matteo Ranzi, Roberto Carbone, Giada Sciarretta, Francesco Antonio Marino, Silvio Ranise
The eIDAS Regulation: A Survey of Technological Trends for European Electronic Identity Schemes
In: MDPI Journal of Applied Science (APPLSCI) (DOI, complementary material, news) -
Amir Sharif, Matteo Ranzi, Roberto Carbone, Giada Sciarretta, Silvio Ranise
SoK: A Survey on Technological Trends for (pre)Notified eIDAS Electronic Identity Schemes
In: 17th International Workshop on Frontiers in Availability, Reliability and Security (FARES2022) (DOI, complementary material, news)
Awards: Best paper award -
Matteo Rizzi, Salvatore Manfredi, Giada Sciarretta, Silvio Ranise
A Modular and Extensible Framework for Securing TLS
In: Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy (CODASPY 2022) (DOI, news)
Related Disseminations
-
January 19, 2024 •
Specialized
Amir Sharif, Giada Sciarretta, Roberto Carbone, Silvio Ranise, Francesco Antonio Marino, Giuseppe De Marco
Waiting for the EUDI Wallet: Securing the transition from SAML 2.0 to OpenID Connect
OpenID Summit Tokyo 2024 (Event) -
June 6, 2023 •
Specialized
Amir Sharif
Cross-Domain Sharing of User Claims: A Design Proposal for OpenID Connect Attribute Authorities
1st International Workshop on Trends in Digital Identity 2023 (Event, Program) -
May 11, 2023 •
Specialized
Francesco Antonio Marino, Giada Sciarretta, Amir Sharif
Past, Present, and Future of the Italian Digital Identity Ecosystem
European Identity and Cloud (EIC) Conference 2023 (Event, Session) -
May 5, 2022 •
Specialized
Roberto Carbone, Giuseppe De Marco, Francesco Antonio Marino, Silvio Ranise, Giada Sciarretta, Amir Sharif
Cross-Domain Sharing of User Claims: A Proposal for OIDC
OAuth Security Workshop (OSW) 2022 (Event)