[Work done from 20th October to 2nd November 2008]
During this period we had couple of meetings with our project supervisor Dr. Chandana Gamage, which lead us to a redesign of our architecture. We found that there were some flaws in our earliear architecture, in which the eID WS was sitting on the middle, which could easily lead to problems in terms of load as well as attack prone.
So we discussed on this as decided to make the end-user to be at the end and include one more application to our deliverables list that would be a browser plugin. This plugin will now at as the center point which will handle the message flow from relying party, web service and the eID card.
Also we decided to add one more deliverable to our project in the form of an alternative eID card to smart card based one, using a read-only memory stick. Though this would miss some security advantges, this could give some advantage interms of cost of the device.
I was mainly working on the above two modules of the project during this period. There were no many ways to make a normal USB drive readonly at software level, but it could be done at hardware level. Also there is the option of using virtual partition of the USB drives but this might lead to a Windows-only kind of a situation with my current observations. So I’m exploring into options for possible alternatives to build as read-only memory based eID card.
I have also setup the project repository at http://svn.project-eid.org to which we will be committing our codes in future.
We also finalized our list of final project deliverables with our supervisor as follows.
- eID card
- Smart card based
- Read-only memory based
- Online Authentication Web Service
- Browser plugin for online authentication
- Offline Authentication Application
- Card issuing/creating application
- 2 (or 3) Research Papers
I think we are on track now, and with some speed up development we can do think better in days to come.