In 2017, the encryption vulnerability of a widespread chip led to major, nation-wide eID card incidents in several EU countries. In this paper, we investigate the Estonian case. We start with an analysis of the Estonian eID field in terms of stakeholders and their responsibilities. Then, we describe the incident management from the inside perspective of the crisis management team, covering the whole incident timeline (including issues in response, continuity and recovery). From this, we are able to derive key factors in coping with large-scale security vulnerabilities in the eID field (public-private partnership, technical factors, crisis management, documentation), which encourages further research and systematization.
CITATION STYLE
Lips, S., Pappel, I., Tsap, V., & Draheim, D. (2018). Key factors in coping with large-scale security vulnerabilities in the eID field. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11032 LNCS, pp. 60–70). Springer Verlag. https://doi.org/10.1007/978-3-319-98349-3_5
Mendeley helps you to discover research relevant for your work.