Konrad KamiĆski
supervisor: Wojciech Mazurczyk
In my research I want to find method to effective use Polish ID Card with an electronic layer to authenticate Orange Polska employees and partners (maybe clients in future). Goal is to create strong authentication method during a remote contact. Orange Polska works now in a hybrid model, and many employees have decided to use teleworking. Additionally Orange migrate its cybersecurity paradigms to strict control access, also from internal network. A main tool to strong authentication in Orange is smart card with X.509 certificates. But corporate smarty card must be secure delivered and activated by user, and it can be accidentally broken or locked. Therefore, it is important to find an alternative method of remote strong authentication.
Polish ID Card use NFC (Near-field communication) interface to exchange an information with other devices. The main problem is the communication between the user's computer and his ID Card. Second problem is secure integration ID Card authentication with organization systems.
Now my focus is on using ID Cards in Organizational Identity Provider. I was able to verify the concept to authenticate person with an ID card using a USB NFC reader. At first stage I plan to allow users to authenticate with USB NFC reader. This stage will be very limited due to low availability of readers. In parallel I search method to develop remote NFC reader solution, based on smartphone with NFC interface.