D5.15 Design and Specifications of the STORK Compliant eID for OpenNCP (Version 1)

This document describes the KONFIDO component responsible for performing eIDAS compliant authentication.

OpenNCP deals with sensitive data and, as such, it should provide strong authentication mechanisms to allow onlyproperly identified people to access them. This will significantly increase the effective and perceived security of thesystem as a whole and it will contribute to its widespread adoption.

The development of the authentication mechanism, in the context of the KONFIDO project, will made available to professionals and patients using OpenNCP a way to authenticate with digital identities that have been issued by their country of origin, providing for the highest level of security and following the different regulations and laws concerning the access to sensitive data.

Although the title of this deliverable specifically refers to “STORK”, the actual DoW actually states: This task aims at designing a STORK compliant support for eID into OpenNCP. This task will start with an analysis of the EU landscape for eID, to assess availability and applicability of eIDAS regulation into KONFIDO. Then the architecture design for properly managing STORK/eIDAS eIDs is the main objective of this task and will address key considerations like the mapping of STORK QAA (Quality Authentication Assurance) (or eIDAS levels) into the KONFIDO architecture, and the design of a translation mechanism between the STORK eHealth profiles and the OpenNCP framework. In the light of the progressive uptake of the eIDAS Regulation and in order to provide a forward looking system, also following the recommendations of the Advisory Board, KONFIDO will support only eIDAS compliant digital identities.