eIDAS connector


e-SENS partners from the Netherlands have created a standalone adapter in the e-ID area to bridge the gap between e-IDAS based German middelware and the Dutch PEPS based on STORK 2.0, in the e-Agrucilture pilot. With this being a success the Dutch team is currently working with partners from Iceland on building a bridge between the eIDAS node and the STORK 2.0 PEPS.
The results of their work will enable countries with STORK 2.0 infrastructure currently linked to eID services to connect to the eIDAS network. The connector consists of a regular eIDAS node and a plugin that is able to convert in both ways the authentication requests and responses from eIDAS format to STORK 2.0 format. The plugin will also handle mappings of attributes between STORK 2.0 SAML and the eIDAS node SAML. This solution will provide a smooth migration path from STORK to eIDAS and sustainability of STORK services.

In such implementation scenario the eIDAS node is used as an eIDAS connector and therefore it is not connected with Member State specific services like Attribute Providers or Identity Providers. With such design it looks and feels as the country with a STORK 2.0 architecture has implemented eIDAS node while the service provides can continue using their STORK 2.0 solutions and do not need to migrate and invest further. This allows to prolong the life span of the STORK 2.0 infrastructure present in many Member States and at the same time provides possibilities to sustain the STORK2.0 services. Moreover, this scenario offers a smooth migration path from STORK to eIDAS whereby STORK services can continue to run.

The development process of the eIDAS connector is well under way and it's release is expected in October 2016.

Background information:

One of the main results of the STORK1.0 project was a network of proxy services (PEPS/VIDP) for cross border authentication as well as for fetching certified attributes for the authenticated citizens. With the end of STORK1.0 project the proxy services evolved further into two different branches:
a) DG DIGIT took the Proxy services from STORK1.0 and enhanced them to meet the eIDAS requirements. Based on the STORK1.0 code DIGIT developed the eIDAS node which is currently the basis of the new eIDAS network. 
b) The STORK2.0 project picked up the work of STORK1.0 with further piloting of the cross border services extending the applicability of the common e-ID infrastructure. The e-ID infrastructure was enriched with functionalities required to run heterogeneous e-ID applications such as file transfer layer, digital signatures, sector specific attributes, support for mandates and authentication on behalf of legal persons.

As a consequence of the new Regulation on electronic identification and trust services – eIDAS, (EU) No. 910/2014, adopted by the European Parliament and the Council all Member States will implement the eIDAS node. However the STORK2.0 infrastructure is still in use by a considerable number of countries - currently over 20 proxy services are still online. It is expected that the STORK2.0 infrastructure will be in use for considerable time due to the investments in that technology. Long-term sustainability is needed to resolve the issue of incompatibility between the eIDAS node and the STORK2.0 PEPS.