Professor Dr. Erich Schweighofer and Walter Hötzendorfer, both of the University of Vienna, have published Electronic identities – public or private, International Review of Law, Computers & Technology, 27(1-2), 230-239 (2013).
Here is the abstract:
In the real world, we usually identify persons by their appearance, voice, and so on. If this is not sufficient, identity cards are used. In the virtual world the situation is different. The basic concepts of the internet provide for unique identification of devices, not of their users. Hence, some kind of identity management system is required, which can be provided either by the state or by the private sector. Official electronic identity schemes, such as the Austrian Citizen Card, are being established in more and more countries. The carrier media of the Citizen Card is a smart card but, since 2009, the mobile phone signature is offered as a more comfortable alternative. However, much more widespread than that are simple user accounts with passwords, one for each individual service. This system has significant flaws. A solution can be provided by the concept of identity federation: an ‘identity ecosystem’ can be established in which a user can choose among several identity providers, authorise them to identify him towards service providers, authorise attribute providers to provide particular qualified user information to a service provider, etc. In this paper the different concepts mentioned above are elaborated and their interrelations and legal difficulties are described.