The goal of the project was to conceptualize, design, develop, test and implement the solution for user authentication at the national level, which enables integration with various e-services provided by the government - NIAS (National Identification and Authentication System).

 

NIAS is a comprehensive information-technology solution, built on the principles set out in the proposed concept for an integrated, centralised authentication and authorization system (issued by the Croatian Central State Office for e-Croatia, Version 1.1, 8 June 2010). NIAS is intended to be used for user authentication at the national level, which includes multiple types of credentials for different levels of information security.

 

The basic function of NIAS is to secure electronic identification and positive authentication of users of the e-services.

NIAS functionally distinguishes three basic types of entities:

All entities communicate by exchanging messages according to the SAML 2.0 standard.

 

NIAS acts as a ‘mediator’ between the user of the e-services, providers of the e-services and the issuers of the credentials. In doing so, NIAS, and not the e-service, sends a request to the Issuer of credentials to verify its authenticity. After successful authentication of the credentials, NIAS service provider sends the identifying information (i.e. ‘attributes’) of the authenticated user. Based on these ‘attributes’, the e-service grants access to the authenticated user. The key features of the credentials in the process of authentication are their “security levels” which enable e-services to provide different level of services to the citizens depending on the “security level” which the citizen obtained by identifying himself / herself.