ABC4Trust is an EU-funded research initiative that uses cryptographic technologies to provide better protection of privacy and identity on the Internet.
Who can I contact?
Schedule
| Start: | November 1, 2011 |
| End: | October 31, 2014 |
Links
Budget
Total cost of €13,59 Million (€8.85 Million EU-funded)
11 Partners
Events
- 4th General Meeting, from Wednesday 25th of January, 2012 until Friday 27th of January, 2012
Related technology
Cryptographic Libraries
Give us the instruction set of your microcontroller and we do the rest.
We have more than 20 years of experience in developing and delivering cycle-accurate optimized cryptographic libraries. Our software is available on a variety of hardware platforms and supports standard and advanced cryptographic algorithms.
Related research projects
LYRICS
Protecting user privacy on NFC-enabled mobile phones.
A personal data breach may, if left unaddressed in an adequate and timely manner, result in a substantial economy loss and social harm. A breach should be considered as adversely affecting the data or privacy of a subscriber or service user when it can result in, for example, a confidentiality breach, discrimination, unwanted exposure, loss of control, unauthorized commercial solicitations or damage to reputation. Innovative crypto can help.
KISS
The Smart Cloud approach: database-supporting smartcards securely operated through the Cloud.
The KISS research initiative introduces the concept of Smart Cloud, whereby end users carry secure tokens managing their personal data instead of relying on cloud storage. Through a variety of innovative cryptographic technologies, a Smart Cloud also supports data federation and aggregation such as statistics, but in a built-in, privacy-respecting way.
Everyday citizens access thousands of different Internet services, such as online banking, e-shopping, and social networks. For virtually every service, users have to create a personal user profile and get access to the service after a login via username and password. This means that the user is linked to the transaction, which is undesirable. Disclosing more information than necessary not only harms users’ privacy but also increases the risk of abuse of information - such as identity theft - if personal information falls into the wrong hands.
The goal of ABC4Trust is to show that systems of Attribute-Based Credentials can support both secure authentication as well as privacy, for instance in connection with electronic ID cards (eID), computer-supported polls, surveys, etc. ABC4Trust aims to establish an overall architecture and a common platform for existing ABC systems and to test these in a number of pilot tests.
The contribution of CryptoExperts includes a smartcard implementation of the different cryptographic building blocks, a comparison of the specific offerings from IBM (IdentityMixer) and Microsoft (U-Prove) in terms of portability and efficiency, and leading the development of a common open architecture for ABC solutions.
The ABC4Trust consortium is coordinated by “Chair of Mobile Business & Multilateral Security” at Goethe University in Frankfurt and brings together leading companies, European universities, and other partners to deploy in practice privacy and identity management technology.
OBJECTIVES AND EXPECTED OUTCOMES
The ABC4Trust project has two research objectives:
- to define a common, unified architecture for ABC systems to allow comparing their respective features and combining them on common platforms, and
- to deliver open reference implementations of selected ABC systems and deploy them in actual production pilots. This will allow provably accredited members of restricted communities to provide anonymous feedback on their community or its members.
TECHNOLOGY CONVERGENCE
The four-year project will test privacy-preserving Attribute-Based Credentials (ABC) that allow the user to prove just the required information, without giving away a full identity.
The ABC system will make use of the two privacy-respecting technologies, IBM’s Identity Mixer and Microsoft’s U-Prove.
IBM Identity Mixer and Microsoft U-Prove use sophisticated, yet efficient, cryptographic algorithms to help ensure that an individual’s real identity, including personal attributes and behavior profiles, are never exposed to a service provider without the individual’s consent.
This technology is suitable for a wide range of applications, including insurance, healthcare services, online shops or credit cards. The technologies and its inventors have received several awards; in particular, they jointly received the Best Innovation European Identity Award 2010.
With ABC4Trust, Identity Mixer and U-Prove will be truly interoperable with the help of Nokia Siemens Networks’ IDM Solution being the party that integrates with both.
TWO TEST SITES
Patras University in Greece and Norrtullskolan secondary school in So”derhamn, Sweden, are selected as pilot sites for testing privacy-enabling technology to be used for school portals and electronic evaluation of university courses.
In both pilots ABC4Trust will allow each education facility to issue credentials to its users, including pupils, parents and students, enabling them to, prove that they have attended a certain class, are members of a specific group such as a sports team, or have a given sex or age.
When the digital credentials are stored on a smartcard or mobile phone, users may use them for authenticating towards services. At the Patras pilot, the university will be able to run its own computerized feedback system and students can take comfort in knowing that ABC4Trust is protecting their identity.
BUSINESS PERSPECTIVES
As electronic personal identification cards and electronic driving licenses are becoming more widespread for identification, authentication, and payment in a broad range of applications, the users’ privacy will become an even greater challenge.
Privacy technologies, such as the ones piloted in ABC4Trust, will be necessary for building sustainable privacy solutions into these systems.
With ABC4Trust, communication service providers will be in a very good position to offer a better customer experience by providing advanced user-centered Identity Management (IdM) functionality.
Pascal Paillier, Kai Rannenberg.