WP Description

WP leader Oberthur (FR)
GTO, CEA-LETI, Worldline, Oberthur, STM, Tlabs, IMA, Tyndall, Tyco, IT, IPCB, Beyond Vision
Objectives The objectives of the tasks are the following:
•    User Identification/authentication (biometry, 2FA)
•    Anonymity preserving  secure transaction models and algorithms
•    User privacy protection and personal cloud
•    Anonymous, authentic and untraceable attributes principles suitable with wearable device constraints and user’s experience
•    Shared  attributes (collection and publication of the user’s attributes) management under the user’s agreement
•    Energy/power consumption efficient security algorithms
•    Open system with distributed and independent Key Management System

Wearable devices pose a great challenge in terms of security and privacy. First, personal data gathered by man-held objects must be securely stored and transferred. Second, the information must be only accessed by authorized users. Not authorized entities should not be able to get or even infer any user-related information. Confidentiality, anonymity, non-traceability, Integrity and fast authentication are a must, in order to ensure that the personal data generated, stored and transmitted by devices is delivered to legitimate end users and not corrupted or disclosed and even correlated.

Privacy by design is also a must when the information is sensitive such as health related data or electronic money movements, that could allow outsiders to profile user activities. The protection of the privacy have become a more challenging due to the communications between wearable devices linked to the user and the Smart-City infrastructure. Any uncontrolled information leaks or transfer of large data constants can be correlated for disclosing the identity or private information relative to the user. Previous research on this field has highlighted numerous security and privacy protection issues asking for specific and novel procedures. For example, the usual cryptography principles as a Public Key Infrastructure can no longer be used as universal solution and new KMS systems must be implemented. To achieve security and privacy, reliable, hence strong and complex, security mechanisms should be provided in order to protect sensitive information like health-related profiles or credit card credentials. Moreover, these mechanisms must ensure device interoperability and energy efficiency.

WP Tasks

Task ID Task description
T6.1 User Identification / authentication
T6.2 User anonymity and user privacy
T6.3 Shared attributes and cognitive authentication
T6.4 Energy Efficiency