|WP leader||Oberthur (FR)|
GTO, CEA-LETI, Worldline, Oberthur, STM, Tlabs, IMA, Tyndall, Tyco, IT, IPCB, Beyond Vision
|Objectives||The objectives of the tasks are the following:
• User Identification/authentication (biometry, 2FA)
• Anonymity preserving secure transaction models and algorithms
• User privacy protection and personal cloud
• Anonymous, authentic and untraceable attributes principles suitable with wearable device constraints and user’s experience
• Shared attributes (collection and publication of the user’s attributes) management under the user’s agreement
• Energy/power consumption efficient security algorithms
• Open system with distributed and independent Key Management System
Wearable devices pose a great challenge in terms of security and privacy. First, personal data gathered by man-held objects must be securely stored and transferred. Second, the information must be only accessed by authorized users. Not authorized entities should not be able to get or even infer any user-related information. Confidentiality, anonymity, non-traceability, Integrity and fast authentication are a must, in order to ensure that the personal data generated, stored and transmitted by devices is delivered to legitimate end users and not corrupted or disclosed and even correlated.
Privacy by design is also a must when the information is sensitive such as health related data or electronic money movements, that could allow outsiders to profile user activities. The protection of the privacy have become a more challenging due to the communications between wearable devices linked to the user and the Smart-City infrastructure. Any uncontrolled information leaks or transfer of large data constants can be correlated for disclosing the identity or private information relative to the user. Previous research on this field has highlighted numerous security and privacy protection issues asking for specific and novel procedures. For example, the usual cryptography principles as a Public Key Infrastructure can no longer be used as universal solution and new KMS systems must be implemented. To achieve security and privacy, reliable, hence strong and complex, security mechanisms should be provided in order to protect sensitive information like health-related profiles or credit card credentials. Moreover, these mechanisms must ensure device interoperability and energy efficiency.
|Task ID||Task description|
|T6.1||User Identification / authentication|
|T6.2||User anonymity and user privacy|
|T6.3||Shared attributes and cognitive authentication|