LOGIN
Fidelity Homepage
About Celtic
Partners
Project Description
Documentation
Links
Funding
Demos
Events
Presented Papers
Press
Experts
Main focus
Market needs and expected impact

PROJECT DESCRIPTION

The main project results will be a proof-of-concept regarding the viability of a pan-European IDM federation solution based on the Liberty concept. It will be provided in the form of

  • a Liberty/FIDELITY-Project compliant test infrastructure with CoTs in 4 European countries,
  • practical demonstrations in e-services based scenarios running on this infrastructure, and
  • a detailed evaluation report with conclusions and recommendations.

The evaluation criteria will embrace the following aspects:

Technical:

  • Interoperability: the 4 CoT will demonstrate the possibility for an end-user to access to, through different networks, and to navigate freely between the CoT using Identity federation and interoperability with respect of user's privacy. Again, exchange of user's attributes between CoT and services with users' permission will be a key point of the interoperability challenge. The suitability of the test suite for the validation purposes will be an important aspect.
  • Performance (response time at the end-user-level, capacity, scalability, ...): InterCoT communications efficiency will be measured according to test use cases. The SIM card implementation will be compared to classic technical implementation of the test use case. Regarding scalability and capacity, the performance of involved products will be compared and analysed in regard to the business cases. Feedback on the architecture of CoT and InterCot communications will be analysed and enhancements proposed if suitable.
  • Ability to support several authentication mechanisms: various authentication mechanisms of end users will be demonstrated from basic systems to highly secure ones like involving SIM card and/or PKI in the InterCoT context.
  • Access control based on different authentication levels: at Service Providers (SP) side, functionalities or services will have to be made available to end users according to different levels of authentication challenge. This will be managed and supported by the Identity Provider. Service Providers will be able to request a higher authentication challenge during the same session when the end-user requests another secure service.

Security / privacy:

  • Provide end-users with trust regarding privacy (security issues - the end-user's viewpoint): InterCoT communications, as well as test user cases will provide secure mechanisms with respect to the user's home country and European regulations. The practical demonstrations will reveal to end-users any change in terms of privacy or data security, or just personal data exchange. An important aspect from the user's viewpoint is the guarantee of a balanced and appropriate exchange of ID data with the relevant actors of the CoTs. The limited data usage by these actors is another important element enabling user trust in the system. This means that a process going from anonymity to pseudonymity, real identification and full authentication is necessary. This means that ID data transmission and storage should be limited to the sessions and actors who really need them.
  • For the CoT actors, security is related to the protection of their contents, be they contents for sale (content providers) or consumer identity data (Identity / attribute providers). Content and data transactions must show high levels of security and thorough respect of privacy rules. The Liberty mechanisms will be tested in different circumstances and transactions schemes in order to check how the Liberty enabled components allow an easy deployment of the Liberty services at the different places of the CoT (ID provider, attribute provider, service provider, ...). The evaluation will bear on the implementation conditions of SSO, account federation, authentication supports, data bases access, etc. But technical performance seen from the professional users' viewpoint will not be the only focus. It will be analysed with regards to the conditions made to the respect of privacy.

Deployment issues :

  • Ease of use for consumer (easiness to "enrol", include e-services, remove services): end-user presentation of main functionalities like federate/defederate identities, manage InterCoT authentications, user's attributes exchanges across CoT will be optimized regarding the technologies involved.
  • Ease of deployment (complexity and cost) to service providers and end-users: the involved technologies will demonstrate the easiness of deploying and making interoperable systems across countries in regard of affordable costs and complexity of integration for each key sub system: Service Provider, Identity Provider and Attributes Providers.
  • Viability regarding business (customers, market segments, added value services, acceptable cost); internal use by telcos (ROI through savings, better service quality); business cases for e-service companies; which services need / benefit from IDM services, etc.
  • Compatibility with regulations: Since the concept validated by the FIDELITY-Project is seen as the solution for a pan-European ID management federation, the project must ensure that the implementation meets European regulations. The requirements establishment, and the verification of the correct implementation will be done with the help of an expert in this field.