D2.5 System Security Requirements, Risk and Threat Analysis – 2nd Iteration

CREDENTIAL

Contributing Partners

AIT, ATOS, FOKUS, TUG, SIC, KGH, GUF

Executive Summary

On a high level, the central goal of the CREDENTIAL project is to develop a privacy-preserving data sharing platform (wallet) with integrated identity provider (IdP), which can be used to share authenticated data without the wallet learning any of the user’s personal information. The functionality and added value of these services will be showcased by concrete pilots from the domains of eGovernment, eHealth, and eBusiness.
A central task that needs to be performed before and in parallel to the actual implementation and development of such a service is to precisely specify the requirements the system has to fulfill. This requirement engineering process is necessary to achieve best possible acceptance by all stakeholders, but also to identify and resolve potentially conflicting or contradicting requirements posed by different stakeholders.
The requirement analysis consists of the assessment of functional and non-functional requirements. This document focuses on the non-functional security requirements of the developed core components and pilot use cases, ranging from software architecture requirements over deployment and life-cycle management, via communication, user-management, and logging, through to server- and client-specific requirements. Also, wherever possible, requirements, inherently coming from the very own approach of CREDENTIAL and going beyond those of existing IdP and data sharing platforms, are discussed.
Besides the specification of non-functional security requirements, we give a precise description of the considered adversary model.
Furthermore, we describe the security risk management approach that is used to evaluate actual risks in CREDENTIAL. We here follow a STRIDE&DREAD approach. Also, an up-to-date detailed risk assessment on an updated DFD is provided. During the refinement process of the requirements this updated risk assessment is used.
Differentiation to other deliverables. This document focuses on non-functional security requirements. Functional requirements on the Cloud Identity Wallet can be found in D2.3 (“Cloud Identity Wallet Requirements”), which in particular focuses on data exchange, authenticity, and secure re-encryption, but also on technical requirements like compatibility with existing services. Legal, socio-economic, privacy, and usability requirements are discussed in D2.6 (“User Centric Privacy and Usability Requirements”).

*This deliverable will be made available after acceptance by the European Commission in late 2018.