D4.1 Assessment Report on Cryptographic Technologies, Protocols, and Mechanisms

CREDENTIAL

Contributing Partners

TUG, AIT, FOKUS, GUF, KGH, LISPA, SIC

Executive Summary

On a high level, the central goal of the CREDENTIAL project is to develop a privacy-preserving data sharing platform (wallet) with integrated identity provider (IdP), which can be used to share authenticated data without the wallet learning any of the user’s personal information. The functionality and added value of these services will be showcased by concrete pilots from the domains of eGovernment, eHealth, and eBusiness. A central task that has to be performed in order to develop such a data sharing platform is the identification and evaluation of relevant base technologies, which is provided by this deliverable.
First, we concisely introduce relevant technologies, covering different aspects of the generic data sharing system. These aspects include cryptographic technologies, authentication mechanisms, as well as identity and access management protocols and technologies.
We perform assessments based on high-level criteria with a focus on security, privacy, usability and integration effort. These high-level criteria are then mapped to criteria specific to the technologies under evaluation. The criteria are motivated by CREDENTIAL’s use cases and requirements.
As a result of the assessment, this deliverable makes concrete recommendations for technologies that should be considered in the design and implementation of the generic data sharing platform as technological basis. Also, this deliverable presents technologies, which could provide additional benefits to CREDENTIAL’s envisioned goal and might therefore be of interest for further research in order to apply them.
Besides the generic technologies, we also present an overview of technologies relevant to the pilot use cases in order to facilitate a common understanding of the involved technological ecosystem. Finally, this deliverable provides detailed descriptions of relevant technologies in the appendix for the curious reader. This appendix also serves as a knowledge base for project participants to acquire information on technologies that are not in their core expertise.

Full Version

The full version of this deliverable can be downloaded here.