ATOS, AIT, FOKUS, GUF, TUG, OTE, SIC
The CREDENTIAL system must support a set of generic business and logical use cases that are the result of the generalization of use cases linked to three different scenarios related to different domains. These use cases have been defined in a separate deliverable through the collaboration of scenario or pilot partners and all other CREDENTIAL technical and research partners, so they are relevant for the end users but also so they can showcase the truly potential of CREDENTIAL and its features. In order to come up with a functional design for the CREDENTIAL system, it was agreed to follow Kruchten’s 4+1 architectural view model that relies on multiple views from the system (logical, development, process, physical and use case) that allows agreeing to a common understanding of the system with different stakeholders. The list of principles that were to govern the design process was also agreed upon at the beginning of the design stage. The principle that has driven many of the most relevant architectural decisions is the privacy by design one. The design of the system has considered the privacy implications of the different available choices before making the final decisions.
The logical view is comprised of 17 services. Some of these services will be required to run in the cloud while the others will have to be provided in the participant's domain (a CREDENTIAL or a third party mobile application or integrated with service providers' platforms). Finally, some of them will have to run jointly, in the cloud and in the participant's domain.
The development architecture provides a more detailed view of the system to be developed. The services to be run in the cloud are considered to be a part of the CREDENTIAL Wallet and are grouped, depending on their purpose in an "Identity and Access Management" and a "Data Management" component. It was decided that services or functionalities bound to be run in the participant's domain will be packed as a "Participant Toolkit" which will ease the integration process. An additional category of services, the request filters, will provide a horizontal set of functionalities that have to be applied to most of the services: auditing, authorization and sanitization.
The process view demonstrates how the different components described in the development view interact towards the realization of the business and logical use cases that characterize the system.
Finally, the physical view depicts the underlying hardware (i.e. physical machines) and software (virtual machines, operating systems, etc.) that could support the operation of CREDENTIAL.
Regarding the design decisions taken during this design phase, these have been gather in the design logbook, that includes the different options considered and the main reasons for the final decisions. One of the most impacting decisions taken during the design of CREDENTIAL was to base the development on an open source existing IAM (OpenAM). This will provide CREDENTIAL a solid foundation on which to deploy the different enhancements (e.g. proxy re-encryption, redactable signatures, anonymous and multiple accounts or FIDO biometric authentication) that will support the different identified use cases and requirements.
The full version of this deliverable can be downloaded here.