ABC4Trust is an EU-funded research initiative that uses cryptographic technologies to provide better protection of privacy and identity on the Internet.
Everyday citizens access thousands of different Internet services, such as online banking, e-shopping, and social networks. For virtually every service, users have to create a personal user profile and get access to the service after a login via username and password.
This means that the user is linked to the transaction, which is undesirable. Disclosing more information than necessary not only harms users’ privacy but also increases the risk of abuse of information - such as identity theft - if personal information falls into the wrong hands.
The goal of ABC4Trust is to show that systems of Attribute-Based Credentials can support both secure authentication as well as privacy, for instance in connection with electronic ID cards (eID), computer-supported polls, surveys, etc. ABC4Trust aims to establish an overall architecture and a common platform for existing ABC systems and to test these in a number of pilot tests.
The contribution of CryptoExperts includes a smartcard implementation of the different cryptographic building blocks, a comparison of the specific offerings from IBM (IdentityMixer) and Microsoft (U-Prove) in terms of portability and efficiency, and leading the development of a common open architecture for ABC solutions.
The ABC4Trust consortium is coordinated by “Chair of Mobile Business & Multilateral Security” at Goethe University in Frankfurt and brings together leading companies, European universities, and other partners to deploy in practice privacy and identity management technology.
The ABC4Trust project has two research objectives:
1) to define a common, unified architecture for ABC systems to allow comparing their respective features and combining them on common platforms, and
2) to deliver open reference implementations of selected ABC systems and deploy them in actual production pilots. This will allow provably accredited members of restricted communities to provide anonymous feedback on their community or its members.
The four-year project will test privacy-preserving Attribute-Based Credentials (ABC) that allow the user to prove just the required information, without giving away a full identity.
The ABC system will make use of the two privacy-respecting technologies, IBM’s Identity Mixer and Microsoft’s U-Prove.
IBM Identity Mixer and Microsoft U-Prove use sophisticated, yet efficient, cryptographic algorithms to help ensure that an individual’s real identity, including personal attributes and behavior profiles, are never exposed to a service provider without the individual’s consent.
This technology is suitable for a wide range of applications, including insurance, healthcare services, online shops or credit cards. The technologies and its inventors have received several awards; in particular, they jointly received the Best Innovation European Identity Award 2010.
With ABC4Trust, Identity Mixer and U-Prove will be truly interoperable with the help of Nokia Siemens Networks’ IDM Solution being the party that integrates with both.
Patras University in Greece and Norrtullskolan secondary school in So"derhamn, Sweden, are selected as pilot sites for testing privacy-enabling technology to be used for school portals and electronic evaluation of university courses.
In both pilots ABC4Trust will allow each education facility to issue credentials to its users, including pupils, parents and students, enabling them to, prove that they have attended a certain class, are members of a specific group such as a sports team, or have a given sex or age.
When the digital credentials are stored on a smartcard or mobile phone, users may use them for authenticating towards services. At the Patras pilot, the university will be able to run its own computerized feedback system and students can take comfort in knowing that ABC4Trust is protecting their identity.
As electronic personal identification cards and electronic driving licenses are becoming more widespread for identification, authentication, and payment in a broad range of applications, the users’ privacy will become an even greater challenge.
Privacy technologies, such as the ones piloted in ABC4Trust, will be necessary for building sustainable privacy solutions into these systems.
With ABC4Trust, communication service providers will be in a very good position to offer a better customer experience by providing advanced user-centered Identity Management (IdM) functionality.
Start: 1st of November, 2011
End: 31st of October, 2014
Total cost of €13,59 Million (€8.85 Million EU-funded)