Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Safelayer's results during the Segur@ project


Published on

Safelayer Secure Communications' results during the “Security and Trust in the Information Society” project, also known as Segur@, which has been partially funded by the Spanish Centre for the Development of Industrial Technology's CENIT programme (reference CENIT-2007 2004).

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Safelayer's results during the Segur@ project

  1. 1. Safelayer Secure CommunicationsActividades en el proyecto Segur@ Segur@ Project Research June 2011
  2. 2. Safelayer: research in the Segur@ Project• Safelayer’s research in the Segur@ Project focused on: ‒ The electronic passport ‒ User-centric identity management ‒ Innovative authentication mechanisms ‒ Semantic technologies for enhancing trust ‒ Electronic evidence management• Most important results: ‒ Prototype implementation of innovative applications, available at ‒ Integration of diverse technologies. ‒ Direct contribution to international standards, including interoperability tests with other developers.• The Universitat Politècnica de Catalunya (Technical University of Catalonia) collaborated in the research.I+D / June 2011 WWW.SAFELAYER.COM 2
  3. 3. Electronic Passport• Safelayer actively participated in the definition of the PKI architecture that will support the deployment of the second generation electronic passport in the following tasks: ‒ Specification of the communication protocol that allows the key exchange among member states. ‒ Implementation and testing of the PKI for the card verifiable certificates contained in the passport. ‒ Study of the implications of the deploying of national public key directories that are managed by the governments and handle the material required to validate the passport certification chains. ‒ Design of an inspection system prototype. ‒ Implementation of a centralized directory prototype for the distribution of cryptographic material to the inspection systems.• This work was undertaken at an international level as an extension of the Brussels Interoperability Group’s efforts.I+D / June 2011 WWW.SAFELAYER.COM 3
  4. 4. User-centric identity management• Safelayer developed an experimental identity provider that integrates several user-centric identity management technologies: ‒ Authentication with managed information cards. ‒ Identity data import from digital certificates (national ID card), RDF documents and OpenID providers with source verification: the information that comes from trusted sources is recognized and evaluated. ‒ Dynamic identity attributes.• A FOAF document editor was also designed and implemented. It can intelligently merge identity profiles stored on different social networks.• To simplify the handling of FOAF documents and minimize the need to use specific RDF tools, Safelayer published foaf4j API under GPL license.• All the experimental applications are available at / June 2011 WWW.SAFELAYER.COM 4
  5. 5. Innovative authentication mechanisms• In order to improve authentication processes, innovative mechanisms were designed that, while still being user-friendly, provide a level of security that is proportional to the risk. ‒ One time passwords, which are more secure. ‒ Graphical passwords, which are easier to remember. ‒ Mutual authentication of client and server.• Two innovative and ergonomic strong multifactor authentication experimental systems were designed and validated: ‒ gOTP generator for iPhone, available at App Store. ‒ QR-Scan OTP for Android, available at Android Market. ‒ Both applications can be used as authentication mechanisms for• Safelayer applied this knowledge in its contributions to the ISO/IEC standards on identity, authentication and access control management.I+D / June 2011 WWW.SAFELAYER.COM 5
  6. 6. Semantic technologies for enhancing trust• Safelayer worked with semantic languages and tools to: ‒ Integrate identity and security information. ‒ Infer new information that is not explicitly stored in knowledge bases. ‒ Facilitate application interoperability and service discovery.• Ontologies and solutions that improve security and trust applications were proposed, focusing on and validating the following use cases: ‒ Digital Rights Management: Prototype of the semantic authorizer to protect resources. ‒ Semantic digital signature: Provides integrity and authenticity to fragments of information that are endorsed by different trust sources without compromising the whole document as current standard signature formats do. ‒ Authentication mechanisms: Dynamic assessment of their level of assurance. ‒ Trust: Assessment of the factors that influence the PKI keys life-cycle and usage environment. ‒ Access control: XACML policy validation and proposal of a semantic schema for better exploiting information on resources.I+D / June 2011 WWW.SAFELAYER.COM 6
  7. 7. Electronic evidence management• To enhance the security information management systems, Safelayer worked on the creation and management of electronic evidences.• A system that provides technical and legal validity to the security information that is gathered and processed by the cooperative information management system was proposed and tested. ‒ The system supports creating, storing and accessing electronic evidences associated to events that need to be stored over the long-term.• A service that endorses the participation in electronic transactions was designed and validated to enhance the cooperative information management system security with electronic evidences of all information exchanges.• With regard to the management of information that might be required in the long term: ‒ The implications of long-term information storage was studied in terms of access, interpretation and trustworthiness. ‒ The feasibility of using ontologies to structure security information events was studied.I+D / June 2011 WWW.SAFELAYER.COM 7
  8. 8. Safelayer Secure Communications R&D +34 935 088 090