From Real-world Identities to Privacy-preserving and Attribute-based CREDentials for Device-centric. Access Control (ReCRED) Projects uri icon

type

  • European Research Project

reference

  • GA-653417-ReCRED

date/time interval

  • May 1, 2015 - April 30, 2018

abstract

  • ReCRED´s ultimate goal is to promote the user´s personal mobile device to the role of a unified authentication and
    authorization proxy towards the digital world. ReCRED adopts an incrementally deployable strategy in two complementary
    directions: extensibility in the type and nature of supported stakeholders and services (from local access control to online
    service access), as well as flexibility and extensibility in the set of supported authentication and access control techniques;
    from widely established and traditional ones to emerging authentication and authorization protocols as well as
    cryptographically advanced attribute-based access control approaches. Simplicity, usability, and users privacy is
    accomplished by: i) hiding inside the device all the complexity involved in the aggregation and management of multiple
    digital identifiers and access control attribute credentials, as well as the relevant interaction with the network infrastructure
    and with identity consolidation services; ii) integrating in the device support for widespread identity management standards
    and their necessary extensions; and iii) controlling the exposure of user credentials to third party service providers. ReCRED
    addresses key security and privacy issues such as resilience to device loss, theft and impersonation, via a combination of: i)
    local user-to-device and remote device-to-service secure authentication mechanisms; ii) multi-factor authentication
    mechanisms based on behavioral and physiological user signatures not bound to the device; iii) usable identity management
    and privacy awareness tools; iv) usable tools that offer the ability for complex reasoning of authorization policies through
    advanced learning techniques. ReCRED’s viability will be assessed via four large-scale realistic pilots in real-world
    operational environments. The pilots will demonstrate the integration of the developed components and their suitability for
    end-users, so as to sho

keywords

  • complexity and cryptography; electronic security; privacy; biometrics; authentication