FutureID--Shaping the Future of Electronic Identity
(Represented by FHG, ATOS, TUG, EEMA, G&D, DTU, USTUTT)
FutureID has developed the initial concept of a DNS-based trust infrastructure at a much lower level of maturity and without addressing the complete problem. LIGHTest evolves and extends the work of FutureID. FutureID also contributes the patent application for a DNS-based trust infrastructure. FutureID has already used this trust infrastructure for both, authentication and electronic signature.
STORK 2.0--Secure idenTity acrOss boRders linKed 2.0
(Represented by ATOS, TIL, EEMA, TUG, TUBITAK)
The STORK-2.0 project has continued the develop-ment of the STORK cross-border eID infrastructure, extending it mainly in two directions relevant for LIGHTest in order to support key aspect of trust management related to delegation management and levels of assurance. STORK 2.0 supports enhanced business processes allowing authentication on behalf of another user (i.e. representing a legal person) through electronic mandates and delegation of powers and it also extends the STORK Quality Authentication Assurance model (QAA) that is the basis of eIDAS electronic identification means assurance levels to attributes and attribute providers (AQAA).
e-SENS--Electronic Simple European Networked Services
(Represented by TUBITAK, TUG)
e-SENS is a large scale pilot project with the objective to consolidate, improve, and extend technical solutions to foster electronic interaction with public administrations across the EU. Based on this experience, LIGHTest will use the same approach and tools to render its components mature and robust and bring them to TRL7 and above. WP8 will directly use the "Minder" test-bed that was developed in e-SENS.
TDL--Trust in Digital Life
(Represented by EEMA)
TDL's mission is to create a trusted ecosystem that protects data and assets of citizens and enterprises through which industry can collaborate and provide innovative and trustworthy ICT products and solutions across Europe. Key to this collaboration is the ease in identifying the assured trust chain between components. LIGHTest significantly assists in this key activity
ATTPS--Achieving the Trust Paradigm Shift
(Represented by EEMA)
ATTPS promotes the ideals of TDL through its innovative Generic Trust Architecture Centre (GTAC) which provides a capability to select and test trust components and services from numerous vendors. This selection depends on the identification of the trust chain and its easy assessment. This is a prime example of how LIGHTest will promote and encourage distributed services within a complex ecosystem.
CREDENTIAL--seCuRE clouD identity wALlet
(Represented by ATOS, TUG)
CREDENTIAL will extend trust models, so that not just relying parties consuming identity data, but also cloud identity providers are able to quantify the quality of identity information and determine the LoA of an authenticating user. Based on a cloud identity wallet approach generally seeking for strong identity qualities and strong authentication to the cloud, resulting in high LoA levels, while allowing, where suitable, for organizations to which users belong (i.e. an enterprise) to act as identity providers issuing authentication tokens with authentication results towards cloud service providers, piloting domains will include platforms like LegalCloud from ICERT (Italian market leader for trust services which include electronic archiving and long-term storage, registered electronic mail, etc.). This platform provides generic "digital enabling" services (trust service building blocks) and allows for the implementation of custom-tailored solutions with SaaS service model. LIGHTest may take advantage of CREDENTIAL results related to how to determine the level of assurance (trust list) and quantify the quality of identity information for trust translation purposes.
FIDO--Fast Identity Online Alliance
(Represented by G&D)
The FIDO alliance is an industry consortium that develops specifications for a unified approach on authentication, either based on two-factor authentication (U2F protocol) or on a password-less user experience (UAF-protocol). In mid of 2012 the alliance was formed with six founding members and has now grown to more than 200 members, including major web service providers, financial institutions and software manufacturers. The concept of FIDO is based on the use of local device authenticators that require an attestation to prove the authenticator integrity. LIGHTest may use the FIDO scheme as a basis for the derived mobile identity demonstrator.
(Represented by G&D)
Mobile Connect is a mobile authentication and federation scheme defined by the GSM Alliance (GSMA).It is based on the SIM card as secure authenticator and credential storage. By including a federation gateway the scheme allows issuing identity attestations for external relying parties and thus positions the mobile network operators to become identity providers. Optionally, the Mobile Connect scheme also allows the FIDO protocol for the authentication step. Within LIGHTest the Mobile Connect scheme could be part of the mobile identity demonstrator.
OIX international--Open Identity Exchange
(Represented by OIX UK)
OIX, together with its authoritative global registry for online trust OIXnet and its sister company OpenID Connect, will put their network, community and forums at the disposition of LIGHTest to achieve truly global outreach. Already during the proposal phase, this has resulted in confirmed, non-European members of the advisory board and extra-European contributions to pilots.
(Open-)PEPPOL--Pan-European Public Procurement OnLine
(Represented by IBM)
PEPPOL was a large scale pilot on public e-procurement and OpenPEPPOL is the associa-tion which has assumed full responsibility for the development and maintenance of the PEPPOL specifications, building blocks and its services and implementation across Europe. PEPPOL will provide the operational environ-ment in which LIGHTest will be demonstrated. For this purpose, PEPPOL components need to be "trust-list-enabled" through the use of the LIGHTest client libraries.