Identity & Privacy

Securing corporate & personal identity in cyberspace
Description: 

Secure identity and privacy technologies are basic for citizens in the Digital Society & Economy: it is about protecting who and what we are in the context of fundamental human rights and freedoms including the right to personal data protection in all aspects of life involving ICT and online services.

Assurance of identity data security and better privacy protection both create key competitive advantage for Atos and for our public and private partners, having in focus both customer concerns in this regard and existing threats which create social alarm and hamper trust in eServices of global digital markets and ICT systems in general.

Goals: 

Secure identity schemes for Identity and Access Management and the protection of identity-related and other personal and sensitive information (in compliance with regulatory frameworks that guarantee citizen fundamental rights) are basic enablers of trust and security for end-users, and for the eco-system of stakeholders around ICT services.

The Identity and Privacy lab focuses on innovative technological trends in these areas to serve the needs of the Research and Innovation sectors and markets offering trustworthy solutions and assets and fostering competitive advantages in an increasingly complex and distributed environment (Cloud, Big Data, Future Internet, Mobile & Bring-Your-Own, Internet of Things, etc.) where eID and privacy can achieve for Atos customers compliance with regulatory requirements, more efficiency, competitive advantage and enhanced trust towards their end-users, reduced fraud and enhanced cooperation with stakeholders in the eServices value chains.

Main Activities: 
  • Electronic Identity Management Technologies: Identity Lifecycle, Identity Context-Aware Federation and Assurance, Networked Identity, Identity and attributes as a Service (IDaaS/AttaaS).
  • Digital/Electronic Identity Technologies: Electronic certificates, on-line electronic IDs, smartcards, travel documents, cross-border, cross-domain interoperable strong authentication for notified & web-based eIDs and compliance with relevant Regulations (e.g. eIDAS Regulation, ICAO 9303...).
  • Cryptography and Electronic Trust Services: homomorphic encryption for trusted data processing in untrusted environments, secure computation, proxy re-encryption, searchable encryption, malleable signatures, electronic signatures/seals, electronic registered delivery, timestamps, digital preservation.
  • Identity and Access Management: Access Control, Identification, Authentication, Authorization, Federation Gateways, eID brokers,easily configurable authorization policy management, User Management.
  • Data Protection by Design and Privacy Engineering Methodologies: Privacy and Security by Design methodologies, patterns and controls, Privacy Enhancing Technologies (including anonymisation, pseudonymisation, differential privacy, user-defined data protection and sharing policies), User-centric multi-service privacy managers awareness and empowerment tools, Privacy Metrics, Identity Fraud and Theft Prevention.
  • Biometrics: Multi-biometrics, mobile biometrics, crypto-biometrics, automated and mobile border control, usability, standards.
Challenges: 
  • Interoperable eID solutions will be key enablers of secure and seamless access to eServices (e.g. STORK/STORK 2.0 and eIDAS).
  • eID, eIDM, trust services, advanced cryptography and privacy/security-by-design as fundamental enablers of Trust in Future Internet & Cloud.
  • Complex Identity Federation & Data Exchange Scenarios (involving personally identifiable information).
  • Strong (multi-factor) authentication.
  • Identity & Privacy Assurance.
  • Auditing and Compliance.
Current Research Topics and Findings: 
  • Privacy-enhancing technologies and advanced cryptography approaches as building blocks for privacy-enhancing identity management and data management in trusted and untrusted domains.
  • Identity Management-as-a-Service (IDMaaS) & Networked Identity: authentication/identification services composable with other services in the Cloud (identity as a commodity).
  • Methodological approaches: Privacy-by-Design (PbD) including Privacy Impact Assessment, cost & value of privacy compliance, full identity data lifecycle management...
  • Biometrics: Crypto-biometrics, Cancellable biometrics, Mobile biometrics.

Projects

ABC4EU

Automated Border Control Gates for Europe
Edit project Link
H2020

ABC4EU makes border control more flexible by enhancing the workflow and harmonizing the functionalities of Automated Border Control (ABC) gates and other Border Control Processes, aligned with Smart Borders Package of the EU.

ARIES

reliAble euRopean Identity EcoSystem
Edit project Link
H2020

Comprehensive framework and holistic approach of technologies, processes and security features for reliable e-identity ecosystem to improve identity, trust and security, with better support to law enforcement in addressing new cybersecurity threats.

CREDENTIAL

Secure Cloud Identity Wallet
Edit project Link
H2020

Innovative cloud based services for storing, managing, and sharing digital identity information and other personal data. Security of services relies on combination of strong hardware-based multi-factor authentication with end-to-end encryption.

DAPHNE

Data-as-a-Service platform for Healthy Lifestyle and preventive medicine
Edit project Link
FP7

Development of a platform to deliver personalized guidance services for lifestyle management to the citizen/patient.

FIDES

Federated Identity Management System - Phase II
Edit project Link
EIT-DIGITAL

Platform with secure cross-platform identity management system (mobile/desktop), consolidation into a production environment in three national contexts with a sustainable business model.

FOODIE

Farm-Oriented Open Data in Europe
Edit project Link
CIP

Open and interoperable agricultural specialized platform hub on the cloud for the management of spatial and non-spatial data relevant for farming production.

LIGHTest

Lightweight Infrastructure for Global Heterogeneous Trust management in support of an open Ecosystem of Stakeholders and Trust schemes.
Edit project Link
H2020

Global, cross-domain trust infrastructure that renders it transparent and easy for verifiers to evaluate electronic transactions and make domain-specific trust decisions, querying different trust authorities world-wide and combining trust aspects.

MoveUS

ICT cloud-based platform and mobility service: available, universal and safe for all users
Edit project Link
FP7

Changing European users’ mobility habits by offering intelligent and personalized travel information services, helping people to decide the best transport choice and providing meaningful feedback on energy efficiency savings.

PIME

Personal Information Management Ecosystems
Edit project Link
EIT-DIGITAL

Modular, scalable patient-centric privacy tool offering patients a dashboard that shows which caregivers have accessed their data and when. Security features include strong multi-platform authentication, authorization and audit.

PRIPARE

Preparing Industry to Privacy-by-design by supporting its Application in Research
Edit project Link
FP7

Facilitate application of a privacy & security -by-design methodology that contributes to the advent of unhindered usage of Internet, support its practice by the ICT research community, foster risk management culture.

PRISMACLOUD

Privacy and Security Maintaining Services in the Cloud
Edit project Link
H2020

The main idea and ambition of PRISMACLOUD is to enable end-to-end security for cloud users and provide tools to protect their privacy with the best technical means possible - by cryptography.

STRATEGIC

Advanced service distribution network and tools for interoperable programmable, and exploitation of unified public cloud services
Edit project Link
CIP

A cloud enabled framework on various infrastructures with a set of services related to public bodies, opening new horizons in the secure and private migration, adaptation, governance and development of public cloud services.

WITDOM

empoWering prIvacy and securiTy in non-trusteD envirOnMents
Edit project Link
H2020

Automatic and efficient privacy provisioning solutions, keeping data confidential (encrypted and privacy-protected) in the un-trusted environment, while the data owner can operate with and make use of the data in the encrypted domain.