Identity & Privacy

Securing corporate & personal identity in cyberspace
Description: 

Secure identity and privacy technologies are key enablers for citizens to interact safely in our Digital Society and for businesses addressing Digital Transformation / Industry 4.0.  They allow to efficiently protect who and what we are, addressing -in all aspects of life involving ICT and online services- fundamental human rights and freedoms including the right to personal data protection.

Both the assurance of identity data security and advanced privacy protection create key competitive advantage for Atos and for our public and private partners, having in focus both end-user and customer concerns in this regard and the existing threats which create social alarm and hamper trust in eServices of global digital markets and ICT systems in general.

Our vision is all-encompassing and considers the role of identity and privacy in the context of the latest areas of technological innovation in close interaction with other ARI teams, be it Cloud Computing, Big Data, Internet of Everything, Blockchain or intelligent algorithms and machine learning. 

Goals: 
  • Provide, through secure identity schemes for interoperable Identity and Access Management and the protection of identity-related and other personal and sensitive information (in compliance with regulatory frameworks setting high standards such as the GDPR or eIDAS), the basic enablers of trust and security that end-users, and the eco-systems of stakeholders in the eServices value chains, need.
  • Focus on innovative technological trends in all areas to serve the needs of the Research and Innovation sectors and markets offering trustworthy solutions and assets and fostering competitive advantages in an increasingly complex and distributed environment (Cloud, Big Data, Future Internet, Mobile & Bring-Your-Own, Internet of Things, etc.).
  • Provide advanced and customized eID and privacy solutions, including "as-a-Service" that can achieve for Atos customers compliance with regulatory requirements, more efficiency, competitive advantage and enhanced trust towards their end-users, reduced fraud and enhanced cooperation with public and private stakeholders for a safer and trustworthy cyber-world.
Main Activities: 
  • Electronic Identity Management Technologies: Best Practices for Identity Lifecycle, Mobile Identity, Identity Virtualization & Derivation, Mobile & Cloud-based Wallets, Identity Context-Aware Federation and Assurance, Networked Identity, Identity and attributes as a Service (IDaaS/AttaaS), Identity Standards, Architectures & Trust Models.
  • Digital/Electronic Identity Technologies: Electronic certificates, On-line Electronic IDs, Smartcards, Travel Documents, Cross-border & Cross-domain Interoperable Authentication for Notified & Web-based eIDs, Sector-specific (health, education, geospatial, smart cities...) Identity Solutions, Compliance with relevant Regulations (e.g. eIDAS Regulation, ICAO 9303...).
  • Cryptography and Electronic Trust Services: Functional Encryption, Homomorphic encryption for trusted data processing in untrusted environments, Secure Computation, Proxy Re-encryption, Searchable encryption, Malleable Signatures, Electronic Signatures/Seals, Electronic Registered Delivery, Timestamps, Digital preservation.
  • Identity and Access Management: Access Control, Identification, Strong Authentication, Authorization, Federation Gateways, eID brokers, Easily Configurable Authorization Policy Management, User Management, Identity Crimes Prevention and Investigation, Identity Recovery.
  • Data Protection by Design and Privacy Engineering Methodologies: Privacy and Security by Design Methodologies, Patterns and Controls, Privacy Enhancing Technologies (including anonymisation, pseudonymisation, differential privacy, user-defined data protection and sharing policies), Anonymous Cryptocurrencies, User-centric Multi-service Privacy Managers Awareness and Empowerment Tools, Privacy Metrics, Identity Fraud and Theft Prevention.
  • Border Control & Biometrics: Automated and Mobile Border Control, Next-Generation Border Control Systems (Entry-Exit Systems, Registered Traveller Programmes, PNR...), Multi-biometrics & Fusion, Mobile Biometrics, Crypto-Biometrics, Usability, Standards.
Challenges: 
  • Interoperable eID and managed IAM solutions will be key enablers of secure and seamless access to eServices (e.g. CEF eID and eIDAS).
  • eID, eIDM, trust services, advanced cryptography and privacy/security-by-design as fundamental enablers of Trust in Future Internet & Cloud.
  • Complex Identity Federation & Data Exchange Scenarios (involving personally identifiable information), including scenarios involving Big Data, Cloud Computing and/or Internet of Things.
  • Simultaneously strong (multi-factor) and user-friendly authentication.
  • Identity & Privacy Assurance.
  • Auditing and Compliance.
Current Research Topics and Findings: 
  • Privacy-enhancing technologies and advanced cryptography approaches as building blocks for privacy-enhancing identity management and data management in trusted and untrusted domains, data protection provider approaches and technological facilitators for regulatory compliance.
  • Identity Management-as-a-Service (IDMaaS) & Networked Identity: authentication/identification services composable with other services in the Cloud (identity as a commodity).
  • Efficient, integrated and smart border control solutions addressing latest initiatives on Smart Borders and facilitating information sharing across large systems.
  • Methodological approaches: Privacy-by-Design (PbD) including Privacy Impact Assessment, cost & value of privacy compliance, data protection in context of Big Data applications, full identity data lifecycle management.
  • Biometrics: Crypto-biometrics, Cancellable biometrics, Mobile biometrics.

Projects

ABC4EU

Automated Border Control Gates for Europe
Edit project Link
H2020

The project makes border control more flexible by enhancing the workflow and harmonizing the functionalities of Automated Border Control (ABC) gates and other Border Control Processes, aligned with Smart Borders Package of the EU.

ARIES

reliAble euRopean Identity EcoSystem
Edit project Link
H2020

Comprehensive framework and holistic approach of technologies, processes and security features for reliable e-identity ecosystem to improve identity, trust and security, with better support to law enforcement in addressing new cybersecurity threats.

CREDENTIAL

Secure Cloud Identity Wallet
Edit project Link
H2020

Innovative cloud based services for storing, managing, and sharing digital identity information and other personal data. Security of services relies on combination of strong hardware-based multi-factor authentication with end-to-end encryption.

DAPHNE

Data-as-a-Service platform for Healthy Lifestyle and preventive medicine
Edit project Link
FP7

Development of a platform to deliver personalized guidance services for lifestyle management to the citizen/patient.

FIDES

Federated Identity Management System - Phase II
Edit project Link
EIT-DIGITAL

Platform with secure cross-platform identity management system (mobile/desktop), consolidation into a production environment in three national contexts with a sustainable business model.

FOODIE

Farm-Oriented Open Data in Europe
Edit project Link
CIP

Open and interoperable agricultural specialized platform hub on the cloud for the management of spatial and non-spatial data relevant for farming production.

LEPS

Leveraging eID in the Private Sector
Edit project Link
Connecting Europe Facility (CEF)

Enables private sector elecronic services providers to connect to the Pan-European elDAS infrastructure for cross-border electronic identification and authentication, following elDAS Regulation.

LIGHTest

Lightweight Infrastructure for Global Heterogeneous Trust management in support of an open Ecosystem of Stakeholders and Trust schemes.
Edit project Link
H2020

Global, cross-domain trust infrastructure that renders it transparent and easy for verifiers to evaluate electronic transactions and make domain-specific trust decisions, querying different trust authorities world-wide and combining trust aspects.

MoveUS

ICT cloud-based platform and mobility service: available, universal and safe for all users
Edit project Link
FP7

Changing European users’ mobility habits by offering intelligent and personalized travel information services, helping people to decide the best transport choice and providing meaningful feedback on energy efficiency savings.

PIME

Personal Information Management Ecosystems
Edit project Link
EIT-DIGITAL

Modular, scalable patient-centric privacy tool offering patients a dashboard that shows which caregivers have accessed their data and when. Security features include strong multi-platform authentication, authorization and audit.

PRISMACLOUD

Privacy and Security Maintaining Services in the Cloud
Edit project Link
H2020

The main idea and ambition is to enable end-to-end security for cloud users and provide tools to protect their privacy with the best technical means possible - by cryptography.

STRATEGIC

Advanced service distribution network and tools for interoperable, programmable, and exploitation of unified public cloud services
Edit project Link
CIP

A cloud enabled framework on various infrastructures with a set of services related to public bodies, opening new horizons in the secure and private migration, adaptation, governance and development of public cloud services.

WITDOM

empoWering prIvacy and securiTy in non-trusteD envirOnMents
Edit project Link
H2020

Automatic and efficient privacy provisioning solutions, keeping data confidential (encrypted and privacy-protected) in the un-trusted environment, while the data owner can operate with and make use of the data in the encrypted domain.