Presentation on theme: "Www.prime-project.eu.org PRIME – Privacy and Identity Management for Europe Project Overview Version 1.6 – Feb. 2006."— Presentation transcript:
PRIME – Privacy and Identity Management for Europe Project Overview Version 1.6 – Feb. 2006
Version February, 2006 Overview PRIME – Privacy and Identity Management for Europe PRIME in short –Vision and Objectives –Key Data –Partners PRIME in detail –Objectives –Research Challenges –Principles –Workplan –Reference Group –Standardisation Involvement PRIME Contact
Version February, 2006 PRIME Vision In the Information Society, users can act and interact in a safe and secure way while retaining control of their private sphere.
Version February, 2006 PRIME Objectives Advance the state-of-the-art in privacy-enhancing identity management Demonstrate how to embed European privacy laws and regulations into technology Empower individuals to effectively realise their right to privacy and informational self-determination Development of real-world tools and solutions for identity management
Version February, 2006 PRIME – Some Key Data The PRIME project receives research funding: –EU Sixth Framework Programme –Swiss Federal Office for Education and Science. Integrated Project in the Information Society Technologies Priority Duration: 4 years (March 2004 – February 2008) Budget: M€ 16 (M€ 10 granted EC contribution) Number of participants: 20 Reference Group
Version February, 2006 PRIME Partners IBM Belgium, B IBM Zurich Research Lab, CH Unabhängiges Landeszentrum für Datenschutz, D Technische Universität Dresden, D Katholieke Universiteit Leuven, B Universiteit van Tilburg, NL Hewlett-Packard, UK Karlstads Universitet, S JRC / IPSC Ispra, I Università di Milano, I Centre National de la Recherche Scientifique / LAAS, F Johann Wolfgang Goethe-Universität Frankfurt am Main, D Chaum LLC, USA RWTH Aachen, D Institut EURECOM, F Erasmus Universiteit Rotterdam, NL Fondazione Centro San Raffaele del Monte Tabor, I Deutsche Lufthansa, D Swisscom, CH T-Mobile, D
Version February, 2006 PRIME Objectives (1/2) Advance the state-of-the-art in privacy-enhancing identity management by: –Laying the theoretical foundations, taking into account current environments as well as future scenarios. –Developing novel, practical solutions and approaches to achieve high levels of privacy and security. –Raising awareness of the privacy problems and of practically feasible options.
Version February, 2006 PRIME Objectives (2/2) PRIME takes a highly interdisciplinary approach in order to produce solutions that are –Theoretically desirable; –Technically feasible; –Understandable and manageable by end users; –Socially desirable and acceptable; –Legally required; –Commercially viable and exploitable.
Version February, 2006 PRIME Principles 1.Design starting from maximum privacy 2.System usage governed by explicit privacy rules 3.Privacy rules must be enforced, not just stated 4.Trustworthy privacy enforcement 5.Easy and intuitive abstractions of privacy for users 6.An integrated approach to privacy 7.Privacy integrated with applications
Version February, 2006 PRIME Applications Three specific application areas –Location Based Services –Airport Scenario –e-Learning Expected results: –1 integrated PRIME prototype with some examples of its functionality –3 specific application prototypes
Version February, 2006 PRIME Movie and Tutorials Soon on the PRIME website!
Version February, 2006 PRIME Workplan Organised in blocks and activities Main blocks: 1.Requirements and evaluation 2.Application prototypes 3.Mechanisms research and development 4.Framework and architecture 5.Management and outreach
Version February, 2006 Block 1: Requirements and Evaluation Legal requirements: what legal provisions can be implemented in the technology and what are the boundaries the law sets on the technology. Socio-economic requirements: what are the desirable characteristics and requirements from the perspective of users and businesses and governments. Generic application requirements: what are the requirements from a usability perspective.
Version February, 2006 Block 2: Application Prototypes Block 2 aims at validating, in a real-life environment, the approach, architecture and technology of PRIME. Major scenarios: –On-line health care system (Fondazione Centro San Raffaele); –Location-based services (Swisscom, T-Mobile); –Privacy-preserving customer database (Lufthansa); –Anonymous access to infrastructure for mobile workers (Swisscom, T-Mobile); –E-Learning (Dresden University); –Privacy-enhancing ambient intelligence (JRC).
Version February, 2006 Block 3: Mechanism Research and Development (1/3) Assurance methods: does a technology or service match the user’s & service provider’s privacy requirements. Human-Computer Interface: which concepts and user interface facilitate users to understand the consequences and options when releasing personal information. Ontologies and privacy principles: which formal ontologies are necessary in the complex conceptual framework of the privacy domain.
Version February, 2006 Block 3: Mechanism Research and Development (2/3) Authorisation models: Novel authorisation policies, models and languages are developed which allow expressing and enforcing authorisations of partial identities. Cryptographic mechanisms: The core cryptographic solutions for privacy-enhancing identity management (including credentials) will be provided. Communication infrastructure: Models for address and location privacy against a strong attacker model will be elaborated.
Version February, 2006 Block 3: Mechanism Research and Development (3/3) User/server-side identity management: The prototypes supporting the user and enforcing privacy policies will be designed and implemented. Education: Educational material that address the needs of application developers, service providers, application designers, and end users is being developed.
Version February, 2006 Block 4: Framework First public result: Framework V0 (see webpage) Provides “map” of privacy-enhancing identity management –Problem space –Vision of PRIME –PRIME stakeholders, roles and responsibilities –Application scenarios –Legal and social environment –Business models and economic drivers –PRIME concepts and terminology –PRIME models for users and metaphors
Version February, 2006 Block 5: Public Relations – Project overview News & results Public and internal spaces
Version February, 2006 Reference Group External interested experts providing early feedback on project results from different standpoints: –Data Protection: Dutch Data Protection; Zurich Data Protection; Austrian Data Protection; CNIL; Article 29 Working Party; EDRI – European Digital Rights –Industry: Microsoft EMEA; Ericsson; Hunton & Williams; Eurochambres; The Trust Dimension; Crédit Suisse –Administration: Danish Board of Technology; Austrian e- Government Authority –Independent Research: RAND Europe; Institute of Technology Assessment, Austria –Academia: Free University of Brussels; London School of Economics –Law Enforcement: Ministry of the Interior and Kingdom Relations of the Netherlands –Consumer Protection: BEUC – The European Consumers’ Organisation
Version February, 2006 Standardisation Involvement Several joint members W3C subcontractor IBM, HP HP, IBM (Management Board Members) IBM MS in Reference Group Several joint members Goethe-Universität Frankfurt –ISO/IEC JTC1 SC 27 “IT Security Techniques” –ISO/IEC JTC1 SC 27/WG 3 “Security Evaluation Criteria” –ISO/IEC JTC1 AdHoc Working Group Privacy Technologies –DIN-NI 27 “IT-Sicherheit” HP (Management Board Member) –ISO/IEC JTC1 AdHoc Working Group Privacy Technologies IBM –ISO/IEC JTC1 SC 27/WG “Security Mechanisms”
Version February, 2006 PRIME Contact Project Management: Eric Goderniaux IBM Belgium Public Relations: Marit Hansen Independent Centre for Privacy Protection