Title: PRIME Privacy and Identity Management for Europe
1PRIME Privacy and Identity Management for
Europe
- Vision Objectives First Results
2PRIME Vision
- In the Information Society, users can act and
interact in a safe and secure way while retaining
control of their private sphere.
3PRIME Objectives
- Advance the state-of-the-art in privacy-enhancing
identity management - Demonstrate how to embed European privacy laws
and regulations into technology - Empower individuals to effectively realise their
right to privacy and informational
self-determination - Development of real-world toolsand solutions for
identity management
4PRIME Approach (1/2)
- Advance the state-of-the-art in
privacy-enhancing identity management by - Laying the theoretical foundations, taking into
account current environments as well as future
scenarios. - Developing novel, practical solutions and
approaches to the validation and communication of
the level of privacy and security achieved. - Raising awareness of the privacy problems and of
practically feasible options.
5PRIME Approach (2/2)
- PRIME takes a highly interdisciplinary approach
in order to produce solutions that are - Technically feasible
- Understandable and manageable by end users
- Socially desirable and acceptable
- Legally required
- Commercially viable and exploitable.
6PRIME Principles
- Design starting from maximum privacy
- System usage governed by explicit privacy rules
- Privacy rules must be enforced, not just stated
- Trustworthy privacy enforcement
- Easy and intuitive abstractions of privacy for
users - An integrated approach to privacy
- Privacy integrated with applications
7PRIME Key Technology Elements
- Pseudonyms
- Anonymity
- Credentials
- Policy negotiation
8Detailed Objectives Block 1-3
- Block 1 Requirements and Evaluation
- Legal, socio-economic, generic application
requirements - Block 2 Application Prototypes
- E-learning, privacy-preserving customer database,
location-based services, etc. - Block 3 Mechanism Research and Development
- Assurance methods, Human-Computer Interface
(HCI), ontologies and privacy principles,
authorisation models, cryptographic mechanisms,
communication infrastructure (e.g. anonymity),
user/server-side identity management, education
9First Results Block 4 Framework
- First public result Framework V0 (see webpage)
- Provides map of privacy-enhancing identity
management - Problem space
- Vision of PRIME
- PRIME stakeholders, roles and responsibilities
- Application scenarios
- Legal and social environment
- Business models and economic drivers
- PRIME concepts and terminology
- PRIME models for users and metaphors
10Further Main Deliverables/ Expected Results
- Requirements
- Legal
- Socio-economic
- Applications
- HCI (Human-Computer Interface)
- Architecture (functions/modules and relationship
between functions/modules) - Prototype(s)
- Prototype evaluation
- Dissemination (tutorials, presentations, white
paper, etc.)
11Standardisation Involvement
- Goethe-Universität Frankfurt
- ISO/IEC JTC1 SC 27 IT Security Techniques
- ISO/IEC JTC1 SC 27/WG 3 Security Evaluation
Criteria - ISO/IEC JTC1 AdHoc Working Group Privacy
Technologies - DIN-NI 27 IT-Sicherheit
- HP (Management Board Member)
- ISO/IEC JTC1 AdHoc Working Group Privacy
Technologies - IBM
- ISO/IEC JTC1 SC 27/WG Security Mechanisms
- Several joint members
- W3C subcontractor
- HP, IBM (Management Board Members)
- IBM
- MS in Reference Group
12PRIME Contact
- http//www.prime-project.eu.org/
- Project Management Gérard LacosteIBM La Gaude
Project Office for European Projectslacoste_at_fr.ib
m.com - Public Relations Marit HansenIndependent
Centre for Privacy Protectionprime_at_datenschutzzen
trum.de
13PRIME Some Key Data
- The PRIME project receives research funding from
the Communitys Sixth Framework Programme and the
Swiss Federal Office for Education and Science. - Integrated Project in the Information Society
Technologies Priority - Duration 4 years (March 2004 February 2008)
- Budget M 16 (M 10 granted EC contribution)
- Number of participants 20
- Reference Group
14PRIME Partners
15PRIME Partners
- IBM France, F
- IBM Zurich Research Lab, CH
- Unabhängiges Landeszentrum für Datenschutz, D
- Technische Universität Dresden, D
- Katholieke Universiteit Leuven, B
- Universiteit van Tilburg, NL
- Hewlett-Packard, UK
- Karlstads Universitet, S
- JRC / IPSC Ispra, I
- Università di Milano, I
- Centre National de la Recherche Scientifique /
LAAS, F - Johann Wolfgang Goethe-Universität Frankfurt am
Main, D - Chaum LLC, USA
- RWTH Aachen, D
- Institut EURECOM, F
- Erasmus Universiteit Rotterdam, NL
- Fondazione Centro San Raffaele del Monte Tabor,
I - Deutsche Lufthansa, D
- Swisscom, CH
- T-Mobile, D
16PRIME Workplan
- Organised in blocks and activities
- Main blocks
- Requirements and evaluation
- Application prototypes
- Mechanisms research and development
- Framework and architecture
- Management and outreach
17Reference Group
- External interested experts providing early
feedback on project results from different
standpoints - Data Protection Authorities Dutch Data
Protection Zurich Data Protection Article 29
Working Party - Industry Microsoft EMEA Philips Research
Ericsson Migros Hunton Williams Eurochambres - Administration Danish Board of Technology
- Independent Research RAND Europe Institute of
Technology Assessment, Austria - Academia Free University of Brussels London
School of Economics University of Dar es Salaam,
Tanzania - Law Enforcement Ministry of the Interior and
Kingdom Relations of the Netherlands - Consumer Protection BEUC The European
Consumers Organisation
18Block 5 Public Relations http//www.prime-proje
ct.eu.org/
- Project overview
- News results
- Public and internal spaces
19Detailed Objectives Block 1 Requirements and
Evaluation
- Legal requirements Legal experts shall ensure
that PRIME technology is fully compliant with
applicable laws and regulations. - Socio-economic requirements Established economic
theories will be applied in the emerging field of
privacy-enhancing identity management. - Generic application requirements Requirements
will be identified that are relevant to PRIME in
the near as well as longer term.
20Detailed Objectives Block 2 Application
Prototypes
- Block 2 aims at validating, in a real-life
environment, the approach, architecture and
technology of PRIME. - Major scenarios
- On-line health care system (Fondazione Centro
San Raffaele) - Location-based services (Swisscom, T-Mobile)
- Privacy-preserving customer database (Lufthansa)
- Anonymous access to infrastructure for mobile
workers (Swisscom, T-Mobile) - E-Learning (Dresden University)
- Privacy-enhancing ambient intelligence (JRC).
21Detailed Objectives Block 3 Mechanism Research
and Development (1/3)
- Assurance methods Users as well as service
providers will be supported in gaining assurance
of whether a technology or service matches their
privacy requirements. - Human-Computer Interface HCI concepts and user
interfaces will be developed which provide users
with a clear understanding about consequences and
options when releasing personal information. - Ontologies and privacy principles Formal
ontologies will be elaborated which communicate
the complex conceptual framework of the privacy
domain.
22Detailed Objectives Block 3 Mechanism Research
and Development (2/3)
- Authorisation models Novel authorisation
policies together with their related model and
language will be developed which allow expressing
and enforcing authorisations depending on
different partial identities of the requestors. - Cryptographic mechanisms The core cryptographic
solutions for privacy-enhancing identity
management (including credentials) will be
provided.
23Detailed Objectives Block 3 Mechanism Research
and Development (3/3)
- Communication infrastructure Models for address
and location privacy against a strong attacker
model will be elaborated. - User/server-side identity management The
prototypes supporting the user and enforcing
privacy policies will be designed and implemented
(at the user as well as at the server side). - Education Educational material of many facets of
PRIME will be worked out which address the needs
of application developers, service providers,
application designers, and end users.