July 2017

Latest Public Deliverables

Throughout the course of the LIGHTest project, there are a number of external and internal project deliverables available. So far we have a number of public deliverables which cover a range of different topics related to the LIGHTest project. Below we have listed those currently available with a brief summary.

Requirements and Use Cases

This goal of this deliverable is to establish requirements and uses cases for the LIGHTest project. With regards to the establishment of requirements, this is done by first defining five categories of requirements that will give a full perspective of what is needed to achieve the highest potential of success. Next, there are three driving artefacts in the LIGHTest project. The three artefacts are the Reference Architecture, Implementation, and the Pilots. With that, each established requirements will need to rank the level of importance in reference to each of these artefacts. The process and definition of these tasks will be elaborated in the introduction. With regards to the establishment of use cases, this deliverable includes a chapter dedicated to various use cases that could demonstrate the strengths and possibilities for LIGHTest.

Reference Architecture

Scope of this deliverable is the description of the architecture of LIGHTest. It refers to the fundamental macroscopic system structures to be realized in Lightest.

This document describes architectural principles and both functional and technical goals addressed by the architecture and gives a high level explanation of all involved components to be specified in detail and developed in the specific work packages. It also provides a terminology in order to create a common understanding and gives an overview of standards that are relevant in the context of LIGHTest. For a better understanding, this document also provides scenario descriptions for the basic functionality of LIGHTest and gives examples of more sophisticated scenarios such as realised in the pilots.

Inventories

In order to get a greater understanding of the basis that LIGHTest is building upon, it is essential to conduct a state-of-the-art analysis of the key topics that will be built upon. After reviewing the key components and building blocks of the project, a set of eight different topics were taken into consideration. In particular, the key points of interest include the following: (i) existing trust schemes and trust (status) lists, (ii) existing device attestation schemes, (iii) relevant trust list formats, (iv) relevant delegation schemes, (v) relevant trust policies and policy languages, (vi) existing trust translation schemes, (vii) best practice derivation schemes for mobile identities, and (viii) best practices of interaction design.

With that, each topic will be seen from two different sides. First, there will be a broad academic perspective that will be explored. This will include gaining insight on current related research, relevant methods and strategies, definitions, relevant EU projects, etc. that are involved for the topic. Second, there will be a broad industry perspective that will be explored. Depending on the topic at hand and the existing material, the industry perspective includes relevant work in the industry that is being done and/or insight on the legal side involved in the topic, which may be useful later on in the project.  Overall, by having both of these sides of insights it helps to gain a full rounded perspective that observes both the current and relevant research rigor and how these topics have been integrated or applied in practice. 

Definition of Requirements for Derivation and Attestation of Mobile IDs

As the use of mobile devices is more and more dominating the landscape of electronic transactions, this deliverable concentrates on defining and realizing a system of mobile electronic identities that can be used for a large group of use cases like identification, authentication and signing of transaction data. This background immediately suggests several trust schemes with their respective trust publication authorities that are interrelated and require a mutual coordination as well as a propagation of trust-related information. For defining the requirements, the ultimate trust-related question of the derived mobile ID scheme is for the relying party how to assess the overall Level of Assurance (LoA) of the presented mobile ID. Consequently, the challenge of the requirements work is to define a scheme in which the relying party can obtain and verify all information required to assess the overall LoA and trust level of the presented mobile ID.

This deliverable documents the requirements for the ID derivation, the credential storage the device attestation and the propagation of trust information. To approach the complex scenario in a structured way this deliverable focuses on relatively generic requirements on the architecture level. 

You can read all the latest public deliverables here