The first goal of ReCRED research project was to simplify the user authentication process to the online world, by proposing itself such a high goal to eliminate passwords from the end-user life. The project did not innovate or discovered new technologies, but it took the existing ones: delegated authentication, asymmetric key authentication, biometric authentication of end-user, machine-to-machine authentication, attribute-based access control, and integrated them into a new and innovative platform. The second goal of the project was to get together the industry and academic societies in the same project, in a partnership regulated by the European rules, with the common purpose to improve the end-user experience and security in the online environment.
As Marie Skłodowska Curie European Research Program requires, this project’s main goal is to exchange information between private companies and European universities and to help young researchers learn new technologies and apply them to innovative projects, new or existing ones. In INCOGNITO, technically we chose to continue the ReCRED project, to achieve the goal that is to combine state-of-the-art technologies in a platform that will allow users to easily understand what is needed to access online services with respect to their privacy and be able to prove specific attributes of their identity or their whole identity. We build on top of the framework that is being developed under the ReCRED project where we use advanced mobile software in order to convert online and physical identity proofs into validated and cryptographically strong proofs of identities that can be used for getting access to online services.
As the cloud era is flourishing, the identity moves from the physical ID card that we used to have (and Romania still has it), to electronic identity. Electronic identity does not mean only a change in the physical card, in such a way that it contains an electronic chip to enable interactions with gov services for authentication and digital signatures purposes. Electronic identity should be regarded as the sum of user attributes that identifies uniquely the user and that might include the user identity in social media/networking. Besides that, online identity means also the user ability to securely authenticate to different online services, including gov, banking ones, but also the ability to securely demonstrate to any party that the person behind the operation executed is the same one as the one that owns the electronic identity.
Going further, a bold direction is the decentralization of the identity such way that the owner is in the complete control of it. That also means that the end user is not able to impersonate someone else and, in the same time, is better protected from identity theft. certME is a research project born in the certSIGN research incubator that further evolved into a product that implements the decentralization of the user identity using a distributed application running the public Ethereum blockchain.
In the beginning of www, data accessibility was so reduced, that the matter of encrypting it was not a priority. As the internet evolved especially towards cloud computing, with information moved into online storage, the necessity of encrypting data become a mandatory requirement. The problem was partially solved, by securing the data in transit by the means of secure communication protocols (e.g. SSL, TLS) and securing the data stored online by the means of encrypted hardware of software containers, but the data in use is still an open issue. The dawn of homomorphic encryption (HE) revealed the theoretical possiblity of having your information securely stored into cloud, in an encrypted form, and still being able to transform it, without revealing the secret encryption key, by applying a special set of transformations directly on the encrypted data. With certFHE we started the research of innovative encryption algorithms.
ECHO (the European network of Cybersecurity centres and competence Hub for innovation and Operations) is an European research project which aims to develop innovative solutions for the safety of European Digital Single Market, provide education and training of security specialists, a certification scheme and governance model. The consortium is working to develop the ECHO Multi-Sector Assessment Framework, the ECHO Early Warning System, the ECHO Federation of Cyber Ranges, the ECHO Inter-Sector Technology Roadmaps, ECHO Cyber Skills Framework, ECHO Cybersecurity Certification Scheme. Our company is actively involved in the development of the Early Warning System (EWS), a software system for coordinating and sharing cyber relevant information in near-real-time which potentially could serve all the network of centres of competences across Europe.