SEMIRAMIS will propose a European information exchange space for the unobstructed flow of data between and across multiple stakeholders by enabling the secure and reliable transfer of documents. It will adhere to all applicable privacy and confidentiality regulations in addition to general security requirements. This will contribute to a significant reduction of the administrative burden imposed on citizens by institutions, universities and public services when exercising their right to free movement within the European Union.
The main goal of SEMIRAMIS is to pilot, in different scenarios, the infrastructure whose major function is to enable the safe, secure and seamless transfer of relevant data to clearly identified users. This will occur in full adaptation and within the limits of the context in which this data is needed for the provision of requested e-services. It will provide an easy-to-implement and easy-to-use solution for single sign-on and secure access to services on which novel offerings can be easily deployed.
SEMIRAMIS will deliver one technological pilot, tested across different scenarios, with the objective to demonstrate the capabilities of the Pilot and its applicability to different environments. In the meantime, it will define reliable and appropriate secure authentication procedures, and complex and detailed ID and role management approaches.
The project's partners are:
- Atos - Spain (coordinator)
- Stuttgart University - Germany
- Murcia University - Spain
- Engineering Ingegneria Informatica - Italy
- European Organisation for Security (EOS) - Belgium
- Portugal Telecom- Portugal
- Ceuti City Council - Spain
- Lecce City Council - Italy
- Polska Telefonia - Poland
The project is funded under: The Information and Communication Technologies Policy Support Programme , Area: CIP-ICT-PSP.2009.7.1 - Internet evolution and security (including RFID): A European infrastructure for secure information management.
Description of target users and groups
Description of the way to implement the initiative
In order to test a technological solution that is adaptable to different environments, SEMIRAMIS foresees several scenarios representing a large number of options related to ID Management and Secure Data Transfer. The tested scenarios will look at different types of interaction such as data transfers and authentication processes within the framework of public-private, inter-institutional, and private-private cooperation. The scenarios will leverage on Telco Services which will not only constitute the infrastructure necessary to enable the communication between different institutions, but will also be an essential part of the IdM infrastructure playing an active and important role on the authentication and attribute exchange procedures as a corner stone for the SEMIRAMIS real world scenarios. Two different models will be tested to ensure that information from one entity is provided to another one in compliance with privacy safeguards: the pull model presupposes an active involvement of the citizen in providing his or her consent which is always requested by the Document Provider. The push model, instead, does not require an active involvement of the citizen, and the citizen's consent is given to the foreign entity only once at the beginning of the process. The Foreign entity then uses this consent at a later time as an authorisation token when access to certain data held by an entity in the citizen's home country is requested.
1) "e-DOC Services for Citizen"
This scenario will look at how organisations can gain virtual access to personal and public documents held in another EU Member State with the agreement of the citizen concerned. Among the Use Cases are "Job hunting in a Foreign Country" case, and "a foreign certificate of residence". It will be explored how a citizen moving to a foreign country can be granted access to specific Foreign Telco services, while maintaining his or her contract with the home Telco provider.
2) "Roaming Student"
This scenario will evaluate the technological Pilot in a cross-organization environment, involving citizens worldwide with their need to exchange personal information. A federation cloud will provide the infrastructure for the secure and trusted exchange of data between federated members, while considering privacy issues (of the student).This scenario will look at how a citizen can have access to his or her user data held by a public body in another country.
Technology solutionTechnology choice: Proprietary technology
Main results, benefits and impacts
- Deploy common rules and specifications for secure information management within organizations and across trans-EU e-service chains, including service compositions with public and private e-services;
- Test, in real life environments, solutions for various types of cross-domain and cross-stakeholders e-services constellations;
- Interact with other EU initiatives to maximize the usefulness of the pilot solutions and services.
- Provide application level, end-to-end security, paying special attention to privacy concerns when dealing with sensitive information
- Secure all communications between the End User, ID Provider and Service Provider
- Support the specific approach of the ID provider in terms of personal or organizational policies
- Implement a User-centric Identity Interoperability, a federated schema that can be managed by public/private organizations
- Interface a pre-existing identity and role management solution (IDEAS) with a comprehensive management solution to control, ensure compliance of agreements between providers and audit information flow and use (RIGER) and a PKI based certificates services WebRAO.
SEMIRAMIS will provide an easy-to-implement and easy-to-use solution for single sign-on and secure access to services on which novel offerings can be easily deployed.
Track record of sharing
The lessons learnt will be completed by the project responsible based on the experience gained throughout the project and when valid results are available.Scope: Cross-border, Pan-European