SEMIRAMIS (Secure Management of Information across multiple Stakeholders) is a pilot infrastructure to provide e-services with the required underlying secure authentication and management approach and tests it through two scenarios representing a large number of options related to ID Management and Secure Data Transfer:
1) a scenario that involves public and private organizations and legal requirements for exchange of sensitive information;
2) a scenario that involves worldwide citizen and their requirement to exchange personal information.
A third Scenario is envisaged to involve public and private organizations and legal requirements for tax inspection processes.
For all scenarios, the pilot will take in consideration the owner of the information, the ID Provider and the Service Provider with their interactions, the data flow, the legal context and usage audit. The same infrastructure will be used across both scenarios.
- Deploys common rules and specifications for secure information management within organizations and across trans-EU e-service chains, including service compositions with public and private e-services;
- Tests, in real life environments, solutions for various types of cross-domain and cross-stakeholders e-services constellations;
- Interacts with other EU initiatives to maximize the usefulness of the pilot solutions and services.
- Provides application level, end-to-end security, paying special attention to privacy concerns when dealing with sensitive information
- Secures all communications between the End User, ID Provider and Service Provider
- Supports the specific approach of the ID provider in terms of personal or organizational policies
– Implements a policy management solution, based on the XACML standard, to protect the system access and usage
- Uses the RIGER tool to ensure compliance of agreements between providers, and a dedicated audit tool to monitor and report the information flow.
SEMIRAMIS will provide an easy-to-implement and easy-to-use solution for single sign-on and secure access to services on which novel offerings can be easily deployed. SEMIRAMIS will be based on leading edge technologies based on XML derivatives, mainly SAML 2.0 which is largely considered a key technology in the area of federated identity management. SEMIRAMIS will take advantage of the RADIUS (Remote Authentication Dial-In User Service) infrastructure which has been successfully brought into production in the last two years, implemented into an access process based on 802.1X. For achieving data security, a PKI (Public Key Infrastructure) will be used.