Opendata, web and dolomites
  1. home
  2. trasparenza
  3. open h2020
  4. lightest
  5. reports

Report

Teaser, summary, work performed and final results

Periodic Reporting for period 1 - LIGHTest (Lightweight Infrastructure for Global Heterogeneous Trust management in support of an open Ecosystem of Stakeholders and Trust schemes.)

Teaser

LIGHTest develops a lightweight trust infrastructure providing parties of electronic transactions with automatic validation of trust based on their individual trust policies. To ease integration and improve availability on any system, LIGHTest makes use of the existing global...

Summary

LIGHTest develops a lightweight trust infrastructure providing parties of electronic transactions with automatic validation of trust based on their individual trust policies. To ease integration and improve availability on any system, LIGHTest makes use of the existing global Domain Name System (DNS) for publication, querying, and cross-jurisdiction translation of information relevant to make such decisions, including levels of assurance. Building on top of the existing global infrastructure of the domain name system and explicit efforts to reach international acceptance enable LIGHTest to offer truly “global trust lists”.
LIGHTest addresses both, the trustworthiness of single artefacts and that of complete electronic transactions. It provides a lightweight trust verification library that can easily be integrated in a wide range of applications and systems. This will be demonstrated in the pilot applications.
A large number of electronic transactions occur naturally across borders and jurisdictions. An example is a European company which operates in an international market and receives purchase orders from anywhere in the world. The growing need to conduct business electronically to stay competitive, the planned trade agreements, and ever increasing globalization further underline the need for a trust infrastructure that is global. The LIGHTest trust infrastructure is therefore designed to be global, supporting an open ecosystem of stakeholders and trust schemes. Global operation and acceptance of the LIGHTest trust infrastructure is achieved, among others, by implementation on top of the already existing and well-accepted Domain Name System.
When assessing the trustworthiness of foreign certificates and other artefacts, verifiers need to know which foreign trust schemes to accept and how these map to the trust schemes of the local jurisdiction. For this purpose, LIGHTest provides trust translation authorities that are queried transparently by an automatic trust verifier as needed. LIGHTest supports delegation as an integral part of its trust infrastructure.

Work performed

The work on the project officially started in September 2016. The kick-off meeting was held from September 13 until September 15 in Stuttgart, Germany. Newsletters where sent out and a press release was published to raise the awareness of the project. A public website (http://lightest.eu/) as well the international website of the project (http://www.lightest-community.org/) were set up to promote the project and to inform the public from all over the world of important news. For successful cooperation, several guidelines have been published to streamline the efforts among partners. In addition, the basis for a common terminology has been formed. A quality control manual describes all adopted procedures to guarantee the running of a quality assurance process all along the project. An advisory board has been set up, including experts from industry and research, representative of public administration, and potential users who will give constructive and critical advice throughout the duration of the project.
In the first period of the project a lot of effort was put into the survey and definition of functional, economical, security and accountability, privacy and usability requirements as well as several inventories and use cases. In addition, one of the main artefacts of the project, the reference architecture has been defined and the technical work on the infrastructure of the processes has started: Trust Policy Language (TPL) has been developed using concepts from logic programming as well as a consolidated approach for publishing Trust Information. As regards to the trust propagation of derived mobile IDs, its architecture has been defined and the demonstrator has already been successfully implemented. A significant progress has been made in the testing task as well: the setup of Minder Testbed, which applied architecture is re-designed for the LIGHTest system, has been accomplished in order to perform conformance, interoperability and system tests.
In the last eighteen months, several workshops and project meetings have been held, including general meetings in Madrid in March 2017, Graz in September 2017, and Seville in March 2018 where partners shared the progress on their work packages and discussed future steps, synchronized efforts made important decisions.
Furthermore, the LIGHTest project was present at several events and conferences, coming in touch with other relevant projects and informing potential users, beneficiaries and researchers about the project. Among them were a workshop at the Data Processing Center of the Ministry of Transportation, Communications, and High Technologies of Azerbaijan, Cloud Identity Summit in Chicago, Open Identity Summits in Rome and Karlstad, and numerous other events. Moreover, in the framework of LIGHTest several successful workshops were organized: Joint Workshop on Digital Identity related to ID2020 in Munich and UNHCR workshop in Copenhagen.

Final results

LIGHTest goes beyond the current systems of trust infrastructure and offers new, more elaborate, and secure solutions. With regard to trust lists, LIGHTest renders them entries queryable and thus easy to use by applications. LIGHTest is thus a “trust-list-enabler” for off-the-shelf applications. Moreover, LIGHTest makes the use of trust lists by applications as easy as Validation Authorities (VAs) do, but at a much lower cost, with network efficiency improved by orders of magnitude, and even in areas where sending whole documents to 3rd parties is unacceptable. VAs only support homogeneous trust models, while LIGHTest permits heterogeneous models—a prerequisite to global scalability. LIGHTest will seamlessly and transparently integrate the mapping of foreign trust lists into a domestic context including the necessary discovery of the involved authorities.
LIGHTest supports delegation management at the level of trust management, rather than in applications (such as an authentication system like STORK). This allows taking the level of assurance of the delegation itself into account. It also renders delegation management interoperable across a large range of systems.
The LIGHTest trust policy is optimized for realistic electronic transactions, provides support for trust translation and delegation, and empowers non-technical users to easily author and understand policies.
LIGHTest is largely pioneering the propagation of trust from existing identities (such as eIDs) to mobile identities on user-owned devices since very little previous work is has been done.
As a result, LIGHTest will provide a lightweight trust infrastructure that offers parties of electronic transactions the automatic validation of trust based on their individual trust policies. This will be done with the help of the existing global Domain Name System (DNS) for publication, querying, and cross-jurisdiction translation of information relevant to make such decisions, including levels of assurance. For demonstration, LIGHTest will develop two pilot applications that will show how the existing functionality of modern trust management applications is extended by the innovative features of LIGHTest.
The results of the LIGHTest project will have an impact on various application fields since trust management is critical for a large number of processes.

Website & more info

More info: http://www.lightest.eu.