Federated Identity Management based on Liberty
|Project Coordinator||Project Consortium|
|Guillaume Garnier de Falletans
France Telecom R&D
e-mail: guillaume.garnierdefalletans (at) francetelecom.com
|TeliaSonera, FI||Telenor, NO|
|Axalto, FR||Amena, ES|
|France Telecom R&D, FR||Ericsson, ES|
|Italtel, IT||Inetsecur, ES|
|Oslo University College, NO||Moviquity, ES|
This is a “Celtic” project;
|Project Key Information|
|End date||Budget (total)||Effort (total)||Project-ID|
|April 2005||December 2006||9.4 MEuro||71.1 PY||CP2-013|
|The efficient management of user identities has become an essential function in e-business and e-government applications. But at present user identities on the Internet are fragmented across various identity providers: e-business services, portals, employers, public on-line services, etc. The management of multiple login/password combinations to access e-services is neither efficient for the professional (regarding functionality, cost and security), nor user-friendly and trustful for the end-user.Federated network identity concepts that allow Single-Sign-On (SSO) are proposed as solution to current shortcomings and as new business enablers: the Liberty Alliance has elaborated a federated identity management (IDM) model based on open architectures and standards as opposed to proprietary solutions. Whilst the Liberty specification work is well advanced, no complete practical implementation and evaluation has yet been made to test this concept. The FIDELITY-Project will implement a federated pan-European IDM system based on the Liberty concept, and will evaluate its technical viability and performance and capability to meet business, end-user and security/privacy requirements.
In the FIDELITY-Project a consortium of leading European telcos, industry and research organisations will implement Circles of Trust (CoTs) according to Liberty specifications on 3 sites. They will demonstrate their interoperability, showing that local identity federations can interact at pan-European level, enabling exchange of identity and authentication of citizens between service and identity providers, whilst the usage and validity duration of identity data remains totally under the user’s control and acceptance.
The FIDELITY-Project will develop and evaluate technical solutions for the implementation of appropriate elements in the fixed network and in the smart card of the mobile network (SIM). The proof-of-concept tests and demonstrations will include mobile, fixed and Internet scenarios. Added value services based on user’s attributes such as presence and geo-location, or other personal identity attributes will enhance the demonstrations. The project results will be analysed and made available with recommendations and considerations about a totally new range of services particularly suited for telcos, on behalf of e-service providers: identity management, personal ID and attribute providers, identity/ attribute roaming in inter-CoT context, and the negotiation of user controlled security/data levels in electronic transactions.