DS-02-2014 - Access Control
Specific challenge: Security includes granting access only to the people that are entitled to it. Currently the most widespread approach relies on passwords. Managing the passwords has its limits and poses a challenge to the user, which adds vulnerabilities. Common practice is to use the same or similar password, which increases significantly the risk should the password be broken.
Scope: The focus is on the development and testing of usable, economic and privacy preserving access control platforms based on the use of biometrics, smart cards, or other devices. The solutions are to be installed and tested in a broad-band network, giving access to smart services running over networks with state-of-the-art security, avoiding single points of failure. Proposed work should include the management of the access rights in particular for the service providers, ensure the security and privacy of the databases, facilitate a timely breach notification and remediation to the user, and reduce the insider threat.
The proposed solutions have to guarantee interoperability and portability between systems and services, sparing the user to have to install a platform, service or country specific technology.
Proposed work could assist the objective of implementing a secure information sharing network.
The Commission considers that proposals requesting a contribution from the EU of between €3m and €8m EURO would allow this topic to be addressed appropriately. Nonetheless, this does not preclude submission and selection of proposals requesting other amounts.
Proposals have to address the specific needs of the end-user, private and public security end user alike. Proposals are encouraged to include public security end-users and/or private end users.
Actions supported under this objective will deliver secure, but user-friendly, access to ICT systems, services and infrastructures, resulting in a consumerisation of devices for access control. The level of security of online services and critical infrastructures protected by these access systems should be demonstratably higher than by the state-of-the-art approach. The proposed solutions are expected to support the creation of commercial services making use of electronic identification and authentication.
Type of action: Innovation actions