Skip to main content

Secure Cloud Identity Wallet


Identity wallet service

The central identity wallet service used in all different use case specific pilot sites is deployed and accessible for service provider side integration

Test and evaluation report of pilot domain 3 (e-Business)

e-Business evaluation and testing report

Test and evaluation report of pilot domain 1 (e-Government)

e-Government evaluation and testing report

Test and evaluation report of pilot domain 2 (e-Health)

e-Health evaluation and testing report

System security requirements, risk and threat analysis – 2nd iteration

Based on the pilot definition in T6.1 and the elaborate vulnerability catalogue and this report contains an updated version of the security analysis from D2.2.

Recommendations for improving identity protocols

Detailed documentation of enhancements and improvements w.r.t. identity protocols

Proxy cryptography potential for current identity management solutions

Assess. to which extent current IdM systems and solutions can be enhanced with proxy cryptography schemes

Guidelines for secure authentication to the cloud

Detailed documentation of enhancements and improvements w.r.t. authentication mechanisms

Security enhancements for basic cryptographic technologies

Detailed documentation of basis cryptographic technology enhancements

Final report on standardization activities and achievements

Summary of project standardization activities during the reporting period

UI Prototypes V1

Demonstration of first version of user interface prototypes

System security requirements, risk and threat analysis – 1st iteration

Analysis of threats, evaluation of risks and def. of security measurements through established methods (STrIDE&DREAD)

Exploitation Plan and Report

first version contains project-wide exploitation plans including impact creation plan with specific exploitation measures; the second version will report the exploitation activities performed and the business models suitable for market adoption of Secure Cloud Identity Wallet

Functional Design

Detailed functional design of the architecture as basis for the technical design and implementation

User centric privacy and usability requirements

Requirements for centric privacy design aspects

Recommendations on privacy-enhancing mechanisms

Report providing detailed analysis of privacy risks and recommendations to mitigate the identified risks

Gap analysis for current identity management standards

Detailed assessment of identity management technologies and standards identifying gaps w.r.t. to the support of encrypted identity data

Assessment report on cryptographic technologies, protocols and mechanisms

Detailed report on assessment of security technologies regarding CREDENTIAL requirements w.r.t. to encryption, identity protocols and authentication mechanisms

CREDENTIAL technology overview and recommendations for applications

Summary of lessons learned from piloting and recommendations for adoption of CREDENTIAL technology and the application of developed components

Recommendations for operating the CREDENTIAL wallet

Summary and lessons learned from operating the CREDENTIAL identity wallet service

Cloud identity wallet requirements

Documentation of all collected requirements and offering of knowledge base for requirements engineering

Protocol and software integration guidelines

HowTo’s and best-practice guidelines for IdM software producers and standard organizations facilitating the easy take-up of proxy cryptography

Vulnerability catalogue

Report on the assessment of vulnerabilities present in federated IAM systems in general and the CREDENTIAL system in particular

UI Prototypes V2 and HCI Patterns

Demonstration of the final user interface prototypes and report about HCI patterns for Cloud Identity Wallets

Pilot use case specification

Detailed specification of use cases with consideration of pilot site backend infrastructure and client side integration

Scenarios and use-cases

Detailed description of applicable scenarios and formalized use cases.

Communication and dissemination kit

This kit will be provided as supplement to the final report containing suitable material with copyright clearance, which the EC may use for its own dissemination of project results

Project home page and collaboration platform

Technical platform for online presentation of home page and project intern collaboration platform.

Public project web presence

Public web presence with different section targeting different user groups and communities set up based on the technology platform prepared in WP1


Practical Signing-Right Revocation

Author(s): Michael Till Beck, Stephan Krenn, Franz-Stefan Preiss, Kai Samelin
Published in: Trust and Trustworthy Computing, 2016, Page(s) 21-39
DOI: 10.1007/978-3-319-45572-3_2

Evaluation of Privacy-ABC Technologies - a Study on the Computational Efficiency

Author(s): Fatbardh Veseli, Jetzabel Serna
Published in: Trust Management X, 2016, Page(s) 63-78
DOI: 10.1007/978-3-319-41354-9_5

Signer-Anonymous Designated-Verifier Redactable Signatures for Cloud-Based Data Sharing

Author(s): David Derler, Stephan Krenn, Daniel Slamanig
Published in: Cryptology and Network Security, 2016, Page(s) 211-227
DOI: 10.1007/978-3-319-48965-0_13

CREDENTIAL: A Framework for Privacy-Preserving Cloud-Based Data Sharing

Author(s): Felix Horandner, Stephan Krenn, Andrea Migliavacca, Florian Thiemer, Bernd Zwattendorfer
Published in: 2016 11th International Conference on Availability, Reliability and Security (ARES), 2016, Page(s) 742-749
DOI: 10.1109/ARES.2016.79

Helping Johnny to Make Informed Decisions in the Context of Social Login

Author(s): Farzaneh Karegar, Nina Gerber, Melanie Volkamer, and Simone Fischer-Hübner
Published in: ACM/SIGAPP Symposium On Applied Computing, 2018

Revisiting Proxy Re-Encryption: Forward Secrecy, Improved Security, and Applications

Author(s): David Derler, Stephan Krenn, Thomas Lorünser, Sebastian Ramacher, Daniel Slamanig, and Christoph Striecks
Published in: PKC, 2018

Bloom Filter Encryption and Applications to Efficient Forward-Secret 0-RTT Key Exchange

Author(s): David Derler, Tibor Jager, Daniel Slamanig, and Christoph Striecks
Published in: EUROCRYPT, 2018

Secure and Privacy-Friendly Storage and Data Processing in the Cloud

Author(s): Pasquale Chiaro, Simone Fischer-Hübner, Thomas Groß, Stephan Krenn, Thomas Lorünser, Ana Isabel Martı́nez Garcı́a, Andrea Migliavacca, Kai Rannenberg, Daniel Slamanig, Christoph Striecks, and Alberto Zanini
Published in: IFIP Privacy and Identity Management, 2017

Engineering Privacy by Design - Lessons from the Design and Implementation of an Identity Wallet Platform

Author(s): Fatbardh Veseli, Jetzabel Serna Olvera, and Kai Rannenberg
Published in: ACM/SIGAPP Symposium On Applied Computing, 2019

Protean Signature Schemes

Author(s): Stephan Krenn, Henrich C. Pöhls, Kai Samelin, Daniel Slamanig
Published in: CANS 2018, 2018, Page(s) 256-276
DOI: 10.1007/978-3-030-00434-7_13

Towards a Unified Secure Cloud Service Development and Deployment Life-Cycle

Author(s): Aleksandar Hudic, Matthias Flittner, Thomas Lorunser, Philipp M. Radl, Roland Bless
Published in: 2016 11th International Conference on Availability, Reliability and Security (ARES), 2016, Page(s) 428-436
DOI: 10.1109/ARES.2016.73

Opportunities and Challenges of CREDENTIAL - Towards a Metadata-Privacy Respecting Identity Provider

Author(s): Farzaneh Karegar, Christoph Striecks, Stephan Krenn, Felix Hörandner, Thomas Lorünser, and Simone Fischer-Hübner
Published in: IFIP Privacy and Identity Management, 2016

Sharing Information with Web Services - A Mental Model Approach in the Context of Optional Information

Author(s): Oksana Kulyk, Benjamin Maximilian Reinheimer, and Melanie Volkamer
Published in: HCI International, 2017

Homomorphic Proxy Re-Authenticators and Applications to Verifiable Multi-User Data Aggregation

Author(s): David Derler, Sebastian Ramacher, and Daniel Slamanig
Published in: Financial Cryptography and Data Security, 2017

Exploring Consumers' Attitudes of Smart TV Related Privacy Risks

Author(s): Marco Ghiglieri, Melanie Volkamer, and Karen Renaud
Published in: HCI International, 2017

Towards the Adoption of Secure Cloud Identity Services

Author(s): Alexandros Kostopoulos, Evangelos Sfakianakis, Ioannis Chochliouros, John Sören Pettersson, Stephan Krenn, Welderufael Tesfay, Andrea Migliavacca, Felix Hörandner
Published in: Proceedings of the 12th International Conference on Availability, Reliability and Security - ARES '17, 2017, Page(s) 1-7
DOI: 10.1145/3098954.3104061

Towards Privacy-Preserving and User-Centric Identity Management as a Service

Author(s): Pritam Dash, Christoph Rabensteiner, Felix Hörandner, Simon Roth
Published in: Open Identity Summit 2017, 2017

Assessments of a Cloud-Based Data Wallet for Personal Identity Management

Author(s): Farzaneh Karegar, Daniel Lindegren, John Sören Pettersson, Simone Fischer-Hübner
Published in: 26th International Conference on Information Systems Development, 2017

Towards Attribute-Based Credentials in the Cloud

Author(s): Stephan Krenn, Thomas Lorünser, Anja Salzer, Christoph Striecks
Published in: CANS 2017, 2017

CREDENTIAL: seCuRE clouD idENTIty wALlet

Author(s): Nicolás Notario, Stephan Krenn, Bernd Zwattendorfer, Felix Hörandner
Published in: ERCIM News, Issue No. 106 July 2016, 2016, Page(s) 11-12, ISSN 0926-4981

The Austrian eID ecosystem in the public cloud: How to obtain privacy while preserving practicality

Author(s): Bernd Zwattendorfer, Daniel Slamanig
Published in: Journal of Information Security and Applications, Issue 27-28, 2016, Page(s) 35-53, ISSN 2214-2126
DOI: 10.1016/j.jisa.2015.11.004

Agile cryptographic solutions for the cloud

Author(s): Thomas Lorünser, Stephan Krenn, Christoph Striecks, Thomas Länger
Published in: e & i Elektrotechnik und Informationstechnik, 2017, ISSN 0932-383X
DOI: 10.1007/s00502-017-0519-x

Research and innovation challenges in data protection, security and privacy in the cloud: Map of synergies of the clustered projects - version 2.0

Author(s): Gallego-Nicasio Crespo, Beatriz; PRIETO, Elsa; RIOS, Erkuden; Rak, Massimiliano; Deussen, Peter; Samarati, Pierangela; Cascella, Roberto; Braun, Simons; Krenn, Stephan; Lörunser, Thomas
Published in: 2016
DOI: 10.13140/RG.2.2.22406.37444

Challenges for trustworthy (multi-)Cloud-based services in the Digital Single Market

Author(s): Aljosa Pasic, Beatriz Gallego, Bernd Zwattendorfer, Bojan Suzic, Elsa Prieto, Erkuden Rios, Josep Domingo-Ferrer, Julia Vuong, Massimiliano Rak, Nicholas Ferguson, Nuria Rodríguez, Peter H. Deussen, Pierangela Samarati, Roberto Cascella, Sabrina de Capitani, Simone Braun, Stephan Krenn, Stephanie Parker, Thomas Länger, Thomas Lorünser, Zhiming Zhao
Published in: 2016

Secure and Privacy Preserving Identity Management in the Cloud

Author(s): Bernd Zwattendorfer, Stephan Krenn, Thomas Lorünser
Published in: ERCIM News, Issue No. 104 January 2016, 2016, Page(s) 44-45, ISSN 0926-4981