Lightweight Infrastructure for Global Heterogeneous Trust management in support of an open Ecosystem of Stakeholders and Trust schemes.

LIGHTest provides a lightweight trust infrastructure enabling parties of electronic transactions with automatic validation of trust based on their individual trust policies. To ease integration and improve availability on any system, LIGHTest uses the existing global Domain Name System (DNS) for publication, querying, and cross-jurisdiction translation of information relevant to make such decisions, including levels of assurance. Built on top of the existing global infrastructure of the domain name system and explicit efforts to reach international acceptance, LIGHTest offers truly “global trust lists”.

LIGHTest addresses both, the trustworthiness of single artefacts and that of complete electronic transactions. It provides a lightweight trust verification library that can easily be integrated into a wide range of applications and systems. This has been demonstrated in two pilot applications for Communication services and eProcurement.

A large number of electronic transactions occur naturally across borders and jurisdictions. An example is a European company which operates in an international market and receives purchase orders from anywhere in the world. The growing need to conduct business electronically to stay competitive, the planned trade agreements, and ever-increasing globalization further underline the need for a trust infrastructure that is global. The LIGHTest trust infrastructure is therefore designed as global, supporting an open ecosystem of stakeholders and trust schemes. Global operation and acceptance of the LIGHTest trust infrastructure are achieved, among others, by implementation on top of the already existing and well-accepted Domain Name System.

When assessing the trustworthiness of foreign certificates and other artefacts, verifiers need to know which foreign trust schemes to accept and how these map to the trust schemes of the local jurisdiction. For this purpose, LIGHTest provides trust translation authorities that are queried transparently by an automatic trust verifier as needed. LIGHTest supports delegation as an integral part of its trust infrastructure.

The LIGHTest components are available as open source and the project has provided a manual on how to use and facilitate these components called the “LIGHTest Cookbook”.

The work on the project officially started in September 2016. A public website (http://lightest.eu/(öffnet in neuem Fenster)) as well the international website of the project (http://www.lightest-community.org/(öffnet in neuem Fenster)) were set up to promote the project and to inform the public from all over the world of important news.

In the first period of the project a lot of effort was put into the survey and definition of functional, economical, security and accountability, privacy and usability requirements as well as several inventories and use cases. In addition, the reference architecture was defined and the technical work on the infrastructure of the processes started. As regards to the trust propagation of derived mobile IDs, its architecture was defined and a demonstrator was successfully implemented. A significant progress in the testing task was the setup of Minder Testbed.

In the second period of LIGHTest, the main work was concentrated on the implementation part of the project: the design of two pilots (communication services and eProcurement) and integration of all software components. Moreover, the components and final products were successfully tested and evaluated, and several demonstrations were built. A lot of effort was given to the dissemination and exploitation of the project resulting in cooperation with a number of institutions all over the world and existing projects.

Furthermore, the LIGHTest project was present at numerous events and conferences. Among them were a workshop at the Data Processing Center of the Ministry of Transportation, Communications, and High Technologies of Azerbaijan, Open Identity Summits in Rome, Karlstad, and Garmisch-Partenkirchen, Baku E-Trade Forum, go.eIDAS Summit, ISSE, and numerous other events. Moreover, in the framework of collaboration between LIGHTest and UNHCR several successful workshops were organized among which are a joint Workshop on Digital Identity related to ID2020 in Munich and a workshop meeting regarding UNHCR Trust Scheme Development in Copenhagen.

Moreover, LIGHTest has been very active in creating its own community by organizing recurring workshops in the framework of LIGHTest International Forum (Singapore, London, Baku, and Boston). The International Forum helped gain external insight on various topics of three different channels; Business, Legal, and Technical. This insight further helped the development of the project, while establishing relationships with potential stakeholders from a global community. One of the most prominent meetings was the LIGHTest Workshop in Baku, Azerbaijan. This stakeholder relationship continued also outside the International Forum and led to the commitment to operate a LIGHTest TSPA in Azerbaijan.

LIGHTest goes beyond the current systems of trust infrastructure and offers new, more elaborate, and secure solutions. With regard to trust lists, LIGHTest renders the entries queryable and thus easy to use by applications. LIGHTest is thus a “trust-list-enabler” for off-the-shelf applications. Moreover, LIGHTest makes the use of trust lists by applications as easy as Validation Authorities (VAs) do, but at a much lower cost, with network efficiency improved by orders of magnitude, and even in areas where sending whole documents to 3rd parties is unacceptable. VAs only support homogeneous trust models, while LIGHTest permits heterogeneous models—a prerequisite to global scalability. LIGHTest seamlessly and transparently integrates the mapping of foreign trust lists into a domestic context including the necessary discovery of the involved authorities.

LIGHTest supports delegation management at the level of trust management, rather than in applications (such as an authentication system like STORK). This allows taking the level of assurance of the delegation itself into account. It also renders delegation management interoperable across a large range of systems.

The LIGHTest trust policy is optimized for realistic electronic transactions, provides support for trust translation and delegation, and empowers non-technical users to easily author and understand policies.

LIGHTest is largely pioneering the propagation of trust from existing identities (such as eIDs) to mobile identities on user-owned devices since very little previous work is has been done.

The results and progress of the LIGHTest project have an impact on various application fields since trust management is critical for a large number of processes. The positive feedback and interest for the project are found not only in the countries of the European Union but in the whole world as well.

One of the accomplishments is the collaboration with the United Nations High Commissioner for Refugees (UNHCR). Apart from numerous productive workshops together, LIGHTest created a demonstration of what a UNHCR trust scheme could look like and a proof of concept for the DAFI scholarship program (Albert Einstein German Academic Refugee Initiative Fund). This demonstration shows the potential impact that LIGHTest could have on not only the private and public sectors but also the humanitarian sector.