Smart Card and Agent enabled Reliable Access

Objective

Main Objective

SCARAB focuses on the synergy between smart card and agent technology in an open, distributed and secure service architecture. The project has the following main objectives:

-to evaluate, position and demonstrate the use of smart cards as a universal token for seamless access to a multitude of telecommunication services in an open service architecture,

-to verify the requirements for secure service access and information exchange through a distributed access control model,

-to identify the implications of agent based software development on mobility, security and reliability in and across heterogeneous network environments,

-to identify, define and demonstrate the potential of the synergy between smart cards and agents for reducing the complexity and diversity of user interfaces as implemented on a multitude of telecommunication terminals.

Technical Approach

SCARAB will combine the assets of personalised control from a telecommunication terminal with the capabilities of smart cards on which agents can run to inter-operate in a secure way with service management components. To personalise a service to a specific user role, mobile code will be downloaded from a provider server to the smart card. This code will enable/disable particular capabilities of the terminal to which the smart card is associated and will provide the interaction procedures between the user and the service. The implementation of this mobile code in a network hosting distributed applications will be based on CORBA and will use plain Java. The intended software architecture will be implemented as a set of distributed agents that operate on top of an OMG-CORBA conformant Distributed Processing Environment (DPE). Information and computational models for a set of service components relating to access control and service management will be specified and implemented, based on agents and Java enabled smart cards for access customisation.

Most common international standards and recommendations for advanced telecommunication services, in particular TINA, IN and TMN specifications, will be taken into account in the architectural design and functional decomposition of control and service management.

Java compatible smart cards of the CyberFlex Java Card family will be used in combination with terminals that host a Java environment. A smart card interface and a set of Java-APIs will be implemented in order to provide a clear and well-known programming framework for application developers.

A prototype terminal will be provided, based on a Java enabled GSM terminal with a smart card reader. The inter-operation with the Java Card and the integration in an agent based architecture will be demonstrated.

Research will also be done on security issues, both at the architectural and the equipment level. State-of-the-art knowledge on security models as available for GSM, ISDN and Internet and on emerging CORBA and Java security facilities will be applied to the overall architecture. Service-related security features for end-users (e.g. identification, authentication, confidentiality, non-repudiation, etc.) will be defined, analysed and applied to smart card enabled telecommunication services, in order to explicitly enhance their security properties. In addition, specific security requirements at the level of the network architecture (e.g. air interface) and at the level of individual components (e.g. terminal/ smart card reader or smart card reader/smart card) will be identified and assessed. Specific security mechanisms to support these security features, as well as secure information transfer at the different levels in an open, distributed network environment will be defined, designed and implemented.

Next to operational security aspects, attention will also be paid to security management considerations. Security management functions that are optimally suited for the applied architecture will therefore be defined, designed and implemented.

Summary of Trial

The building blocks that emerge from previous activities will be integrated and validated for coexistence and co-operation in an overall architecture. In this architecture, smart card enabled services will be connected to a (set of) remote server(s) through PSTN, ISDN, GSM or Internet, that will be used as much as possible in a transparent way.
Modifications to these networks are not foreseen within the scope of this project.

Personalised control can be centralised on a main provider server, or can be decentralised, by letting it be executed in the terminal itself.
Expected Achievements

SCARAB will deliver a Java based smart card/terminal interworking prototype and an OMG-CORBA based agent architecture prototype that will integrate the smart card/terminal interworking prototype, provide adequate security and security management, and allow for the downloading of agents in a Java environment.

Expected Impact

The project will contribute to:

-increased ease of access to personal telecommunication services, providing operators' with better service take-up and increased revenue,

-better awareness of the capabilities of a smart card as personal identification and authentication device,

-more cost-effective mobility support in telecommunication network suppliers' fixed or mobile network infrastructures,

-standardisation in the offer of smart card manufacturers' multi-functional smart cards for use across heterogeneous infrastructures,

-reduction of the technological gap between Europe and the United States, through the experience gained on the functionality and usage of smart cards.
Key Issues

The SCARAB project will contribute to the solution of following key issues in the deployment of telecommunication and value-added services:

-the increased level of complexity that is introduced by offering telecommunication and value-added services in a personalised way to mobile users,

-the lack of, or cumbersome access to, adequate personal mobility features in fixed networks,

-the need for flexible and secure user/service interactions in an open distributed architecture.

Fields of science (EuroSciVoc)

CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques.

• natural sciencescomputer and information sciencescomputer securityaccess control
• natural sciencescomputer and information sciencesinternet
• humanitiesartsarchitectural design
• engineering and technologyelectrical engineering, electronic engineering, information engineeringinformation engineeringtelecommunicationstelecommunications networksmobile network
• natural sciencescomputer and information sciencessoftwaresoftware development

Programme(s)

• FP4-ACTS - Specific programme of research, technological development and demonstration in the area of advanced communications technologies and services, 1994-1998

Topic(s)

• 5 - Service engineering, security & communications management

Call for proposal

Funding Scheme

Coordinator

Participants (8)