Smart Card and Agent enabled Reliable Access

Objectif

Main Objective

SCARAB focuses on the synergy between smart card and agent technology in an open, distributed and secure service architecture. The project has the following main objectives:

-to evaluate, position and demonstrate the use of smart cards as a universal token for seamless access to a multitude of telecommunication services in an open service architecture,

-to verify the requirements for secure service access and information exchange through a distributed access control model,

-to identify the implications of agent based software development on mobility, security and reliability in and across heterogeneous network environments,

-to identify, define and demonstrate the potential of the synergy between smart cards and agents for reducing the complexity and diversity of user interfaces as implemented on a multitude of telecommunication terminals.

Technical Approach

SCARAB will combine the assets of personalised control from a telecommunication terminal with the capabilities of smart cards on which agents can run to inter-operate in a secure way with service management components. To personalise a service to a specific user role, mobile code will be downloaded from a provider server to the smart card. This code will enable/disable particular capabilities of the terminal to which the smart card is associated and will provide the interaction procedures between the user and the service. The implementation of this mobile code in a network hosting distributed applications will be based on CORBA and will use plain Java. The intended software architecture will be implemented as a set of distributed agents that operate on top of an OMG-CORBA conformant Distributed Processing Environment (DPE). Information and computational models for a set of service components relating to access control and service management will be specified and implemented, based on agents and Java enabled smart cards for access customisation.

Most common international standards and recommendations for advanced telecommunication services, in particular TINA, IN and TMN specifications, will be taken into account in the architectural design and functional decomposition of control and service management.

Java compatible smart cards of the CyberFlex Java Card family will be used in combination with terminals that host a Java environment. A smart card interface and a set of Java-APIs will be implemented in order to provide a clear and well-known programming framework for application developers.

A prototype terminal will be provided, based on a Java enabled GSM terminal with a smart card reader. The inter-operation with the Java Card and the integration in an agent based architecture will be demonstrated.

Research will also be done on security issues, both at the architectural and the equipment level. State-of-the-art knowledge on security models as available for GSM, ISDN and Internet and on emerging CORBA and Java security facilities will be applied to the overall architecture. Service-related security features for end-users (e.g. identification, authentication, confidentiality, non-repudiation, etc.) will be defined, analysed and applied to smart card enabled telecommunication services, in order to explicitly enhance their security properties. In addition, specific security requirements at the level of the network architecture (e.g. air interface) and at the level of individual components (e.g. terminal/ smart card reader or smart card reader/smart card) will be identified and assessed. Specific security mechanisms to support these security features, as well as secure information transfer at the different levels in an open, distributed network environment will be defined, designed and implemented.

Next to operational security aspects, attention will also be paid to security management considerations. Security management functions that are optimally suited for the applied architecture will therefore be defined, designed and implemented.

Summary of Trial

The building blocks that emerge from previous activities will be integrated and validated for coexistence and co-operation in an overall architecture. In this architecture, smart card enabled services will be connected to a (set of) remote server(s) through PSTN, ISDN, GSM or Internet, that will be used as much as possible in a transparent way.
Modifications to these networks are not foreseen within the scope of this project.

Personalised control can be centralised on a main provider server, or can be decentralised, by letting it be executed in the terminal itself.
Expected Achievements

SCARAB will deliver a Java based smart card/terminal interworking prototype and an OMG-CORBA based agent architecture prototype that will integrate the smart card/terminal interworking prototype, provide adequate security and security management, and allow for the downloading of agents in a Java environment.

Expected Impact

The project will contribute to:

-increased ease of access to personal telecommunication services, providing operators' with better service take-up and increased revenue,

-better awareness of the capabilities of a smart card as personal identification and authentication device,

-more cost-effective mobility support in telecommunication network suppliers' fixed or mobile network infrastructures,

-standardisation in the offer of smart card manufacturers' multi-functional smart cards for use across heterogeneous infrastructures,

-reduction of the technological gap between Europe and the United States, through the experience gained on the functionality and usage of smart cards.
Key Issues

The SCARAB project will contribute to the solution of following key issues in the deployment of telecommunication and value-added services:

-the increased level of complexity that is introduced by offering telecommunication and value-added services in a personalised way to mobile users,

-the lack of, or cumbersome access to, adequate personal mobility features in fixed networks,

-the need for flexible and secure user/service interactions in an open distributed architecture.

Champ scientifique (EuroSciVoc)

CORDIS classe les projets avec EuroSciVoc, une taxonomie multilingue des domaines scientifiques, grâce à un processus semi-automatique basé sur des techniques TLN. Voir: Le vocabulaire scientifique européen.

• sciences naturelles informatique et science de l'information sécurité informatique contrôle de l’accès
• sciences naturelles informatique et science de l'information internet
• lettres arts conception architecturale
• ingénierie et technologie génie électrique, génie électronique, génie de l’information ingénierie de l’information télécommunication réseau de télécommunications réseau mobile
• sciences naturelles informatique et science de l'information logiciel développement logiciel

Programme(s)

Programmes de financement pluriannuels qui définissent les priorités de l’UE en matière de recherche et d’innovation.

• FP4-ACTS - Specific programme of research, technological development and demonstration in the area of advanced communications technologies and services, 1994-1998

Thème(s)

Les appels à propositions sont divisés en thèmes. Un thème définit un sujet ou un domaine spécifique dans le cadre duquel les candidats peuvent soumettre des propositions. La description d’un thème comprend sa portée spécifique et l’impact attendu du projet financé.

• 5 - Service engineering, security & communications management

Appel à propositions

Procédure par laquelle les candidats sont invités à soumettre des propositions de projet en vue de bénéficier d’un financement de l’UE.

Régime de financement

Régime de financement (ou «type d’action») à l’intérieur d’un programme présentant des caractéristiques communes. Le régime de financement précise le champ d’application de ce qui est financé, le taux de remboursement, les critères d’évaluation spécifiques pour bénéficier du financement et les formes simplifiées de couverture des coûts, telles que les montants forfaitaires.

CSC - Cost-sharing contracts

Coordinateur

Participants (8)