Building trust in networking in Newly Associated States through the use of secure information society technologies

Objective

The NASTEC project is intended to foster the usage of European-based security technology in Newly Associated States (NAS) for the purpose of building trust and confidence in the growing application of open networks, as for instance e-commerce, e-administration, e-business and tele-working. The technical framework will be security technology based on international standards and developed within EU funded projects. The framework will consist of third-party services for identification and authentication provided within an interworking public key infrastructure that spans beyond the boundaries of EU. The target audience of the dissemination including training and education are universities with their student population - enabling on-line e-based student administration, user groups of new GIS based tourist services for wide audience of mobile users, RTD projects and programs seeking security services for their on-going activities.

Objectives:
The objective of NASTEC is to transfer knowledge and technology for provision of security services in NAS, helping the understanding of data protection and privacy in e-communication, especially in the emerging applications such as e-work and e-business.
Another objective is to promote the use of European technology and services in NAS. This will contribute to the deployment of the common European electronic market by use of the same standards and practices regarding authentication and secured transactions.
NASTEC actions are also oriented towards diminishing the gap between running e-business applications and the use of complex tools for trust and confidence based on trusted third party technology.
Finally, NASTEC also disseminates knowledge about the European legislation frame-work in the field of e-work and e-business, such as the Digital Signature act.

Work description:
NASTEC work will be driven through a series of actions. A PKI will be set-up, with several certification and registration authorities. A certificate policy and partners' certification practice statements (CPSs) will be defined to fix the rules, practices and security policy of the PKI. The first set of basic secure services offered to representative group of users includes:
1) secure messaging via S/MIME signed and/or encrypted mails;
2) anti-spamming measures based on SSL-SMTP;
3) secure access to the post-office, via SSL-POP (for message download) and/or SSL-IMAP (for remote management of centralised mail folders);
4) secure data transactions, based on an SSL-HTTP Web server restricting access to internal pages only to X.509-authenticated users (no user passwords needed any more).

After the basic service, other activities will follow:
1) experiments with secured infrastructure for on-line student administration in NAS partners, services for other user groups, like validation of electronic transactions and documents via time-stamping (TSP), notarisation (DVCS), certificate status checking (CRL, OCSP), use of secure electronic documents based on the EESSI standard formats, secured tourist services for mobile users;
2) dissemination, training and education as well as awareness building. This is the most important part, as it will drive the project to the major goal: building trust and confidence in networking in NAS. Work will consist in provision of information, consultant missions to environment outside the local partner's, especially in SMEs, Chambers of Commerce, Trade Point offices, professional organisations, training workshops (2 per year on each partner site for operating staff and first user groups), one major workshop per year (5 days, for 100 participants), publishing of material on how to set-up and run a PKI, promotion activities such as attendance at conferences.

Milestones:
- Operational public key infrastructure in NAS;
- Running security applications in NAS;
- Dissemination of knowledge and technology for new methods of work;
- Training seminars, workshop and consultant visits;
- Awareness about privacy and data protection in electronic communication in NAS environment.

Fields of science (EuroSciVoc)

CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques.

• natural sciencescomputer and information sciencescomputer securitydata protection
• natural sciencescomputer and information sciencescomputer securitycryptography
• social scienceseconomics and businessbusiness and managementcommercee-commerce
• social sciencespolitical sciencesgovernment systemse-governance

Programme(s)

• FP5-IST - Programme for research, technological development and demonstration on a "User-friendly information society, 1998-2002"

Topic(s)

• 2000-8.1.5 - Enabling RTD Co-operation with Newly Associated States

Call for proposal

Funding Scheme

Coordinator

Participants (5)