E!8324 OffPAD

Et paradoks med dagens internett er at vi fortsetter å bygge sårbare klientplattformer, men likevel forventer å ha sikre online interaksjoner. Dette p rosjektet har som mål å utvikle OffPAD enheter og OffPAD-baserte løsninger som skal gi sikre online interaksjoner selv i miljøer med sårbare klientplattformer. OffPAD-konseptet er en fysisk enhet for håndtering av elektroniske identiteter og muliggjør p ålitelige online transaksjoner. Det er forventet at OffPAD prosjektet vil bidra innen tre viktige online utfordringer: sikkerhet, brukervennlighet og personvern.

The OffPAD project assumes that client platforms are and will continue to be vulnerable. Solutions for secure online interaction must instead be based on an independent secure OffPAD hardware device. The OffPAD enables users to manage all their online us er credentials, as well as server certificate credentials of online services in a single device. The OffPAD can radically improve the security of online transactions in several aspects. It provides the basis for user friendly security and ensures trusted transactions that are immune to malware on open client devices. The OffPAD supports strong mutual authentication between user and service provider, supports data authentication and prevents phishing attacks, even in the presence of malware infected laptop s or smartphones. The project builds on the results of the Lucidman project, EUREKA project 7161, which successfully demonstrated the novel security-usability concepts for online user authentication and service provider authentication developed at the Un iversity of Oslo and Ensicaen. The OffPAD will be developed on the Taztag Hardware platforms, which offer contactless communication capabilities and the HW security environment suitable for an OffPAD device. The OffPAD will be prototyped as a standa lone device and embedded in a smartphone. The embedded device will be a qualified candidate to meet the marked needs of ?the secure smartphone?. The R&D will focus on the usability and security of user authentication, service provider authentication, da ta authentication and device integrity. Use cases will be taken from the markets of the project partners, reflecting markets trends of increased mobility of online services (banking), interaction with eServices at physical locations (loyalty applications, POS) and changing working habits (nomadic workers, BYOD). The project will also develop solutions for enabling a user to manage multiple service providers' identities on the device.