Identity in narrow sense is a collection of attributes distingushing one entity from another. In wide sense, it encompasses all attributes of an entity. Managment and use of these attributes creates and entangles serious privacy and accountability requirements, the latter related to the trust issues towards authorities issueing credenitals and certificates.
In this project, we propose improved principles and techniques for identity management, clarifying the questions about trust and accountability. We study, how identity rises as a collection of attributes and how it flows from one collection to another. We improve the privacy-preserving, but accountable verification methods for attributes. We show how threshold cryptography enters the mix, and how it is naturally accounted for in our arguments and verification mechanisms, also hiding the structure of credentials. We specify our methods also to postquantum-secure threshold public-key cryptography.
Distributed Identity, Distributed Trust
Project start date:
Project end date:
Current projects:
AKIT
AKIT is an English-Estonian data protection and information security lexicon (Andmekaitse ja infoturbe leksikon).
PROVENANCE
Creating techniques for constructing zero-knowledge proofs for government interactions with citizens, companies or other governments.
VORMSI
Research & development of a security threat information sharing and correlation system for transnational use.
ECYSAP
Implementation of high maturity cyber situational awareness platform for military use.
LAGO
This project aims to deliver the foundation for a trusted EU Fighting Crime and Terrorism (FCT) Research Data Ecosystem (RDE) to address the so-called “Data Issue” in the FCT research landscape.
TEADAL
TEADAL will enable the creation of trusted, verifiable, and energy-efficient data flows, both inside a data lake and across federated data lakes, based on a shared approach for defining, enforcing, and tracking data governance requirements with specific emphasis on privacy/confidentiality.
CHESS
CHESS will integrate leading cybersecurity institutions and capitalise on the strengths of both regions to address important Europe-wide challenges.
Distributed Identity, Distributed Trust
In this project, we propose improved principles and techniques for identity management, clarifying the questions about trust and accountability.
FAMOUS
The project aims at maximizing synergies, standardization and interoperability capabilities of armoured vehicles to address highly demanding requirements while introducing innovative and promising new technologies and concepts.
PAI-MACHINE
Synthesis of machine-optimized cryptographic protocols with applications in secure machine learning systems.
STORE
STORE project aims to develop AI-based image recognition systems while also constructing a shared database of annotated defence images that can be used to train such systems.
EUCINF
EUCINF aims to create a comprehensive European library of adaptable software components that can be seamlessly integrated into Cyber and Information Warfare (CIW) systems. These components will possess capabilities in detection, analysis, fusion, and threat targeting, thus bolstering the functions of Cyber and Operational Centers.
ShareSat
The secure cooperation service, ShareSat, will enable owners of space object tracking catalogues to cooperate in a confidential manner, without revealing classified ephemerides even to the organisation providing analysis for collision avoidance or manoeuvre planning.
EU-GUARDIAN
AI-based solution that operates and automates large parts of incident management and cyber defence processes.
Past projects:
CyberSec4Europe
The project will test and demonstrate potential governance structures for the network of competence centres using the best practices examples of participants like CERN.
DATABIO
DataBio demonstrates that enabling data-driven decisionmaking in agriculture, forestry and fishing increases productivity and has a measurable impact to both the economy and the environment.
ELIKO
Development a radio surveillance platform and an adaptive radio network.
NAPLES
NAPLES demonstrates how to seamlessly add security analysis and optimization capabilities on top of Business Process Management tools.
IUT27-1
IUT27-1 is centered on systems’ security with a focus on Secure Multiparty Computation, Structured Risk Assessment of information and related systems, and Internet voting.
EXCITE
EXCITE will advance foundational theories of model verification and data analysis.
OCEAN2020
The support of maritime surveillance and interdiction missions.
PRACTICE
PRACTICE will mitigate insider threats and stop data leakage for computations in the cloud while maintaining economies of scale.
PRIST
Privacy-preserving statistical studies on linked databases.
STACC
The objective is to turn STACC into a leading and economically independent R&D organisation.
SafeCloud
SafeCloud aimed to re-architect cloud infrastructures with a focus on partitioning and entanglement.
SUNFISH
The SUNFISH project will develop and integrate software enabling secure cloud federation as required by European Public Sector bodies.
TREsPASS
The goal of TREsPASS was to create a mart ‘attack navigator’, which will trace potential weak points within an organization or a given infrastructure.
UaESMC
The UaESMC project focused on methods for making secure computation more practical in the real world.
MANTICUS APOLLO
MANTICUS APOLLO focused on creating the theoretical foundation for a transnational and comprehensive situational awareness capability for coordinating national defense.
SYSFLEX
SysFlex will identify issues and solutions associated with integrating large-scale renewable energy and create a plan to assist system operators across Europe.
INTERRFACE
INTERFACE aims to achieve greater coordination between TSOs and DSOs to ensure a cost-effective and secure supply of electricity.
ONENET
Creating a reliable architecture that enables the European electrical system to function as a single system.
MAITT
MAITT will prototype machine learning and AI-powered public domain service delivery in domains that are of importance to the state.
DANCE
Data protection synthesis of test databases using secure computing technology.
New technologies in voting
The project seeks to map the effects emerging technologies have on voting and offer solutions to potential problems.
M-VOTING
Analysing the changes in e-voting risk analysis in a situation where voting from a smart device is possible.
BELIEVE
Analyzing the impact of biometric facial recognition measures on the e-voting system in ensuring freedom of choice and its applicability in the Estonian e-voting system
EIS
The Estonian information security standard aims to develop and promote the level of information security of the Estonian public authorities as well as private businesses.
KYPSIS
Study of applicability of cryptographic algorithms in information systems, their spread and assessment of the strength of already implemented cryptographic algorithms.
LESCA
Creation of a tool to convert a Datalog-like program to a SecreC program (privacy-preserving computation based on Sharemind MPC platform).
WEBEXTENSIONS
Analysis of the Open-eID architecture design offer including the formulation of system security requirements, review and verification of the protocol set in terms of fixed requirements.
SEVILLA
Creation of programmable secure multi-party computation and applications.
CDOC 2.0
Analysis for Estonia's new file encryption standard CDOC2.0 and general architecture design.
eeCloud
Implementation of the Estonian Government Cloud.
SPoF2 - Part 3 eID Infrastructure Trust Model
Analysis of and recommendation for the Estonian eID trust model.
Vessel Traffic and Maritime Surveillance System
The project aims to bring to market a new TDOA technology and develop a maritime traffic surveillance product for the international market.
Eurostat-Cybernetica project ESTAT 2019.0232
The project created a proof-of-concept solution for the secure private processing of longitudinal Mobile Network Operator data in support of official statistics.
CoNurse
The project aims to expand the functionalities of CoNurse through developing a stochastic model for implementing smart and dynamic protocol delivery.
Smart Wallet (eKukkur)
The aim of this project is to make the necessary preparations and create the necessary commercial and technological base for the provision of next-generation eID services in accordance with the updated version of eIDAS.
Minerva
De-risking machine learning technology for cyber security applications in cooperation with European Space Agency.
Data protection aware synthesis
In this project, we test data synthesis using secure computing technology that protects original data from the service provider so that synthesis could even be a cloud service that is unable to leak the source data values. The project will result in a service prototype.