Digital identity and privacy pilot projects for emergency responders
The US Deptartment of Homeland Security has recently funded three digital identity and privacy pilot projects that aim to have emergency responders identify themselves when they arrive on-site using a smartphone. The projects address the global emerging technology trends of mobile device attribute verification, mobile authentication and physical access control.
The Kantara Initiative has been awarded multiple research grants – valued at up to $2.4 million USD– to develop three digital identity and privacy solutions using smartphones, including mobile device attribute verification, mobile authentication and physical access control.
Lockstep Technologies, Gluu Inc, and Exponent Inc, are collaborating on the projects with Kantara and the Command, Control and Interoperability Center for Advanced Data Analysis (CCICADA) a research centre at the Rutgers University in the US, funded by the US Department of Homeland Security Science & Technology Directorate. Each of the projects is multi-phase and these are the first projects launched by the Kantara Identity and Privacy Incubator Program (KIPI).
“These projects being delivered under KIPI are pioneering new areas in digital identity, privacy and access control," said Colin Wallis, executive director of the Kantara Initiative.
"The basis for each project is a reconfiguration of emerging next generation standards and specifications delivered through mobile devices, like smart phones. The trend of leveraging the ubiquitous mobile device for digital identity solution continues to ramp worldwide. We are seeing a growing interest in incubator programs like KIPI."
Mobile Device Attribute Verification (MDAV) by Lockstep Technologies, Australia
MDAV delivers secure digitally signed attributes on smartphones, assuring the validity and provenance of attributes, attribute sources and devices through the recasting of digital certificate policy. Potential applications include credentials for first responders, value added mobile driver’s licenses, anonymous proof of age, clinical trial and e-health record confidentiality, electronic travel documentation, and privacy-enhanced national IDs.
Emergency Responder Authentication System for Mobile UserS (Erasmus) by Gluu Inc, USA
Developing the capability for multiple autonomous organisations to share up-to-date information about a person’s identity, skills and authorisations is especially relevant in the emergency responder community, where state, local and federal government organisations need to collaborate both in person and online.
The Erasmus pilot will demonstrate how the services of a next generation identity federation can provide the tools and rules for distributed identity management. The pilot will also provide the first implementation of a Kantara standard currently under development: the Open Trust Taxonomy for Federation Operators (OTTO).
Many applications critical to emergency responders could benefit from a more modern federated identity infrastructure, such as emergency response management collaboration tools, next generation mobile services, and computer aided dispatch. The pilot will showcase a mobile application that will demonstrate how such an infrastructure could be used for in person identity and skills verification.
Derived Credentials and NFC for Physical Access Control by Exponent Inc, USA
Exponent has leveraged emerging next generation standards and specifications to enable a derived credential on an NFC-enabled phone to be used for physical access control.
The employee uses the phone in the same way as their physical Personal Identity Verification (PIV) Card to access a building, but the phone implementation provides improved convenience as well as options for difficult use cases such as a lost/stolen card or temporary credentials for non-PIV Card holders.
The project leverages the Opacity protocol to quickly establish encrypted communications and authenticate a holder of a derived credential in a few seconds for full cryptographic authentication, or under a half a second for lower-security applications such as transit. Exponent also extended the authentication process for full-secrecy, privacy enhanced phone-to-phone identity authentication over NFC. The source code resulting from the project is available as royalty-free open source here
Kantara Initiative provides real-world innovation and development of specifications and conformity assessment programmes for the digital identity and personal data ecosystems. More information is available here