The Subproject Methodology, Requirements Analysis and Vision is composed of the workpackages (i) Vision, Approach and Inventory, (ii) Requirements Analysis, (iii) Design Guidelines and (iv) Protocols for future eID Solutions.
Vision, Approach and Inventory
In preparation of work, the workpackage Vision, Approach and Inventory starts by developing a common terminology and conducting an extensive survey on the state of the art of eIDs, related technologies, and standards. To guide the project, a vision of the FutureID infrastructure and its ecosystem will be developed. Special focus will be on socio-economic and legal requirements. As a basis for requirements analysis and design guidelines, a reference architecture will be designed. The lack of use and business cases outside of e-Governemnt is one of the main barriers to a widespread eID adoption. Based on SSEDIC stakeholder consultations, it will therefore be studied how the FutureID infrastructure can enable new business models and how eIDs can be integrated with already existing service infrastructures.
To guide development, a clear multi-disciplinary requirements study will be conducted. Special emphasis is on support of use and business cases. The following aspects will be considered:
- technical merit
- socio-economic impact
- legal conformance
- accessibility and inclusion
Considering the importance of usability, usable demonstrators and prototypes will be used to conceive user interface guidelines. To harmonize the technology and ease integration of components from different partners, precise software development guidelines for client and backend integration will be developed. Documentation guidelines will help to achieve a high-quality and consistent overall product.
Protocols for future eID Solutions
In interoperability scenarios, overall processes often involve complex, composed protocols. To make the analysis of composite properties manageable, existing languages and tools will be extended to model eID protocol composition and properties. Of particular interest are privacy properties for which there is currently a lack of formal models and tools. Further, research will be conducted on cryptographic means to enforce users' data handling policies and on privacy-friendly revocation. Finally, methods and a framework for usable privacy will be developed.