TURBINE research primarily concerns the development and evaluation of requirements, underlying technologies, legal environment and processes associated with the creation and management of revocable biometric templates and pseudo-identities.
The project work plan has 4 main Sub-Projects (SP) focussing on research and technology development and a central Sub-Project covering non-technical activities, shortly described here below.
SP1: Requirements and Operational Configuration for Fingerprint PETs
SP1 addresses the application requirements, services schemes, application architecture and operational configuration for Privacy Enhancing Technologies able to ensure a secure management of identity and pseudo-identities using protected biometrics for the benefit of the citizen and of the identity provider. The result of SP1 is the technical and legal framework of TURBINE. SP1 drives the overall TURBINE research and solution selection relative to a practically deployable identity management scheme.
SP2: Interoperable Template Protection Schemes for Fingerprints
SP2 is dedicated to research on the criteria and mechanisms ensuring that protected biometric information cannot be inverted or used to retrieve the original biometric sample, and that multi-vendor solutions for protected biometric identity will interoperate. Research is dedicated to the definition and implementation of a technology solution that allows revoking a protected biometric identity, and to the processing of a biometric sample to generate different protected biometric templates, whereby an individual, when his protected biometric identity is revoked, can be issued with a new protected biometric identity.
SP3: Cryptographic Protocols for Trusted Identity
SP3 deals with security and identity trust. Research consists in setting up cryptographic protocols to manage identity based on the requirements identified in SP1 and the algorithms developed in SP2. Attack's scenarios are defined and assessment of the security is evaluated. The result of SP3 is a security evaluation of the trusted identity scheme of TURBINE.
SP4: Evaluation of Performance, Privacy and Interoperability
Research activities in SP4 concern protection mechanisms and interoperability benchmarking and the evaluation of core performance capabilities against project goals. Demonstration activities are organised in two axes: on the one hand, an extensive biometric performance interoperability test is conducted; on the other hand, direct end-user and eService provider demonstrators are assessed and their evaluation will show in each case how a single identity (based on the biometric characteristic of an individual) may generate several identities with different levels of trust, how these can be used, and how a "pseudo-identity" could be revoked, and new identity re-generated based on the same biometric characteristic of an individual. Protection mechanism on biometric references are also evaluated for the generic and real-life application demonstrators.
SP5: Central Action Lines
This Sub-Project covers project management, dissemination, training, innovation management, and the cooperation with experts who are not members of the consortium. In particular, two Advisory Boards have been set up to advise the consortium:
- The Data Protection Advisory Board (DPAB), dealing with data protection and privacy regulations
- The User Advisory Board (UAB), dealing with the business requirements for eID management of stakeholders of different application sectors.
The TURBINE project Consortium partners take a strong attention to Advisory Boards members, composed of companies, institutions and experts concerned by the identity management and privacy protection.