DIAC

Currently, Access control systems are mainly based on user identification using Smart cards (with chip) or Contactless cards (RFID). In other cases are also used biometric systems such as fingerprints or PIN codes. But these identification systems have privacy and security issues: user authentication in an access control system, such as loss of the card, data breeches, cloning of cards, disclosure of access PIN to another person, etc. In this context, our solution aims to solve most of the problems that current access control systems have, using innovative solutions and avoiding direct user interaction with access control through de Disposable Identity Framework. A Disposable Identity is a contextual and temporary identity, limited in terms of scope, time, location allowing endusers to show specific and limited information/credentials in order to validate for a service, in our case, access control of the building.

In the past six months with the help of SecureIT we jointly developed the workflow, user process and technical architecture to show the benefits of our approach using a Disposable Identity, a contextual and temporary identity, limited in terms of scope, time, location allowing end users to show specific and limited information/credentials in order to validate for a service, in our case, access control of the building.

Currently, Access control systems are mainly based on user identification which utilize smart cards (with chip), contactless cards (RFID), biometric systems (fingerprints, face detection, retina scan etc.), PIN codes or physical keys. But these identification systems have privacy and security issues, such as loss of the card, user data breaches, cloning of cards, disclosure of access PIN to another person, etc. Moreover, they are tightly coupled with user’s personal information which makes them vulnerable to the privacy attacks. The DIAC project solves most of the problems that current access control systems have, using innovative solution and avoiding direct user interaction with access control through the Disposable Identity Framework. Disposable identities act as an e–ID that can ensure both the anonymity of the identity owner–unlink ability – and the possibility of reliably identifying and verifying a person’s identity. Disposable identities are a further step toward minimal data processing: the amount of identity data processed should be adequate, relevant, and limited to what is necessary for the purposes, as it is required by the GDPR regulation. The solution was validated in real environment for its functionality, performance and scalability by 3 demonstrators (in asvin lab, OdinS office and Murcia University building) which involved DID Mobile App, Access Control Terminal attached to a door and the DID Platform deployed on cloud. The DIAC consortium aims to exploit the solution with existing customers by shaping it as a new product in future.