PCAS (Personalised Centralized Authentication System) is an international research project, funded under the European Unionâ€™s Seventh Framework Programme for research, technological development and demonstration.
PCAS objective is to innovative, trustworthy, smartphone accessory handheld device (SPD – Secured Personal Device) that will allow users to securely store their data, share it with trusted applications using biometric authentication. Security is accomplished by isolating the data inside the SPD from malicious applications on the smartphone, by providing user authorization mechanism, and by using advanced biometric algorithms.
The SPD will recognize its sole user using multiple biometric sensors, including a stress level sensor to detect coercion. Using the same biometric authentication, the SPD will be able to enforce secure communication with servers in the cloud, relieving the user from memorizing passwords.
PCAS will innovate on two different areas: development of novel security related techniques and creation of a new market.
With respect to security research and innovation, PCAS will:
- Increase mobile data security
- Enhance smartphones security
- Develop novel mobile biometric authentication mechanism
- Integrate biometric authentication into the cloud
With respect to market-oriented innovations, the following is relevant:
- Implementation of a smartphone peripheral
- New mobile secure storage mechanism
- Server-side infrastructure to allow secure data synchronization
- Integrated development environment for the development of mobile secure applications
PCAS will produce a complete ecosystem composed of the hardware accessory, software (on the smartphone and servers) to allow the secure access/transfer of data, the infrastructure and services development environment (APIs) to allow the adaptation of existing services into the PCAS environment.
INESC-ID participation: The Distributed Systems Groups of INESC-ID is involved the coordinator of the project. INESC-ID research and development participation is focused on the definition and implementation of software middleware infrastructure running on the smartphone, allowing its integration and interaction with the SPD and external services: providing access to the data stored in the SPD, and allowing the integration of external services. Complementing the main objectives of the project, INESC-ID is also enhancing and developing the new security, trust and authentication mechanisms for the cloud and mobile environments.
Preliminary results: At the moment the overall architecture of the PCAS system (SPD, smartphone and server components) is defined, the requirements were gathered from a series of interviews done mainly to professionals and decision maker in the area of eHealth. The development of the software and hardware components has started, being already available prototypes to most components.
During 2014, INESC-ID as produced the following research papers in the context of the PCAS Project:
- Using ARM TrustZone to Build a Trusted Language Runtime for Mobile Applications, ASPLOS 2014 | Nineteenth International Conference on Architectural Support for Programming Languages and Operating Systems
- Authentication Security through Diversity and Redundancy for Cloud Computing, INForum 2014 | Portuguese informatics Symposium
- A Survey on Mechanisms for Hardening Android Devices against Security Threats, Technical Report
More information can be obtained in the Project web-site: www.pcas-project.eu