The MyÆvatar demo illustrates how, step-by-step, a citizen creates, under his sole and unique control, a self-sovereign digital identity that empowers him to smoothly automate strong authentication sessions when processing web-based transactions for everyday use.
Step 1 : Activation of the MyÆvatar app onto a standard Android smartphone.
Step 2 : Initiate the “Remote identity proofing” with a guided collection of several identity proof by mobile scanning : driving license, a utility bill, and a selfie
Step 3 : Automated verification against selected Identity Providers, the “IdP”.
Step 4: Strong facial biometric authentication to generate Tokenized Claims
Step 5: Generate a peer2peer payment via secured Instant Messaging
Step 6: Generate a one-time access token that will be consumed by an eGate Camera (MatchOnToken)
To satisfy IoT/M2M market and policy security requirements, suitable duly tested solutions are needed to cope with security, privacy and safety also taking into account large scale IoT deployment. A testbench aimed at evaluating security level of IoT applications will be presented.
The global architecture of the demo is provided in the following figure:
The demo thus aims at establishing a security benchmark evaluation of IoT devices being connected to a testbed.
Two scenarios related to the security of IoT/M2M oneM2M are applied to the oneM2M case. Results of testing scenario are be used to calculate a security label for the device under test.
– The first scenario is the security testing of a oneM2M Application (AE) using TTCN-3 security test cases. An Upper Tester sends triggering commands to the System Under Test (SUT). For the execution of security test cases, our SUT needs a credential manager delivering an encryption key. All triggering commends are finally examined by the test tool in order to assert on the results according to its defined test oracle (pass/fail status).
– The second scenario, is an interoperability test case in an end to end security test environment. We validate starting from the device through to key retrieval, the encryption and secure storage of device data in the oneM2M platform.
The demo will include nice screen to present test execution and test results as well as poster, so to provide an attractive and enligthing demonstration to the visitors.