About NASTEC project

Nastec project as a part of IST intiative has clear objectives of delivering research results into industry using various mechanisms.

Objectives

Objectives of the NASTEC project are

• to transfer knowledge and technology for provision of security services in NAS,

• to help with understanding of data protection and privacy in e-communication,

• to promote the use of European technology and services in NAS, this will contribute to the deployment of the common European electronic market by use of the same standards and practices regarding authentication and secured transactions,

• oriented towards diminishing the gap between running e-business applications and the use of complex tools for trust and confidence based on trusted third party technology,

• dissemination of knowledge about the European legislation frame-work in the field of e-work and e-business, such as the Digital Signature act.

Work description

NASTEC work is driven through a series of actions:

• A Public Key Infrastructure (PKI) set-up, with several certification and registration authorities.

• A certificate policy and partnersí certification practice statements (CPSs) are defined to fix the rules, practices and security policy of the PKI. The first set of basic secure services offered to representative group of users includes:

  1. Secure messaging via S/MIME signed and/or encrypted mails,

  2. Anti-spamming measures based on SSL-SMTP,

  3. Secure access to the post-office, via SSL-POP (for message download) and/or SSL-IMAP (for remote management of centralised mail folders),

  4. Secure data transactions, based on an SSL-HTTP Web server restricting access to internal pages only to X.509-authenticated users (no user passwords needed any more). 

• After the basic service, other activities will follow:

  1. Experiments with secured infrastructure for on-line student administration in NAS partners, services for other user groups, like validation of electronic transactions and documents via time-stamping (TSP), notarisation (DVCS), certificate status checking (CRL, OCSP), use of secure electronic documents based on the EESSI standard formats, secured tourist services for mobile users;

  2. Dissemination, training and education as well as awareness building. This is the most important part as it will drive the project to the major goal: building trust and confidence in networking in NAS. Work will consist in provision of information, consultant missions to environment outside the local partnerís, especially in SMEs, Chambers of Commerce, Trade Point offices, professional organisations, training workshops, one major workshop per year, publishing of material on how to set-up and run a PKI, promotion activities such as attendance at conferences