RECITALS Core

The RECITALS Core is the backbone of the RECITALS platform, formed by the following fundamental components:

Distributed Ledger

Forms the bedrock on top of which all RECITALS components are built, because it conveys several key advantages:

  • Decentralized transparency: Offers a decentralized transparent view of transactions to all participants in the network, building trust among participants.
  • Immutability: Forbids the manipulation of records, enhancing the overall security of transactions and preventing fraud, while providing a reliable audit trail.
  • Resilience: Resilient to failures or attacks, as it lacks a single point of failure that can disrupt the entire network.

RECITALS takes special care to support private ledgers for identity management within organizations and hybrid ledgers for cross-organization data sharing scenarios.

Identity Lifecycle Manager

Supports all possible stages of digital identities from provisioning to deprovisioning:

  • Audit and reporting functionalities provide detailed insights into identity-related activities, offering transparency and compliance verification.
  • Policy checks ensure alignment with regulatory and organizational policies, maintaining a consistent and secure approach.
  • Self-service capabilities prerequisite for self-sovereign identity management, empowering users to independently manage their identities and privacy settings.
  • Administration centralizes control over identity management.
  • Notifications ensure that end users and administrators are promptly informed about any significant identity-related events or changes.
  • Password management reduces the risk of unauthorized access.
  • Approval introduces necessary checks and balances by requiring authorized individuals to validate identity-related actions.
  • Compliance continually verifies that all identity management practices adhere to EU regulatory standards.

This holistic approach will accommodate applications of any type, from legacy to cloud-based ones.

Cryptography Manager

Includes state-of-the-art encryption techniques:

  • Differential privacy protects the privacy of individuals' data while allowing aggregate analysis by adding carefully calibrated noise to sensitive data.
  • Homomorphic encryption allows computations to be performed directly on encrypted data without requiring decryption first, enabling privacy-preserving data processing.
  • Secure multi-party computation enables multiple parties to jointly compute a function while keeping their input data private.
  • Zero-knowledge proofs (ZKPs) constitute cryptographic protocols that allow one party to prove to another that they possess certain information, without revealing it.
  • Verifiable credentials (VCs) are digital credentials that can be cryptographically verified and authenticated, enabling trusted assertions without needing a central authority.

Anonymization Manager

Implements techniques from the main established anonymization approaches:

  • k-Anonymity generalizes sensitive attributes to ensure each record is indistinguishable from at least k-1 other records.
  • l-Diversity ensures released datasets contain at least l different values for any given attribute, preventing individual record identification.
  • t-Closeness minimizes the probability of linking records by adding noise to increase distance between true and noisy values.
  • Differential privacy adds carefully calibrated noise to sensitive attributes, ensuring limited dataset inference.
  • Controlled data publishing involves controlled release while minimizing re-identification risk through removing identifiers and generalizing attributes.

Compliance Manager

Crafted for automatically checking the information necessary to assess that compliance is present, is correct, and that the interpretation is compliant with legal requirements. It builds on results from previous H2020 projects such as SPECIAL, TRAPEZE, and BPR4GDPR which utilised a 'knowledge graph' approach combined with logic-based reasoning techniques.

  • Addresses GDPR, DGA, and NIS2 regulations and standards
  • Utilizes and extends the Data Privacy Vocabulary (DPV)
  • Automates cybersecurity measures of the CIA triad (confidentiality, integrity, and availability)
  • Provides state-of-the-art implementation easily extended for changing compliance requirements
  • Establishes robust trustworthy services for EU Data Spaces