office@euconsent.eu

PPPA-AGEVER-01-2020: “Outline and trial an infrastructure dedicated to the implementation of child rights and protection mechanisms in the online domain”

PPPA-AGEVER-01-2020: “Outline and trial an infrastructure dedicated to the implementation of child rights and protection mechanisms in the online domain”

IT Security assessment of the Parental Consent Implementation

DIGIE
31/03/2022

This document describes the security assessment of the Parental Consent/Control solutions developed in the context of the EUConsent project. The purpose of the assessment was to provide a review of the security posture of the ecosystem and solution architecture, as well, as to identify potential weaknesses in its design.

This security assessment covers the design of the Parental Consent/Control solution of the EUConsent project. The major building blocks that make up the solution are:

  1. User’s device
  2. Service Provider (SP)
  3. Parental Consent Providers (PCP)
  4. Age Verification Providers (AVP)
  5. eIDAS node network
  6. Identity Providers (IDP)

During the assessment, the focus was on the functional and technical security of the first 3 building blocks. A separate IT security assessment was done for the AVP’s (D3.5). As the solution is only integrating the eIDAS node network as provided and connected IDP’s that have been formally reviewed under the eIDAS regulation, these components were out of scope for this assessment.

Find out more details from the report, download the document using the dedicated button.

euConsent Consortium

Subscribe to our Newsletter

Do you want to be informed with the progress of euConsent or other related news? 

Thank you for subscribing. A email was sent to confirm your email address. Please check also spam folder.

Share This