MUSAP – Multiple SSCDs using Unified Signature API Library Project
The MUSAP project aims to develop a new software interface called Unified Signature Application Programming Interface (USAPI) Library. The interface provides a consistent and flexible way for applications to request either low, substantial or high LoA signatures, regardless of the SSCD technology or location of the private key.
Methics’ solution consist of a unified signature API library specification, an open-source API implementation of the library, which combines multiple Secure Signature Creation Device (SSCD) technologies seamlessly together. MUSAP will have common unified signature API, which will consider the following interfaces:
- CEN EN 419211-2 and ETSI TR 102 206 (for UICC based SSCD)
- EN 419 241-1 and EN 419 241-2 (for eIDAS based Remote SSCD)
- SGP.05 EUICC PP v4.0 and TR 102 206 (for eUICC based SSCD)
- Java Key store and Bouncy Castle APIs
The library will contain access to the following SSCDs:
- Smartphone with UICC SIM Card
- Smartphone with eUICC i.e eSIM
- Smartphone app with keys in HSM
- Trusted Execution Environment (TEE)
MUSAP project will deliver an interface is called as Unified Signature API (USAPI) Library, which:
- eases developers to build services with different level of assurances
- eases public key infrastructure for managing and discovering key material
- eases end users ability to control their key security
- simplifies the development process, reduce costs, and accelerate time-to-market for new eID applications
Methics will create an open-source implementation that combines multiple SSCD technologies, while providing a middleware interface called Unified Signature API (USAPI) Library. USAPI will form a common Signature Profile for the device. As the client relies on existing standards and architecture to interface multiple SSCD technologies.
MUSAP will have 4 deliverables as a part of NGI Trustchain requirements.
NGI funded MUSAP is expected to have several positive impacts for NGI technologies, TRUSTCHAIN and Digital Identities once successfully implemented. These impacts can be summarized as below:
- Bridge between Centralized and Decentralized identities: Identity services for citizens may use centralized or decentralized identities. Enrolling new identities or Verifiable Credentials (VCs) are independent of the SSCD technology.
- Improved user control and privacy: Project will allow users to have multiple digital identities with different levels of assurance for different use cases. This will give users more control over their online presence and enable them to manage their privacy and security more effectively. Users have a flexibility to define their private keys.
- Improved interoperability: The proposed solution aims to ensure that identities issued will be interoperable across the EU. This means that different identities can be verified and authenticated by other providers, improving the overall interoperability of digital identities.
- Impact at European level: USAPI Library utilizes European Security standards and concepts. In this project, Methics promote their usage.
MUSAP will be developed in cooperation with NGI community and Methics partners. MUSAP will be developed keeping “API-as-a-product” mindset. Where resulting Unified Signature API Library will be based on user-centric design principles, open-source implementation with examples and comprehensive documentation.
MUSAP is a NGI TRUSTCHAIN funded project aiming to deliver an Open-Source Unified Signature API Library. Methics team applied and won grant under NGI TRUSTCHAIN Open Call 1 process. This project has received funding from the European Union’s Horizon 2020 research and innovation program through the NGI TRUSTCHAIN program under cascade funding agreement No. 101093274.