Tarides project SCoP is selected as one of the brightest Data Portability projects in Europe!by Céline Laplassotte on Apr 30th, 2021
Tarides is taking part in the Data Portability & Services Incubator (DAPSI), a 3-year EU funded project that empowers internet innovators to develop new solutions in the Data Portability field.
The Data Portability and Services Incubator (DAPSI) is an EU funded project, under the European Commission’s Next Generation Internet (NGI) initiative. The aim of this initiave is to empower top internet innovators to develop human-centric solutions. DAPSI addresses the challenge of personal data portability on the internet, as foreseen under the GDPR and make it significantly easier for citizens to have any data which is stored with one service provider transmitted directly to another provider.
Take a look at the DAPSI innovators portfolio to see more information about the selected projects.
Our project, called SCoP for Secure-by-design Communication Protocols, is taking part in the DAPSI to tackle data portability issues in communication services.
Over the past few decades, the usage of emails has been massively widespread by both individuals and companies. Billions of emails are sent every day and this number is expected to increase to reach 333 billion of emails exchanged daily in 2022. Moreover, as managing internet communication stacks have become increasingly complex, end-users have tended to entrust this task to third-party companies like Google and Microsoft. Furthermore, existing implementations of these communication services rely on ad-hoc methodologies and memory-unsafe languages, where minor developer errors can easily escalate into major security flaws. The centralization of these communication services means that a single successful attack leads to major personal data breaches.
To fix this issue, our project aims to engineer a modern basis for open messaging that supports existing protocols such as emails but is also extensible and customizable for emerging protocols such as matrix. We will be building trustable implementations of these open protocols using type-safe languages and we will deploy these implementations as specialized, secure and resource efficient unikernels. They will become the basis of the communication system of OSMOSE, Tarides’ commercial solution for secure-by-design IoT infrastructure.
Every component of that system will be carefully designed as independent libraries, using modern development techniques to avoid the common reported threats and flaws. For instance, the implementation of protocol parsers and serializers will be written in a type-safe language and will be using fuzzing, e.g state-of-the-art coverage-driven tests. The combination of these techniques will increase users’ trust to migrate their personal data to these new secure services.
Moreover, these techniques are also useful to produce a large and reusable corpus of test materials, which we plan to release separately for other implementations to use. It will give the tools to other developers to write the next generation of messaging applications by extending the existing protocols with more confidence.
Would you like to hear more about the project? Or want to deploy our solution? This project will build on a number of existing components in MirageOS, such as MrMime and Irmin, so feel free to contribute to these existing components! Please reach out to firstname.lastname@example.org.