The PARADISE project set out to design and implement a secure, privacy‑aware identity and access management (IAM) architecture for anti‑doping use cases. Fraunhofer AISEC led the technical effort, coordinating the development of IAM components, the integration of partner modules, and the deployment of a demonstrator system. The architecture is built on a Docker‑based microservice stack, enabling independent deployment of components supplied by the consortium partners. Key security mechanisms include OAuth2 with OpenID‑Connect for federated identity, User‑Managed Access (UMA) for fine‑grained data sharing, and a geolocation‑based authorization module that extends XACML‑RBAC to support location‑aware policies. TLS/SSL is employed throughout the demonstrator infrastructure to secure all web interfaces.
During the implementation phase (AP3), Fraunhofer AISEC established a version‑controlled development cycle using git branches and continuous integration pipelines. Dedicated “developer” and “demo” instances of the PARADISE system were maintained to allow rapid iteration and testing. The team also designed a decentralized authorization concept to accommodate the complex trust and role structures inherent in anti‑doping operations. These concepts were formally documented and partially integrated into the demonstrator, while remaining research outputs were published in peer‑reviewed venues.
User‑centric evaluation (AP4) involved a usability study conducted on 24–25 July 2017 in Gilching near Munich. Athletes and anti‑doping control officers interacted with the system, providing feedback that was systematically analyzed and fed back into subsequent development iterations. The study’s findings guided refinements to the user interface and the underlying authorization logic. No explicit quantitative performance metrics were reported in the final report; however, the demonstrator was deemed ready for a public demonstration, indicating that functional and security requirements were satisfied.
Fraunhofer AISEC also collaborated closely with partner institutions on data protection and privacy (AP2). Working with ULD, the team developed a privacy policy specification that defines which athlete data and actions are logged and queryable. A comprehensive identity‑attribute and role model was created in partnership with gekko GmbH, formalizing the decentralized trust relationships required for anti‑doping workflows. These privacy and security specifications were incorporated into the system design and served as the basis for the IAM implementation.
Knowledge exchange (AP5) was a core component of the project. Intermediate results were disseminated through presentations at relevant scientific conferences and publications in established journals, thereby raising the visibility of the project’s contributions to the broader research community. The consortium’s collaborative structure involved multiple German research institutes—FIT, Uniscon, TU Berlin, TUB, and others—each contributing specialized modules such as geofencing, role‑based authorization protocols, and TLS/SSL infrastructure. Fraunhofer AISEC provided both technical and organizational support for pilot tests and evaluations, ensuring that the system met the stringent requirements of anti‑doping authorities.
The PARADISE project was funded under an EU Horizon 2020 framework, with a project duration spanning several years. Throughout its lifecycle, the consortium maintained a tight integration of legal, technical, and user‑experience considerations, culminating in a demonstrator that showcases a robust, privacy‑preserving IAM solution tailored to the unique demands of anti‑doping operations.