TANGO Webinar Replay: Privacy-Preserving and Trust Management

Reply of TANGO webinar
17 July, 2025
Mpampis Chatzimallis, (The Lisbon Council asbl) Peter Koller, Ladan Raeisian, Nelia Zinatullina (eco – Association of the Internet Industry)

 

On 10 July 2025, the “TANGO Deep Dive on Privacy-Preserving and Trust Management Technologies” webinar was co-organised by the TANGO project and eco – Association of the Internet Industry. The session attracted participants from academia, industry, and public institutions and highlighted TANGO’s progress in creating a secure, modular, and energy-efficient framework for data sharing.

Moderated by Mpampis Chatzimallis, Senior Research Associate at The Lisbon Council asbl, the webinar featured presentations from eight speakers and included interactive discussions on technical and policy implications.

Welcome and Introduction

Tomás Pariente Lobo, TANGO coordinator and applied AI team leader at EVIDEN, opened the webinar by outlining TANGO’s mission to develop a holistic framework that balances privacy, security, and environmental responsibility. He emphasised the importance of modularity in the architecture, enabling tailored solutions for varied use cases. With 37 partners across 14 countries, TANGO aims to position Europe at the forefront of trusted data-sharing initiatives.

He noted that TANGO leverages existing standards like Gaia-X and IDSA while extending capabilities through advanced cryptographic techniques and AI-driven authentication.

TANGO’s Technical Architecture

Ilias Syrigos from the University of Thessaly presented the TANGO’s reference architecture which is structured into three layers: Trust, Management, and User. He detailed how the FIWARE Data Space Connector enables decentralised, secure data exchange without reliance on central servers.  This connector hosts containerised applications within the Kubernetes environment, supporting interoperability and scalability.

The architecture’s integration with GDPR and other European standards ensures compliance while providing a flexible framework for new technology offerings.

WP3: Distributed Privacy-Preserving Data Management and Storage

 In this part, Dazhuang Liu from the Delft University of Technology examined WP3’s multi-faceted approach to secure data management. Key highlights included:

  • Blockchain-based Storage: Utilising the Fides platform to ensure data integrity and traceability.
  • Trustworthiness Scoring Module (TSM): Dynamically evaluating data sharing risks and partner reliability.
  • Confidentiality by Design: Combining CP-ABE encryption and XACML for granular access control.
  • Self-Encryption Techniques: Automatic key generation derived from the data itself, enabling user-centric privacy.

Legal guidance was provided to align technical implementations with GDPR requirements, extending confidentiality principles to both personal and non-personal data.

Deep Dive: Trustworthy Data Sharing (PDP/PEP)

Natalia Borgoñós García, University of Murcia explored advanced mechanisms for enforcing trust in distributed data sharing. Borgoñós highlighted how Policy Decision Points (PDP) and Policy Enforcement Points (PEP) integrate with verifiable credentials and zero-knowledge proofs. The component acts as a gatekeeper for information and data flows within the TANGO framework and is a critical part of enforcing access control in TANGO, ensuring that only authorised users can access sensitive resources based on defined policies. She concluded her presentation with a usage example. 

WP4: Distributed Trust Management Framework

Tomás Pariente Lobo detailed innovations within TANGO’s work package 4, including:

  • Self-Sovereign Identity (SSI): Supporting issuance and verification of verifiable credentials.
  • Seamless Onboarding (SOUD): Utilising ePassports for secure, remote identity verification.
  • Behavioral Authentication: Continuous monitoring of user and device behaviour for real-time security.
  • Side-Channel Attack Hardening: Countermeasures to protect cryptographic systems from physical data leakage.

Deep Dive: Seamless Onboarding for Users and Devices (SOUD)

Presented by Stefanos Heikki Panagiotou, Quadible, it was demonstrated how SOUD streamlines the onboarding process by transforming a physical ID into Verifiable Credentials for use via SSI. This addresses the growing demand for a secure, user-centric identity verification without a manual, physical ID check. The solution integrates advanced AI models for OCR, Blurriness and liveness detection as well as face matching to verify the user and to enhance user experience and security for both human users and IoT devices. 

Deep Dive: Self-Sovereign Identity Management

Ross Little from EVIDEN presented the approach and implementation of TANGO’s SSI Wallet, emphasising interoperability with EU Digital Identity Wallet specifications. Zero-Knowledge Proofs allow selective information disclosure, bolstering privacy while ensuring data integrity.

Live demonstrations showcased the wallet’s role in managing ePassport, employee, and IoT credentials.

Q&A 

The webinar concluded with an engaging Q&A session. Topics included the practical integration of TANGO components, compliance challenges in multi-jurisdictional settings, and pathways for open-source adoption.