Auflistung P277 - Open Identity Summit 2017 nach Autor:in "Fritsch, Lothar"
1 - 10 von 16
Treffer pro Seite
Sortieroptionen
- TextdokumentA Comparison of Payment Schemes for the IoT(Open Identity Summit 2017, 2017) Bohli, Jens-Matthias; Dietrich, Aljoscha; Petrlic, Ronald; Sorge, ChristophTechnologies for the IoT have reached a high level of maturity, and a large-scale deployment will soon be possible. For the IoT to become an economic success, easy access to all kinds of real-world information must be enabled. Assuming that not all services will be available for free, an IoT infrastructure should support access control, accounting, and billing. We analyze available access control and payment schemes for their potential as payment schemes in the IoT. In addition to security and privacy, we discuss suitability for direct client to sensor communication and efficiency. We show shortcomings of existing protocols that need to be addressed by future research.
- TextdokumentDerived Partial Identities Generated from App Permissions(Open Identity Summit 2017, 2017) Fritsch, Lothar; Momen, NurulThis article presents a model of partial identities derived from app permissions that is based on Pfitzmann and Hansen’s terminology for privacy [PH10]. The article first shows how app permissions accommodate the accumulation of identity attributes for partial digital identities by building a model for identity attribute retrieval through permissions. Then, it presents an experimental survey of partial identity access for selected app groups. By applying the identity attribute retrieval model on the permission access log from the experiment, we show how apps’ permission usage is providing to identity profiling.
- TextdokumentDesign and Implementation Aspects of Mobile Derived Identities(Open Identity Summit 2017, 2017) Träder, Daniel; Zeier, Alexander; Heinemann, AndreasWith the ongoing digitalisation of our everyday tasks, more and more eGovernment services make it possible for citizens to take care of their administrative obligations online. This type of services requires a certain assurance level for user authentication. To meet these requirements, a digital identity issued to the citizen is essential. Nowadays, due to the widespread use of smartphones, mobile user authentication is often favoured. This naturally supports two-factor authentication schemes (2FA). We use the term mobile derived identity to stress two aspects: a) the identity is enabled for mobile usage and b) the identity is somehow derived from a physical or digital proof of identity. This work reviews 21 systems and publications that support mobile derived identities. One subset of the considered systems is already in place (public or private sector in Europe), another subset is subject to research. Our goal is to identify prevalent design and implementation aspects for these systems in order to gain a better understanding on best practises and common views on mobile derived identities. We found, that research prefers storing identity data on the mobile device itself whereas real world systems usually rely on cloud storage. 2FA is common in both worlds, however biometrics as second factor is the exception.
- TextdokumentAn explorative approach on the impact of external and organizational events on information security(Open Identity Summit 2017, 2017) Ajazaj, Ilirjana; Kurowski, SebastianThis contribution aims at the research question on which observable organizational events occur prior to an information security incident, and how these may relate to the organization. It therefore uses a dataset that was built using Google News, and the list of data breaches from [Mc17] to analyse which organizational events occur most often. It provides a categorization of these events, which were built by using a grounded theory approach. On the other hand, causal chains are constructed by sing the sociologic system theory and constructivism. Both, the causal chains and the organizational event categories are applied together within this contribution to discuss, the likelihood of the causalities of the occurred events. However, events, such as financial gains also exhibit a higher occurrence prior to an information security incident. This contribution is a speculative, yet first approach on this question. Further research will focus on refining the constructed causalities.
- TextdokumentHarmonizing Delegation Data Formats(Open Identity Summit 2017, 2017) Wagner, Georg; Omolola, Olamide; More, StefanDelegations are an integral part of daily transactions. A delegation is the process of authorizing one entity to act on behalf of another. For the delegation to work, the claim that an entity is authorized to act on behalf of another entity needs to be verified. Verifying an analog delegation can be done by checking if the name of a user is on a list of authorized persons. In contrast, in electronic transactions the implementation of a delegation and its verification can be a difficult task. A user logging into a system or signing documents with an electronic signature involving a delegation may be required to show this delegation within the signature. This delegation needs to be discovered and verified during the transaction. Many solutions using eXtensible Markup Language (XML) have been proposed to represent delegations; unfortunately, most of these schemes are designed to be used for one specific domain. In this paper, we propose a delegation scheme that fills this gap by providing a general representation for delegation that can be easily extended to different domains.
- TextdokumentA Mechanism for Discovery and Verification of Trust Scheme Memberships: The Lightest Reference Architecture(Open Identity Summit 2017, 2017) Roßnagel, HeikoElectronic transactions are an integral component of private and business life. For this purpose, a certification of trustworthy electronic identities supported from authorities is often required. Within the EU-funded LIGHTest project, a global trust infrastructure based on DNS is built, where arbitrary authorities can publish their trust information. A high level description of the LIGHTest reference architecture is presented. Then, the Trust Scheme Publication Authority, which enables discovery and verification of trust scheme memberships is introduced.
- TextdokumentA meta-heuristic for access control test data creation in access control model testing(Open Identity Summit 2017, 2017) Winterstetter, Matthias; Kurowski, SebastianUser to Document Access data is in most cases protected and as such difficult to acquire for research purposes. This work seeks to circumvent this problem by creating research data on the basis of reference processes through the evolutionary Algorithm. Data created through this method, while not as accurate as real data, still has it’s foundation in reality through the reference process and can as such be used as a replacement.
- TextdokumentOpen ecosystem platforms for assistants and IoT-devices: a look into corporate practice(Open Identity Summit 2017, 2017) Fähnrich, Nicolas; Kubach, MichaelPlatforms are becoming an increasingly important part of today’s and future innovations. However, from a privacy and security, as well as from a societal perspective, closed proprietary platforms, the currently dominant form, possess certain potentially problematic features. This is why many call for open ecosystem approaches that so far have had only limited success on the market. In order to design an open ecosystem platform in a way that is attractive to companies, we therefore analyze the role platforms and related aspects play in companies’ strategies. This is achieved through an analysis of the annual corporate reports of large companies. Results show that platforms are a common topic in all industry sectors, with closed proprietary approaches prevailing. This illustrates that open ecosystem approaches are still hardly considered by the big industry players and more efforts are needed to make them economically attractive.
- TextdokumentPassword Assistance(Open Identity Summit 2017, 2017) Horsch, Moritz; Braun, Johannes; Buchmann, JohannesFor decades, users are not able to realize secure passwords for their user accounts at Internet services. Users’ passwords need to fulfil general security requirements and the password requirements of services. Furthermore, users need to cope with different password implementations at services. Finally, users need to perform a multitude of tasks to properly manage their large password portfolios. This is practically impossible. In this paper, we introduce the vision of a password assistant. It supports users in all duties and tasks with regard to their passwords, from the creation of secure passwords to the recovery of them in case of loss. Moreover, it provides an extensive automatization of all password tasks that reduces the users’ efforts and activities to deal with passwords to a minimum. A password assistant enables high security for passwords as well as improves their ease of use. First, we provide a detailed description of the problem of users to realize secure passwords for their accounts in practice. Second, we outline the vision of a password assistant, describe its technical foundation, and introduce the related open-source project starting to realize the first password assistant.
- TextdokumentPrivacy dark patterns in identity management(Open Identity Summit 2017, 2017) Fritsch, LotharThis article presents three privacy dark patterns observed in identity management. Dark patterns are software design patterns that intentionally violate requirements, in the given case privacy requirements for identity management. First, the theoretical background is presented, and then next, the observed patterns are documented, described and formalized. The resulting dark patterns show how security is used as obfuscation of data collection, how the seemingly harmless collection of additional data is advertised to end users, and how the use of anonymization technology is actively discouraged by service providers.