Logo des Repositoriums

Auflistung nach Autor:in "Somorovsky, Juraj"

1 - 2 von 2
  • Konferenzbeitrag
    Futuretrust - future trust services for trustworthy global transactions
    (2016) Hühnlein, Detlef; Frosch, Tilman; Schwenk, Joerg; Piswanger, Carl-Markus; Sel, Marc; Hühnlein, Tina; Wich, Tobias; Nemmert, Daniel; Lottes, René; Somorovsky, Juraj; Mladenov, Vladislav; Condovici, Cristina; Leitold, Herbert; Stalla-Bourdillon, Sophie; Tsakalakis, Niko; Eichholz, Jan; Kamm, Frank-Michael; Kühne, Andreas; Wabisch, Damian; Dean, Roger; Shamah, Jon; Kapanadze, Mikheil; Ponte, Nuno; Martins, Jose; Portela, Renato; Karabat, Çağatay; Stojičić, Snežana; Nedeljkovic, Slobodan; Bouckaert, Vincent; Defays, Alexandre; Anderson, Bruce; Jonas, Michael; Hermanns, Christina; Schubert, Thomas; Wegener, Dirk; Sazonov, Alexander
    Against the background of the regulation 2014/910/EU [EU1] on electronic identification (eID) and trusted services for electronic transactions in the internal market (eIDAS), the FutureTrust project, which is funded within the EU Framework Programme for Research and Innovation (Horizon 2020) under Grant Agreement No. 700542, aims at supporting the practical implementation of the regulation in Europe and beyond. For this purpose, the FutureTrust project will address the need for globally interoperable solutions through basic research with respect to the foundations of trust and trustworthiness, actively support the standardisation process in relevant areas, and provide Open Source software components and trustworthy services which will ease the use of eID and electronic signature technology in real world applications. The FutureTrust project will extend the existing European Trust Service Status List (TSL) infrastructure towards a “Global Trust List”, develop a comprehensive Open Source Validation Service as well as a scalable Preservation Service for electronic signatures and seals. Furthermore it will provide components for the eID-based application for qualified certificates across borders, and for the trustworthy creation of remote signatures and seals in a mobile environment. The present contribution provides an overview of the FutureTrust project and invites further stakeholders to actively participate as associated partners and contribute to the development of future trust services for trustworthy global transactions.
  • Textdokument
    Security Analysis of XAdES Validation in the CEF Digital Signature Services (DSS)
    (Open Identity Summit 2019, 2019) Engelbertz, Nils; Mladenov, Vladislav; Somorovsky, Juraj; Herring, David; Erinola, Nurullah; Schwenk, Jörg
    Within the European Union (EU), the eIDAS regulation sets legal boundaries for crossborder acceptance of Trust Services (TSs) such as Electronic Signatures. To facilitate compliant implementations, an open source software library to create and validate signed documents is provided by the eSignature building block of the Connecting Europe Facility (CEF). We systematically evaluated the validation logic of this library with regards to XML-based attacks. The discovered vulnerabilities allowed us to read server files and bypass XML Advanced Electronic Signature (XAdES) protections. The seriousness of the vulnerabilities shows that there is an urgent need for security best-practice documents and automatic security evaluation tools to support the development of security-relevant implementations.