Auflistung nach:
Auflistung P237 - Open Identity Summit 2014 nach Erscheinungsdatum
1 - 10 von 15
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragSecure cloud computing with skidentity: A cloud-teamroom for the automotive industry(Open Identity Summit 2014, 2014) Kubach, Michael; Özmü, Eray; Flach, GuntramA major security-challenge in the automotive industry is to enable the secure and flexible engineering cooperation with changing partners in complex development projects. Therefore an effective interorganizational identity management is needed to control access to cooperative development platforms. This identity management has to be based on reliable identification of engineers of various partners with different credentials. The SkIDentity-Project, that aims to build trusted identities for the cloud, addresses this scenario. By integrating the existing components, services and trust infrastructures into a comprehensive, legally valid and economically viable identity infrastructure the technology enables to provide trusted identities for the cloud and secure complete business processes and value chains. One pilot-application of the project is the “Cloud-Teamroom for the Automotive Industry”. It is adjusted to the specific requirements of the value chains in the automotive industry. Thanks to the SkIDentity-Technology, and via the so-called eID-Broker, engineers from different partners can access the cloudteamroom. For the required strong authentication they can use the credentials that are already available in their company. This paper presents the SkIDentitytechnology and exemplifies it by means of the pilot-application.
- Editiertes BuchOpen Identity Summit 2014(2014)
- KonferenzbeitragEidas as guideline for the development of a pan European eid framework in futureid(Open Identity Summit 2014, 2014) Cuijpers, Colette; Schroers, JessicaThis paper addresses the Regulation on Electronic transactions in the internal market: electronic identification and trust services (eIDAS) and analyses this regulatory framework in relation to the pan European eID infrastructure being developed in the FutureID project. The aim of this paper is to identify if eIDAS sets forward any legal requirements that need to be implemented in the FutureID infrastructure. Even though the focus of this paper is on the development of the FutureID infrastructure, the description of eIDAS and the analysis of its main requirements for technical developers are in general relevant to the development of online identification and authentication schemes.
- KonferenzbeitragAnalyzing the state-of-the-art of scientific publications on identity management: is there an economic perspective?(Open Identity Summit 2014, 2014) Fähnrich, Nicolas; Kubach, MichaelAlthough sophisticated identity management (IdM) technologies have been developed for quite a while, they are not as broadly used as could be expected - in the corporate but especially in an end-user context. Some authors have argued that the reason for this lack of diffusion is not to be found in technological or privacy shortcomings. Rather, it is attributed to the disregard of an economic perspective in the research on IdM and the development of IdM-technologies. This argument, has so far not been scrutinized in a systematic way. Therefore, this article performs a literature analysis of scientific publications to analyze whether there is indeed a lack of publications on IdM that employ an economic perspective. The results of the analysis seem to support the argument that the economic perspective is neglected in the current research on IdM.
- KonferenzbeitragApproach to vendor authentication(Open Identity Summit 2014, 2014) Houdeau, Detlef; Meher, Amit Kumer
- KonferenzbeitragMaking authentication stronger and more cost efficient with web of trust(Open Identity Summit 2014, 2014) Hulsebosch, Bob; Wegdam, Maarten; Oostdijk, Martijn; Dijk, Joost Van; Wijnen, Remco Poortinga - VanSolid registration processes for identity registration including proofing, vetting and binding are essential for strong authentication solutions. Solid typically implies a face-2-face component in the registration process, which is expensive and not user friendly. Alternatives that rely on remote registration often result in weak binding or are overly complex. We propose a web of trust approach in which users can indicate trust in the identity of other users. It combines the best of remote and physical registration practices. There is no need for a physical registration desk as other users in the web of trust take over the identification task. This paper describes how to achieve web of trust enhanced authentication assurance.
- KonferenzbeitragSAML Privacy-Enhancing Profile(Open Identity Summit 2014, 2014) Horsch, Moritz; Tuengerthal, Max; Wich, TobiasWe present the SAML Privacy-Enhancing (PE) profile which empowers users to take control of the authentication process and their personal data. Users have the full control of the application flow and get detailed information about the involved participants and the revealed attributes. This enables users to give informed consent for the authentication. The new profile builds on well-established standards and technologies. We use the common SAML Authentication Request and provide the additional information as extensions based on SAML Metadata.
- KonferenzbeitragStrengthening Web Authentication through TLS - Beyond TLS Client Certificates(Open Identity Summit 2014, 2014) Mayer, Andreas; Mladenov, Vladislav; Schwenk, Jörg; Feldmann, Florian; Meyer, ChristopherEven though novel identification techniques like Single Sign-On (SSO) are on the rise, stealing the credentials used for the authentication is still possible. This situation can only be changed if we make novel use of the single cryptographic functionality a web browser offers, namely TLS. Although the use of client certificates for initial login has a long history, only two approaches to integrate TLS in the session cookie mechanism have been proposed so far: Origin Bound Client Certificates in [DCBW12], and the Strong Locked Same Origin Policy (SLSOP) in [KSTW07]. In this paper, we propose a third method based on the TLS-unique API proposed in RFC 5929 [AWZ10]: A single TLS session is uniquely identified through each of the two Finished messages exchanged during the TLS handshake, and RFC 5929 proposes to make the first Finished message available to higher layer protocols through a novel browser API. We show how this API can be used to strengthen all commonly used types of authentication, ranging from simple password based authentication and SSO to session cookie binding.
- KonferenzbeitragUsing a whatsapp vulnerability for profiling individuals(Open Identity Summit 2014, 2014) Kurowski, SebastianThis paper aims at raising awareness on the issue of using unfixed vulnerabilities for targeted attacks in order to harness private or even corporate information. We demonstrate an attack by using a well-known, yet not fixed whatsapp vulnerability, enabling us to eavesdrop the cell-phone number of a victim. We identified the concrete states, in which whatsapp leaks the cell-phone number of a victim. By using a volunteering individual, we demonstrate the feasibility of profiling the individual and provide further steps on how to disclose private and corporate information by using the leaked cell-phone number and the profiled information to introduce the adversary into a trust relationship with the victim. Once the victim trusts the adversary, social phishing can be used to retrieve further private or even corporate information.
- KonferenzbeitragTowards a seamless digital Europe: the SSEDIC recommendations on digital identity management(Open Identity Summit 2014, 2014) Talamo, Maurizio; Ramachandran, Selvakumar; Barchiesi, Maria-Laura; Merella, Daniela; Schunck, ChristianThe SSEDIC (“Scoping the Single European Digital Identity Community”) thematic network has concluded an intensive 3-year consultation period together with over 200 European and international digital identity management experts and many stakeholder organizations to establish recommendations that address key issues regarding the usability and interoperability of electronic identity management solutions. The resulting recommendations are presented in this paper and should support the Eu- ropean Commission as well as other public and private stakeholders to set priorities for the path towards a Single European Digital Identity Community and the Horizon 2020. The key areas that need to be addressed as a priority are: mobile identity, attribute usage, authentication, and liability.