Auflistung P305 - Open Identity Summit 2020 nach Erscheinungsdatum
1 - 10 von 19
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragCriteria for trustworthy digital transactions - Blockchain/DLT between eI-DAS, GDPR, Data and Evidence Preservation(Open Identity Summit 2020, 2020) Kusber, Tomasz; Schwalm, Steffe; Shamburger, Kalinda; Korte, UlrikeWith the help of eIDAS [Re14], legislators have created a resilient framework in EU and EFTA to place trustworthy digital transactions more and more in the centre of business relationships. The regulated use of the trust services (e.g. qualified electronic signature or seal etc.) as well as that of the secure electronic identities provides a solid foundation for the advancement of digitization. The adequate evidence of electronic records as long as they are needed is a critical success-factor for trustworthy digital transactions. The trustworthiness of the transactions must be based on compliance with the basic values of authenticity, integrity, reliability, availability, confidentiality and transferability. After a first hype there are increasingly more considerations also in regulated industries to use DLT for digital processes which have to be accountable. In order to make them evident and to fulfil documentation requirements it is necessary that DLT fulfils the legal framework and prior art based on defined criteria for trustworthy digital transactions. This paper focuses on the challenges and requirements for utilisation of DLT for trustworthy digital processes including long-term preservation.
- KonferenzbeitragIdentification collapse - contingency in Identity Management(Open Identity Summit 2020, 2020) Fritsch, LotharIdentity management (IdM) facilitates identification, authentication and authorization in most digital processes that involve humans. Digital services as well as work processes, customer relationship management, telecommunications and payment systems rely on forms of IdM. IdM is a business-critical infrastructure. Organizations rely on one specific IdM technology chosen to fit a certain context. Registration, credential issuance and deployment of digital identities are then bound to the chosen technology. What happens if that technology is disrupted? This article discusses consequences and mitigation strategies for identification collapse based on case studies and literature search. The result is a surprising shortage of available documented mitigation and recovery strategies for identification collapse.
- KonferenzbeitragIdentity Management as a target in cyberwar(Open Identity Summit 2020, 2020) Fritsch, LotharThis article will discuss Identity Management (IdM) and digital identities in the context of cyberwar. Cyberattacks that target or exploit digital identities in this context gain leverage through the central position of IdM digital infrastructures. Such attacks will compromize service operations, reduce the security of citizens and will expose personal data - those of military personell included. The article defines the issue, summarizes its background and then discusses the implications of cyberwar for vendors and applicants digital identity management infrastructures where IdM is positioned as a critical infrastructure in society.
- KonferenzbeitragA Human Digital Twin as Building Block of Open Identity Management for the Internet of Things(Open Identity Summit 2020, 2020) Zibuschka, Jan; Ruff, Christopher; Horch, Andrea; Roßnagel, HeikoIn networked industry, digital twins aggregate product data along the entire life cycle, from design and production to deployment. This enables interoperability between different data sources and analysis functions and creates an integrated data environment. Human digital twins have the potential to create a similarly interoperable and integrated data environment for more user-centric use cases in the field of the Internet of Things. In this case, personal data is processed and transmitted; therefore, the underlying infrastructure is then not product data management but identity management. In this paper, we discuss general aspects of the human digital twin, its role in open identity management systems, and illustrate its application in the field of home, building and office automation. We identify advantages and limitations and suggest future research opportunities.
- KonferenzbeitragAutomation Potentials in Privacy Engineering(Open Identity Summit 2020, 2020) Zimmermann, ChristianThe GDPR enshrines the privacy by design paradigm in law, making sound privacy engineering methods more important than ever. Integrating automation and extensive tool support into the privacy engineering process has the potential to support organizations in streamlining the implementation of privacy and data protection by design and reducing its cost. Based on a privacy engineering reference process, this paper systematically investigates automation potential in privacy engineering. In particular, it discusses potentials and implications of automation in privacy engineering and illustrates directions for future research.
- KonferenzbeitragIoT Device Profiling: From MUD Files to S×C Contracts(Open Identity Summit 2020, 2020) Matthíasson, Guðni; Giaretta, Alberto; Dragoni, NicolaSecurity is a serious, and often neglected, issue in the Internet of Things (IoT). In order to improve IoT security, researchers proposed to use Security-by-Contract (S×C), a paradigm originally designed for mobile application platforms. However, S×C assumes that manufacturers equip their devices with security contracts, which makes hard to integrate legacy devices with S×C. In this paper, we explore a method to extract S×C contracts from legacy devices’ Manufacturer Usage Descriptions (MUDs). We tested our solution on 28 different MUD files, and we show that it is possible to create basic S×C contracts, paving the way to complete extraction tools.
- KonferenzbeitragAccountable Trust Decisions: A Semantic Approach(Open Identity Summit 2020, 2020) Schlichtkrull, Anders; Mödersheim, SebastianThis paper is concerned with the question of how to obtain the highest possible assurance on trust policy decisions: when accepting an electronic transaction of substantial value or significant implications, we want to be sure that this did not happen because of a bug in a policy checker. Potential bugs include bugs in parsing documents, in signature checking, in checking trust lists, and in the logical evaluation of the policy. This paper focuses on the latter kind of problems and our idea is to validate the logical steps of the trust decision by another, complementary method. We have implemented this for the Trust Policy Language of the LIGHTest project and we use the completely independently developed FOL theorem prover RP_X as a complementary method.
- KonferenzbeitragSelf-sovereign and Decentralized identity as the future of identity management?(Open Identity Summit 2020, 2020) Kubach, Michael; Schunck, Christian H.; Sellung, Rachelle; Roßnagel, HeikoBlockchain-based Self-sovereign and Decentralized identity approaches are seen by many as the future of identity management. These solutions are supposed to finally bring universally usable, trustworthy, secure, and privacy friendly digital identities for everyone and all use cases. This paper first presents the promises of this technological app
- KonferenzbeitragAgent-based Models as a Method to Analyse Privacy-friendly Business Models in an Assistant Ecosystem(Open Identity Summit 2020, 2020) Kubach, Michael; Fähnrich, Nicolas; Mihale-Wilson, CristinaVarious projects and initiatives strive towards designing privacy friendly open platforms and ecosystems for digital products and services. However, besides mastering technical challenges, achieving economic viability and broad market success has so far proven to be difficult for these initiatives. Based on a publicly funded research project, this study focuses on the business model design for an open digital ecosystem for privacy friendly and trustworthy intelligent assistants. We present how the agent-based modelling technique can be employed to evaluate how business models perform in various constellations of an open digital ecosystem. Thus, our work relates to the strategic choice of suitable business models as an important success factor for privacy and security-relevant technologies.
- KonferenzbeitragDigital and mobile identities(Open Identity Summit 2020, 2020) Funke, HolgerIn this paper current developments in mobile identities are described. A scalable architecture, standard future-proven technologies such as ISO/IEC 23220 and a Cryptographic Service Provider build the framework for secure, failsafe and large deployments. The building blocks specified in ISO/IEC 23220 deliver a framework that can be easily used for identities stored on secure devices such as smartphones. This paper lists a selection of outstanding projects using mobile and digital identities in the field of mobile ID. The focus is on Digital Travel Credentials (DTC) which are currently specified by the International Civil Aviation Organization (ICAO).