Auflistung nach:
Auflistung P350 - Open Identity Summit 2024 nach Titel
1 - 10 von 20
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragAccountable Banking Transactions(Open Identity Summit 2024, 2024) Mödersheim, Sebastian; Chen, SiyuThis paper shows how to apply the idea of Three branches of Accountability by Mödersheim and Cuellar to make banking transactions accountable, i.e., neither can the customer later deny to have placed the order, nor can the bank execute a transaction that the customer did not order. This is done in a general way that deliberately gives freedom to instantiate the system in several different ways, as long as it follows a few basic principles, and we show accountability holds in every instance.
- KonferenzbeitragDetermining the Efficiency of Mitigations Based on Covered Threats(Open Identity Summit 2024, 2024) Winterstetter, MatthiasPrioritization of threats is an important skill for experts working in the cybersecurity field. With daily new discovered threats and a variety of tools providing information, warnings, and alerts, it is essential for experts working in cybersecurity to identify the most important warnings and threats and handle them efficiently to stay ahead of the growing competence, organization, and size of threat groups. To assist cybersecurity experts with these tasks, this paper provides an approach covering six steps that can be used to determine the efficiency of mitigations for a system under consideration. To this end, this paper describes a straightforward approach and provides an example in which it has already been used.
- KonferenzbeitragEconomically Viable Identity Ecosystems: Value Capture and Market Strategies(Open Identity Summit 2024, 2024) Kubach, Michael; Roßnagel, HeikoPrevailing digital identity solutions are facing widespread dissatisfaction, prompting political and business stakeholders to advocate for the development of novel identity (ID) ecosystems. This paper diverges from the traditional focus on the usability, security, and privacy shortcomings of current solutions, directing attention instead to the economic dimensions that are critical for the successful adoption of digital identity management (IdM) systems. The analysis extends beyond the incentives for end-user adoption, considering the roles, motivations, and ability of other key stakeholders to capture value through the ecosystem, particularly service providers, who are anticipated to be the primary financial contributors to ID services. This examination leads to the pivotal inquiry of whether a market for digital identities can materialize and what strategies for market entry could be viable, especially in scenarios involving public sector participation.
- KonferenzbeitragEvaluating the evaluation criteria for account-recovery procedures in passwordless authentication(Open Identity Summit 2024, 2024) Keil, Manuel; Zugenmaier, AlfPasswordless authentication avoids the weaknesses of password based authentication such as guessable passwords and password reuse. However, when passwordless authentication becomes impossible for the user, e.g. due to loss of the security token, an account recovery method has to be used. Kunke et al. [Ku21] analysed these recovery mechanisms in respect of criteria they extracted from the literature. However, these criteria in the literature were based on researchers’ opinions and were not grounded in practical experience.To achieve this grounding, semi-structured interviews were conducted with practitioners in various industries. These experts were asked to rate the existing criteria and contribute additional criteria if required. The result is a weighted list of criteria that can be used in future to evaluate account recovery procedures.
- KonferenzbeitragEvaluating the Good Practices of User Experience for Mobile and Electronic Governmental Services(Open Identity Summit 2024, 2024) Sellung, Rachelle; Kiss, LennartWith digitalization in the focus of governmental services for citizens, mobile services need to provide users with a good user experience and usability to encourage greater user acceptance. [SHB22] defined ten Good Practices to support greater User Experience and Usability for Mobile Governmental Services. These Good Practices are evaluated and validated in this paper by a User Study that consisted of Qualitative and Quantitative results. Good practices of user experience can help impact and support the integration of the basic user experience needs into thetechnical development processes for future digitalization of mobile governmental services.
- KonferenzbeitragFulfilling Principles of Self-Sovereign Identity: Towards a Conformity Assessment Approach for Human Wallets(Open Identity Summit 2024, 2024) Doege, Dustin; Bochnia, Ricardo; Anke, JürgenSelf-Sovereign Identity (SSI) represents a paradigm shift toward user-centric digital identity management by emphasizing principles such as user control and privacy. However, there is a notable gap in assessing how these principles are implemented within existing SSI products despite the ongoing research interest in the theoretical principles of SSI. Our research introduces a structured conformity assessment approach to bridge the gap between theoretical ideals and practical implementation. This approach enables the assessment of SSI products based on fulfilling requirements derived from SSI principles. This provides developers and policymakers with a tool to assess the adherence of SSI products to the fundamental principles. Thus, it may serve developers as a design guideline and policymakers as a basis for certification processes.
- KonferenzbeitragGaining Back the Control Over Identity Attributes: Access Management Systems Based on Self-Sovereign Identity(Open Identity Summit 2024, 2024) Keil, Kenneth-Raphael; Bochnia, Ricardo; Gudymenko, Ivan; Köpsell, Stefan; Anke, JürgenDigital employee cards used for door access control offer benefits, but concerns about traceability, profiling and performance monitoring have led to opposition from workers’ councils and employees. However, the emerging identity management approach, Self-Sovereign Identity (SSI), can address these concerns by giving control over disclosed identity attributes back to the end user. This paper analyzes a real-world access management scenario in a hospital building and applies the SSI paradigm to address the identified issues. The analysis assumes a semi-honest observing attacker sniffing on the payload and the transport layer. The SSI-based proof of concept is shown to have a high potential to protect against traceability and profiling. However, in addition to the careful technical implementation of SSI, it is important to consider non-technical factors such as governance for a holistic solution. We propose potential strategies to further minimize privacy risks associated with SSI-based employee identity management using mediators.
- KonferenzbeitragGRAIN: Truly Privacy-friendly and Self-sovereign Trust Establishment with GNS and TRAIN(Open Identity Summit 2024, 2024) Schanzenbach, Martin; Nadler, Sebastian; Johnson Jeyakumar, Isaac HendersonRobust and secure trust establishment is an open problem in the domain of self-sovereign identities (SSI). The TRAIN [KR21] concept proposes to leverage the security guarantees and trust anchor of the DNS to publish and resolve pointers to trust lists from DNS. While the DNS is a corner stone of the Internet, its continued use is primarily a consequence of inertia due to its crucial function as the address discovery system for existing Internet services. Research and development in the area of SSI is — for the most part — green field. The choice of DNS as a core building block appears fainthearted given its open security issues. Recently, the IETF paved the way to experiment with alternative name systems in real world deployments by reserving the special-use top-level domain “.alt” in the domain name space [KH23]. This allows us to use alternative name systems such as the GNU Name System (GNS) [SGF23a] without intruding into the domain name space reserved for DNS. In this paper, we show how we can use the GNS as a drop-in replacement for DNS in TRAIN. We show how TRAIN-over-GNS (GRAIN) can deliver security and privacy improvements the security concept of TRAIN-over DNS and show that it is practically feasible with limited modifications of existing software stacks.
- KonferenzbeitragHyperledger Indy Besu as a permissioned ledger in Selfsovereign Identity(Open Identity Summit 2024, 2024) Shcherbakov, AlexanderSelf-sovereign Identity (SSI) represents an approach to digital identity that prioritizes privacy and empowers individuals to maintain control over the information associated with their identity. This approach aligns with GDPR and similar regulations and is gaining adoption across various governments, non-profit organizations, and commercial entities worldwide. A foundational element in SSI is a Verifiable Data Registry (VDR), which serves as a trusted repository for registering and accessing public keys, schemas, identifiers, and other data. A natural choice for a VDR is a distributed ledger or blockchain. Among the most stable and popular frameworks for SSI is Hyperledger Indy. Indy includes a custom implementation of a public permissioned ledger as a VDR. The Indy community has been developing a new experimental approach for a VDR in Indy: a permissioned ledger based on Hyperledger Besu. In this paper, we are going to discuss the importance, benefits, and technical details of this initiative.
- KonferenzbeitragLearnings from a Guided Method for Experience Design: Psychological Needs in the Context of the Privacy Value(Open Identity Summit 2024, 2024) Krueger, Anne Elisabeth; Brandenburg, StefanThis position paper introduces a guided method for experience design that addresses the importance and challenge of considering the rather abstract psychological (user) needs and values as input for creative ideation processes of interactive systems. We present exemplary empirical results from the application of the method concerning the value of privacy, revealing how needs and values can become tangible for user experience designers. Also, interdependencies between the value of privacy and psychological needs, and between the concepts of psychological needs and values in general, were identified by applying the guided experience design method. Learning about the connections of needs and values provide valuable insights for experience design, which are discussed in the paper and should be further explored.