Logo des Repositoriums

P305 - Open Identity Summit 2020

https://dl.gi.de/handle/20.500.12116/33167
Auflistung nach:

Auflistung P305 - Open Identity Summit 2020 nach Titel

1 - 10 von 19
  • Konferenzbeitrag
    Accountable Trust Decisions: A Semantic Approach
    (Open Identity Summit 2020, 2020) Schlichtkrull, Anders; Mödersheim, Sebastian
    This paper is concerned with the question of how to obtain the highest possible assurance on trust policy decisions: when accepting an electronic transaction of substantial value or significant implications, we want to be sure that this did not happen because of a bug in a policy checker. Potential bugs include bugs in parsing documents, in signature checking, in checking trust lists, and in the logical evaluation of the policy. This paper focuses on the latter kind of problems and our idea is to validate the logical steps of the trust decision by another, complementary method. We have implemented this for the Trust Policy Language of the LIGHTest project and we use the completely independently developed FOL theorem prover RP_X as a complementary method.
  • Konferenzbeitrag
    Agent-based Models as a Method to Analyse Privacy-friendly Business Models in an Assistant Ecosystem
    (Open Identity Summit 2020, 2020) Kubach, Michael; Fähnrich, Nicolas; Mihale-Wilson, Cristina
    Various projects and initiatives strive towards designing privacy friendly open platforms and ecosystems for digital products and services. However, besides mastering technical challenges, achieving economic viability and broad market success has so far proven to be difficult for these initiatives. Based on a publicly funded research project, this study focuses on the business model design for an open digital ecosystem for privacy friendly and trustworthy intelligent assistants. We present how the agent-based modelling technique can be employed to evaluate how business models perform in various constellations of an open digital ecosystem. Thus, our work relates to the strategic choice of suitable business models as an important success factor for privacy and security-relevant technologies.
  • Konferenzbeitrag
    Automation Potentials in Privacy Engineering
    (Open Identity Summit 2020, 2020) Zimmermann, Christian
    The GDPR enshrines the privacy by design paradigm in law, making sound privacy engineering methods more important than ever. Integrating automation and extensive tool support into the privacy engineering process has the potential to support organizations in streamlining the implementation of privacy and data protection by design and reducing its cost. Based on a privacy engineering reference process, this paper systematically investigates automation potential in privacy engineering. In particular, it discusses potentials and implications of automation in privacy engineering and illustrates directions for future research.
  • Konferenzbeitrag
    Consumer Privacy Concerns and Preferences for Certification and Accreditation of Intelligent Assistants in the Internet of Things
    (Open Identity Summit 2020, 2020) Carl, Valerie; Mihale-Wilson, Cristina
    Interoperable Intelligent Assistant Systems (IAS) could help realize the advantages of the Internet of Things (IoT). Yet, due to their insufficient skill set and persistent privacy concerns on the consumers' side, such IAS experience only limited popularity. While enabling IAS to communicate and exchange data with each other could help such systems improve performance, certifications and accreditations can help build user's trust by addressing some of the consumers' privacy concerns. To better understand the incentives necessary to instigate the mass adoption of interoperable IAS, this paper presents a study exploring consumer privacy concerns and preferences for privacy certifications. The ultimate purpose of this paper is to provide certification recommendations for intelligent IoT networks in general and IAS in particular.
  • Konferenzbeitrag
    Criteria for trustworthy digital transactions - Blockchain/DLT between eI-DAS, GDPR, Data and Evidence Preservation
    (Open Identity Summit 2020, 2020) Kusber, Tomasz; Schwalm, Steffe; Shamburger, Kalinda; Korte, Ulrike
    With the help of eIDAS [Re14], legislators have created a resilient framework in EU and EFTA to place trustworthy digital transactions more and more in the centre of business relationships. The regulated use of the trust services (e.g. qualified electronic signature or seal etc.) as well as that of the secure electronic identities provides a solid foundation for the advancement of digitization. The adequate evidence of electronic records as long as they are needed is a critical success-factor for trustworthy digital transactions. The trustworthiness of the transactions must be based on compliance with the basic values of authenticity, integrity, reliability, availability, confidentiality and transferability. After a first hype there are increasingly more considerations also in regulated industries to use DLT for digital processes which have to be accountable. In order to make them evident and to fulfil documentation requirements it is necessary that DLT fulfils the legal framework and prior art based on defined criteria for trustworthy digital transactions. This paper focuses on the challenges and requirements for utilisation of DLT for trustworthy digital processes including long-term preservation.
  • Konferenzbeitrag
    Data Protection Impact Assessment in Identity Control Management with a Focus on Biometrics
    (Open Identity Summit 2020, 2020) Bisztray, Tamas; Gruschka, Nils; Mavroeidis, Vasileios; Fritsch, Lothar
    Privacy issues concerning biometric identification are becoming increasingly relevant due to their proliferation in various fields, including identity and access control management (IAM). The General Data Protection Regulation (GDPR) requires the implementation of a data protection impact assessment for privacy critical systems. In this paper, we analyse the usefulness of two different privacy impact assessment frameworks in the context of biometric data protection. We use experiences from the SWAN project that processes four different biometric characteristics for authentication purposes. The results of this comparison elucidate how useful these frameworks are in identifying sector-specific privacy risks related to IAM and biometric identification.
  • Konferenzbeitrag
    Digital and mobile identities
    (Open Identity Summit 2020, 2020) Funke, Holger
    In this paper current developments in mobile identities are described. A scalable architecture, standard future-proven technologies such as ISO/IEC 23220 and a Cryptographic Service Provider build the framework for secure, failsafe and large deployments. The building blocks specified in ISO/IEC 23220 deliver a framework that can be easily used for identities stored on secure devices such as smartphones. This paper lists a selection of outstanding projects using mobile and digital identities in the field of mobile ID. The focus is on Digital Travel Credentials (DTC) which are currently specified by the International Civil Aviation Organization (ICAO).
  • Konferenzbeitrag
    A Human Digital Twin as Building Block of Open Identity Management for the Internet of Things
    (Open Identity Summit 2020, 2020) Zibuschka, Jan; Ruff, Christopher; Horch, Andrea; Roßnagel, Heiko
    In networked industry, digital twins aggregate product data along the entire life cycle, from design and production to deployment. This enables interoperability between different data sources and analysis functions and creates an integrated data environment. Human digital twins have the potential to create a similarly interoperable and integrated data environment for more user-centric use cases in the field of the Internet of Things. In this case, personal data is processed and transmitted; therefore, the underlying infrastructure is then not product data management but identity management. In this paper, we discuss general aspects of the human digital twin, its role in open identity management systems, and illustrate its application in the field of home, building and office automation. We identify advantages and limitations and suggest future research opportunities.
  • Konferenzbeitrag
    Identification collapse - contingency in Identity Management
    (Open Identity Summit 2020, 2020) Fritsch, Lothar
    Identity management (IdM) facilitates identification, authentication and authorization in most digital processes that involve humans. Digital services as well as work processes, customer relationship management, telecommunications and payment systems rely on forms of IdM. IdM is a business-critical infrastructure. Organizations rely on one specific IdM technology chosen to fit a certain context. Registration, credential issuance and deployment of digital identities are then bound to the chosen technology. What happens if that technology is disrupted? This article discusses consequences and mitigation strategies for identification collapse based on case studies and literature search. The result is a surprising shortage of available documented mitigation and recovery strategies for identification collapse.
  • Konferenzbeitrag
    Identity Management as a target in cyberwar
    (Open Identity Summit 2020, 2020) Fritsch, Lothar
    This article will discuss Identity Management (IdM) and digital identities in the context of cyberwar. Cyberattacks that target or exploit digital identities in this context gain leverage through the central position of IdM digital infrastructures. Such attacks will compromize service operations, reduce the security of citizens and will expose personal data - those of military personell included. The article defines the issue, summarizes its background and then discusses the implications of cyberwar for vendors and applicants digital identity management infrastructures where IdM is positioned as a critical infrastructure in society.