- TextdokumentGTPL: A Graphical Trust Policy Language(Open Identity Summit 2019, 2019) Mödersheim, Sebastian Alexander; Ni, Bihang; Roßnagel, Heiko; Wagner, Sven; Hühnlein, DetlefWe present GTPL, a Graphical Trust Policy Language, as an easy-to-use interface for the Trust Policy Language TPL proposed by the LIGHTest project. GTPL uses a simple graphical representation where the central graphical metaphor is to consider the input like certificates or documents as forms and the policy author describes “what to look for” in these forms by putting constrains on the form’s fields. GTPL closes the gap between languages on a logical technical level such as TPL that require expertise to use, and interfaces like the LIGHTest Graphical-Layer that allow only for very basic patterns.
- TextdokumentImplementation of Distributed Light weight trust infrastructure for automatic validation of faults in an IOT sensor network(Open Identity Summit 2019, 2019) Jeyakumar, Isaac Henderson Johnson; Wagner, Sven; Roßnagel, Heiko; Roßnagel, Heiko; Wagner, Sven; Hühnlein, DetlefThe goal of the paper is to design and implement a distributed trust infrastructure, which makes use of the existing Internet Domain Name System (DNS) and its global trust anchor. Since it has high scalability and eases the burden on relying parties in turn, allows for highly efficient queries to support individual trust decisions. In this implementation, a stand-alone private DNS infrastructure including top level domains was developed with Raspberry Pi Cluster. Further, the security of the DNS for the trust infrastructure is enhanced by implementing DNSSEC and DANE protocol with TLSA resource records. It also includes the core functionality of the LIGHTest infrastructure like developing trust lists, Trust Scheme Publication Authority (TSPA) and a Delegation Publisher (DP). In this paper, a distributed trust infrastructure is developed and visualized practically by designing an infrastructure for validation and authentication of faults in the sensor system of an organization using a Raspberry Pi Cluster.
- TextdokumentSecurity Analysis of XAdES Validation in the CEF Digital Signature Services (DSS)(Open Identity Summit 2019, 2019) Engelbertz, Nils; Mladenov, Vladislav; Somorovsky, Juraj; Herring, David; Erinola, Nurullah; Schwenk, Jörg; Roßnagel, Heiko; Wagner, Sven; Hühnlein, DetlefWithin the European Union (EU), the eIDAS regulation sets legal boundaries for crossborder acceptance of Trust Services (TSs) such as Electronic Signatures. To facilitate compliant implementations, an open source software library to create and validate signed documents is provided by the eSignature building block of the Connecting Europe Facility (CEF). We systematically evaluated the validation logic of this library with regards to XML-based attacks. The discovered vulnerabilities allowed us to read server files and bypass XML Advanced Electronic Signature (XAdES) protections. The seriousness of the vulnerabilities shows that there is an urgent need for security best-practice documents and automatic security evaluation tools to support the development of security-relevant implementations.
- TextdokumentDNS-based Trust Scheme Publication and Discovery(Open Identity Summit 2019, 2019) Wagner, Georg; Wagner, Sven; More, Stefan; Hoffmann, Martin; Roßnagel, Heiko; Wagner, Sven; Hühnlein, DetlefTrust infrastructures are at the heart of a digital world. Within those trust infrastructures, trust schemes play an important role and often represent legal or organizational entities. Right now, trust schemes are published in the form of lists. Those lists enumerate all the trust services and their level of assurance. Trusted discovery only works if the URI of the trust list is known to the verifying party. In this paper, we introduce a Trust Scheme Publication Authority for arbitrary trust schemes. Our approach uses the Domain Name System (DNS) and its security extensions (DNSSEC) to publish discovery data securely.
- TextdokumentAnonymization Is Dead – Long Live Privacy(Open Identity Summit 2019, 2019) Zibuschka, Jan; Kurowski, Sebastian; Roßnagel, Heiko; Schunck, Christian H.; Zimmermann, Christian; Roßnagel, Heiko; Wagner, Sven; Hühnlein, DetlefPrivacy is a multi-faceted, interdisciplinary concept, with varying meaning to different people and disciplines. To most researchers, anonymity ist he “holy grail” of privacy research, as it suggests that it may be possible to avoid personal information altogether. However, time and time again, anonymization has been shown to be infeasible. Even de-facto anonymity is hardly achievable using state-of-the-art cryptographic anonymization techniques. Furthermore, as there are inherent tensions between the privacy protection goals of confidentiality, availability, integrity, transparency, intervenability and unlinkability, failed attempts to achieve full anonymization may make it impossible to provide data-subjects with transparency and intervenability. This is highly problematic as such mechanisms are required by regulation such as the General Data Protection Regulation (GDPR). Therefore, we argue for a paradigm shift away from anonymization towards transparency, accountability, and intervenability.
- TextdokumentBusiness Models for Open Digital Ecosystems of Trustable Assistants(Open Identity Summit 2019, 2019) Mihale-Wilson, Cristina; Kubach, Michael; Roßnagel, Heiko; Wagner, Sven; Hühnlein, DetlefDigital ecosystems (DEs) are self-organizing, robust and scalable environments where various stakeholders interact to solve complex problems. The idea of building digital ecosystems is not new. Thus, we can currently draw on an extensive body of literature on the topic. Although academics have addressed the technical and architectural challenges of building digital ecosystems as well as their desirability regarding innovativeness and privacy, research on how to ensure the economic viability and thus sustainability of such DEs remains scarce. In this study, we address this void in the literature and focus on the economic challenges of building open DE. We discuss this topic in the context of an open DE for trustable assistants in the Internet of Things (IoT) and vet the research question: “which are the business models an open DE must support to be economically viable?" Based on a structured research analysis we identify seven business models,which are most likely essential to the economic success of the analysed DE.
- TextdokumentSmart Contract Federated Identity Management without Third Party Authentication Services(Open Identity Summit 2019, 2019) Mell, Peter; Dray, Jim; Shook, James; Roßnagel, Heiko; Wagner, Sven; Hühnlein, DetlefFederated identity management enables users to access multiple systems using a single login credential. However, to achieve this a complex privacy compromising authentication has to occur between the user, relying party (RP) (e.g., abusiness), and a credential service provider(CSP) that performs the authentication. In this work, we use a smart contract on a blockchain to enable an architecture where authentication no longer involves the CSP. Authentication is performed solely through user to RP communications (eliminating fees and enhancing privacy). No third party needs to be contacted, not even the smart contract. No public key infrastructure (PKI) needs to be maintained. And no revocation lists need to be checked. In contrast to competing smart contract approaches, ours is hierarchically managed (like a PKI) enabling better validation of attribute providers and making it more useful for large entities to provide identity services for their constituents (e.g.,a government) while still enabling users to maintain a level of self-sovereignty.
- TextdokumentHow to harmonise local and remote signing(Open Identity Summit 2019, 2019) Hühnlein, Detlef; Wich, Tobias; Hühnlein, Tina; Schuberth, Sebastian; Lottes, René; Crossley, Neil; Otto, Florian; Roßnagel, Heiko; Wagner, Sven; Hühnlein, DetlefWhile the generation of qualified electronic signatures traditionally required the use of local qualified electronic signature creation devices (QSCD) in form of smart cards for example, the eIDAS-Regulation [EU14] introduced the promising option for Hardware Security Module (HSM) based QSCDs and remote signature protocols, which are especially suitable for mobile environments. As the technical interfaces of these two approaches are fundamentally different, one until today needs to choose a solution, which either supports local or remote signing but not both. In this paper we show how to harmonise the two seemingly distinct worlds in order to enable adaptive signing solutions which seamlessly allow to use both local and remote QSCDs and provide the best possible user experience for the generation of qualified electronic signatures.
- TextdokumentEvolving the DSS-X standard(Open Identity Summit 2019, 2019) Kühne, Andreas; Roßnagel, Heiko; Wagner, Sven; Hühnlein, DetlefThis document describes the adoption of an existing specification (for signature creation and validation) to new challenges both in signature-specific and general technical requirements. The major work item is the need to support multiple interface description syntaxes. This document also discusses an approach of automatic document generation to provide multiple artefacts in a consistent and timely manner. This contribution wants to outline a way to maintain specifications in a changing landscape of requirements.
- TextdokumentOpen Identity Summit 2019(Open Identity Summit 2019, 2019) Roßnagel, Heiko; Wagner, Sven; Hühnlein, Detlef; Roßnagel, Heiko; Wagner, Sven; Hühnlein, Detlef