Logo des Repositoriums

P264 - Open Identity Summit 2016

Autor*innen mit den meisten Dokumenten  

Auflistung nach:

Neueste Veröffentlichungen

1 - 10 von 17
  • Konferenzbeitrag
    Futuretrust - future trust services for trustworthy global transactions
    (2016) Hühnlein, Detlef; Frosch, Tilman; Schwenk, Joerg; Piswanger, Carl-Markus; Sel, Marc; Hühnlein, Tina; Wich, Tobias; Nemmert, Daniel; Lottes, René; Somorovsky, Juraj; Mladenov, Vladislav; Condovici, Cristina; Leitold, Herbert; Stalla-Bourdillon, Sophie; Tsakalakis, Niko; Eichholz, Jan; Kamm, Frank-Michael; Kühne, Andreas; Wabisch, Damian; Dean, Roger; Shamah, Jon; Kapanadze, Mikheil; Ponte, Nuno; Martins, Jose; Portela, Renato; Karabat, Çağatay; Stojičić, Snežana; Nedeljkovic, Slobodan; Bouckaert, Vincent; Defays, Alexandre; Anderson, Bruce; Jonas, Michael; Hermanns, Christina; Schubert, Thomas; Wegener, Dirk; Sazonov, Alexander
    Against the background of the regulation 2014/910/EU [EU1] on electronic identification (eID) and trusted services for electronic transactions in the internal market (eIDAS), the FutureTrust project, which is funded within the EU Framework Programme for Research and Innovation (Horizon 2020) under Grant Agreement No. 700542, aims at supporting the practical implementation of the regulation in Europe and beyond. For this purpose, the FutureTrust project will address the need for globally interoperable solutions through basic research with respect to the foundations of trust and trustworthiness, actively support the standardisation process in relevant areas, and provide Open Source software components and trustworthy services which will ease the use of eID and electronic signature technology in real world applications. The FutureTrust project will extend the existing European Trust Service Status List (TSL) infrastructure towards a “Global Trust List”, develop a comprehensive Open Source Validation Service as well as a scalable Preservation Service for electronic signatures and seals. Furthermore it will provide components for the eID-based application for qualified certificates across borders, and for the trustworthy creation of remote signatures and seals in a mobile environment. The present contribution provides an overview of the FutureTrust project and invites further stakeholders to actively participate as associated partners and contribute to the development of future trust services for trustworthy global transactions.
  • Konferenzbeitrag
    An eid mechanism built along privacy by design principles using secure elements, pseudonyms and attributes
    (2016) Pinkas, Denis
    This eID mechanism has been built taking into consideration Privacy by Design principles. It uses some of the basic principles of the FIDO model (Fast Identification On-line) adding certain constraints and extending the model to push user attributes. It allows a user to open an anonymous account on a server using a random pseudonym and then to push one or more attributes contained in an access token that has been obtained from an Attribute Issuer. In order to prevent the forwarding of an access token between collaborative users, a Secure Element must be used. That Secure Element shall conform to specific requirements, e.g. defined using a Protection Profile. This eID mechanism will be worldwide usable as soon as the providers of such Secure Elements publish information that can verify the genuineness of these secure elements.
  • Konferenzbeitrag
    One mobile ID to secure physical and digital identity
    (2016) Terbu, Oliver; Vogl, Stefan; Zehetbauer, Sebastian
    In this paper a mobile ID solution called My Identity App (MIA) is shown that combines traditional printed ID documents and electronic identities (eID) into a platform independent smartphone app embedded in an ID ecosystem. MIA aims for transparent identification and authentication in the physical and digital world while security, privacy, data protection, usability and user trust are at equilibrium. Security is built upon secure processes rather than hardware like secure elements, thus providing the fundament for broad adoption including technically challenged people. Scaleable architecture, standard future-proven technologies like OpenID Connect and FIDO authentication build the framework for secure, failsafe and large deployments.
  • Konferenzbeitrag
    Architecture for controlled credential issuance enhanced with single sign-on (ACCESSO)
    (2016) Nemmert, Daniel; Hühnlein, Detlef; Wich, Tobias; Hühnlein, Tina
    As more than half of the EU Member States already have rolled out electronic identity cards (eIDs) [Le13], it seems to be a rewarding approach to investigate whether and how eIDs may be used for the purpose of controlling the log-on process for operating systems and similar local access control facilities. While this paper shows that all currently rolled out eIDs may be used for such access control purposes, our investigation also reveals that for some types of eIDs it is significantly harder to support this kind of use case.
  • Konferenzbeitrag
    Risk-centred role engineering within identity data audits - continuous improvement of the rights structure and possible risk accumulations
    (2016) Kurowski, Sebastian
    Success and costs of audits in identity management largely depend on the structure of the underlying access control model. Auditing access rights includes the determination of actuality and adequacy of provided access rights. In order to ease audit and administration of access rights, role mining approaches have provided several solutions for identifying a minimal set of roles based upon either existing usage data, or business data. However, these approaches have focused on homogeneous, static environments. When facing dynamic, heterogeneous environments, such as infrastructure administration or smart systems, the accompanied noise of access rights provisioning hinder the determination of adequacy and actuality of access rights. With application of static approaches, accumulation of access risks at users may arise due to inadequate access rights, or aggregation of access roles. These issues are however mostly neglected by current approaches. Within this contribution we propose a method based upon the design structure matrix approach, which enables the identification of role aggregations, and examination of access risk accumulation within aggregated roles, and their assigned users throughout continuous audits of the access control model.
  • Konferenzbeitrag
    Towards a decentralized identity management ecosystem for Europe and beyond
    (2016) Bruegger, Bud P.; Roßnagel, Heiko
    The objective of the FutureID project was to build an identity management infrastructure for Europe in support of a single market of online services. This requires the availability and large-scale use of trusted and secure identities that replace current password credentials. In the FutureID concept the number and topology of intermediary components is not fixed and static. FutureID rather adopts an ecosystem-approach by creating a free market for identity intermediation services. This provides for the flexibility to: scale according to need, adapt to market needs, support special needs of market sectors including niche markets, adapt to established contractual relationships, and easily adapt to various possible business models that render the infrastructure sustainable. This paper summarizes the results from the 3 year EU-funded project.
  • Konferenzbeitrag
    Non-technical challenges of building ecosystems for trustable smart assistants in the Internet of things: A socioeconomic and legal perspective
    (2016) Kubach, Michael; Görwitz, Caterina; Hornung, Gerrit
    In this position paper, we present non-technical challenges that arise while building ecosystems for trustable smart assistants in the Internet of Things. Such non-technical challenges are often neglected in the development process of information systems, even though they are important elements for their success. Only if the assistants are technically effective and fit into the non-technical framework conditions of their application area (e.g. the market structure, stakeholder, liability, and data-protection requirements), they will be able to become successful innovations. We will support this argument in our position paper, focusing on the socioeconomic and legal perspective.
  • Konferenzbeitrag
    Public online services at the age of mydata: a new approach to personal data management in Finland
    (2016) Rissanen, Teemu
    MyData is a framework and model for a human-centric approach for managing and processing personal information in the context of online services. The MyData approach is based on the right of individuals to access all data collected about them in public and commercial records. The core principle driving the MyData effort is that individuals should be in control of their own data. The MyData approach aims at strengthening digital human rights while opening new opportunities for businesses to develop innovative personal data based services built on mutual trust and respect of digital privacy rights in a positive way. The Finnish Trust Network (FTN) is a circle of trust composing of nationally notified Identity Providers (IDP) and notified identity service Brokers. It is a technical and legal framework under which different notified IDP's are mandated to provide strong authentication services for Finnish citizens and residents that can access public online services in Finland, in compliance with the provisions of the eIDAS regulation. As a whole, the FTN and MyData networks offer a new platform for reorganising public online services for the 21st century.
  • Konferenzbeitrag
    What's in a name: the conflicting views of pseudonymisation under eidas and the general data protection regulation
    (2016) Tsakalakis, Niko; Stalla-Bourdillon, Sophie; O'hara, Kieron
    Pseudonymisation is gaining traction among modern electronic identification systems as a privacy enhancing technique that can significantly reduce risks of personal data misuse. The recently agreed General Data Protection Regulation (the GDPR) encourages the use of pseudonymisation to comply with its requirement of privacy-by-design. Art. 5 of the European Regulation on electronic identification and trust services (eIDAS) on data processing and protection simply allows the use of pseudonyms in electronic transactions although the facilitation of the implementation of the principle of privacy by design is clearly among the aims listed by Art. 12 of eIDAS. This paper examines the concept of pseudonymisation under eIDAS and the GDPR and suggests that the two Regulations employ two very different, if not incompatible, notions of pseudonymisation. It concludes that a common terminalogy and approach would be preferable in order to ensure consistency and legal certainty.
  • Konferenzbeitrag
    An interdisciplinary approach to develop secure, usable and economically successful software
    (2016) Hofer, Janina; Sellung, Rachelle
    Some argue that software developers of security solutions often neglect the importance of incorporating usability and socio-economic aspects and focus more on security and privacy aspects. However, it can be observed that many solutions are not accepted by both the users and the market, even though they are technically sophisticated. This work-in-progress paper proposes an interdisciplinary approach and a prospective supportive tool that guides the developer through the process, which is referred to as the Wizard. It consists of selected, carefully analyzed and edited methods and standards from the fields of (a) Usability and User Experience, (b) Socioeconomics, and (c) IT-Security and other disciplines. The Wizard proactively recommends various methods according to the status of the development and assists in their selection and application.