Auflistung nach:
Auflistung P305 - Open Identity Summit 2020 nach Erscheinungsdatum
1 - 10 von 19
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragIoT Device Profiling: From MUD Files to S×C Contracts(Open Identity Summit 2020, 2020) Matthíasson, Guðni; Giaretta, Alberto; Dragoni, NicolaSecurity is a serious, and often neglected, issue in the Internet of Things (IoT). In order to improve IoT security, researchers proposed to use Security-by-Contract (S×C), a paradigm originally designed for mobile application platforms. However, S×C assumes that manufacturers equip their devices with security contracts, which makes hard to integrate legacy devices with S×C. In this paper, we explore a method to extract S×C contracts from legacy devices’ Manufacturer Usage Descriptions (MUDs). We tested our solution on 28 different MUD files, and we show that it is possible to create basic S×C contracts, paving the way to complete extraction tools.
- KonferenzbeitragIdToken: a new decentralized approach to digital identi-ty(Open Identity Summit 2020, 2020) Talamo, Edoardo; Pennacchi, AlmaThe ability to store and share digital data offers benefits that the digitization of information has become a growing trend but has raised questions about the security of personal data. There have been countless high-profile hacks and personal information leaks. Furthermore users don’t (and shouldn’t) always trust an external server of a third party to store their personal data. Blockchain tries to offer a compelling solution to the problem of combining accessibility with privacy and security. Records can be held securely, using end-to-end encryption, and yet openly authenticated so that data can still be trusted as reliable. This project goes deeper in this solution thanks to an innovative idea and development of a new kind of blockchain non fungible token specifically created to store and manage digital identities and sensible data. It has the potential to resolve issues blockchain alone was starting to approach and improves security, privacy and accessibility.
- KonferenzbeitragPrivacy and availability needs regarding user preferences for Smart Availability Assistant – towards a digitally enabled work life balance(Open Identity Summit 2020, 2020) Saternus, ZofiaThe use of communication technologies (CTs) enables blurring the traditional boundaries between work and private life. Many employers are worried about this situation and addressed those issues with different technological and organizational approaches. The goal of our research is to introduce improved enterprise availability management by developing an employee-friendly technological solution that actually reflects the variety of employees’ availability needs. Due to the overall aim of broadening and bridging research on an availability management, results of a quantitative study (N=821) insights into the management of individuals’ availability and key requirements regarding the development of a Smart Availability Assistant. In general, it became apparent that to appropriately design this kind of smart assistant we must not only recognize the heterogeneity of peoples’ availability preferences but also identify and meet employees’ privacy expectations by use of a Smart Availability Assistant.
- KonferenzbeitragIdentity Management as a target in cyberwar(Open Identity Summit 2020, 2020) Fritsch, LotharThis article will discuss Identity Management (IdM) and digital identities in the context of cyberwar. Cyberattacks that target or exploit digital identities in this context gain leverage through the central position of IdM digital infrastructures. Such attacks will compromize service operations, reduce the security of citizens and will expose personal data - those of military personell included. The article defines the issue, summarizes its background and then discusses the implications of cyberwar for vendors and applicants digital identity management infrastructures where IdM is positioned as a critical infrastructure in society.
- KonferenzbeitragCriteria for trustworthy digital transactions - Blockchain/DLT between eI-DAS, GDPR, Data and Evidence Preservation(Open Identity Summit 2020, 2020) Kusber, Tomasz; Schwalm, Steffe; Shamburger, Kalinda; Korte, UlrikeWith the help of eIDAS [Re14], legislators have created a resilient framework in EU and EFTA to place trustworthy digital transactions more and more in the centre of business relationships. The regulated use of the trust services (e.g. qualified electronic signature or seal etc.) as well as that of the secure electronic identities provides a solid foundation for the advancement of digitization. The adequate evidence of electronic records as long as they are needed is a critical success-factor for trustworthy digital transactions. The trustworthiness of the transactions must be based on compliance with the basic values of authenticity, integrity, reliability, availability, confidentiality and transferability. After a first hype there are increasingly more considerations also in regulated industries to use DLT for digital processes which have to be accountable. In order to make them evident and to fulfil documentation requirements it is necessary that DLT fulfils the legal framework and prior art based on defined criteria for trustworthy digital transactions. This paper focuses on the challenges and requirements for utilisation of DLT for trustworthy digital processes including long-term preservation.
- KonferenzbeitragConsumer Privacy Concerns and Preferences for Certification and Accreditation of Intelligent Assistants in the Internet of Things(Open Identity Summit 2020, 2020) Carl, Valerie; Mihale-Wilson, CristinaInteroperable Intelligent Assistant Systems (IAS) could help realize the advantages of the Internet of Things (IoT). Yet, due to their insufficient skill set and persistent privacy concerns on the consumers' side, such IAS experience only limited popularity. While enabling IAS to communicate and exchange data with each other could help such systems improve performance, certifications and accreditations can help build user's trust by addressing some of the consumers' privacy concerns. To better understand the incentives necessary to instigate the mass adoption of interoperable IAS, this paper presents a study exploring consumer privacy concerns and preferences for privacy certifications. The ultimate purpose of this paper is to provide certification recommendations for intelligent IoT networks in general and IAS in particular.
- KonferenzbeitragPrivacy by Design Architecture Composed of Identity Agents Decentralizing Control over Digital Identity(Open Identity Summit 2020, 2020) Toth, Kalman C.; Cavoukian, Ann; Anderson-Priddy, AlanProposed is an identity architecture that satisfies the principles of privacy by design, decentralizes control over digital identity from providers to users, mitigates breach and impersonation risks, and reduces dependency on remote access passwords. The architecture is composed of interoperating identity agents that work on behalf of their owners and deploy digital identities that are virtualized to look and behave like identities found in one’s wallet and contacts list. Encapsulating authentication data, identity agents strongly bind owners to their digital identities and private keys enabling them to prove who they are, protect their private data, secure transactions, conduct identity proofing, and reliably delegate consent. Identity agents also off-load application services from identity-related and privacy-related tasks. A gestalt privacy by design process has been used to discover the architecture’s privacy requirements and design elements and systematically reason about how the design elements satisfy the privacy requirements. Identity-related functionality has been intentionally compartmentalized within identity agents to focus development on creating trustworthy software. A reference model for development derived from the described identity architecture is proposed.
- KonferenzbeitragA Human Digital Twin as Building Block of Open Identity Management for the Internet of Things(Open Identity Summit 2020, 2020) Zibuschka, Jan; Ruff, Christopher; Horch, Andrea; Roßnagel, HeikoIn networked industry, digital twins aggregate product data along the entire life cycle, from design and production to deployment. This enables interoperability between different data sources and analysis functions and creates an integrated data environment. Human digital twins have the potential to create a similarly interoperable and integrated data environment for more user-centric use cases in the field of the Internet of Things. In this case, personal data is processed and transmitted; therefore, the underlying infrastructure is then not product data management but identity management. In this paper, we discuss general aspects of the human digital twin, its role in open identity management systems, and illustrate its application in the field of home, building and office automation. We identify advantages and limitations and suggest future research opportunities.
- KonferenzbeitragDigital and mobile identities(Open Identity Summit 2020, 2020) Funke, HolgerIn this paper current developments in mobile identities are described. A scalable architecture, standard future-proven technologies such as ISO/IEC 23220 and a Cryptographic Service Provider build the framework for secure, failsafe and large deployments. The building blocks specified in ISO/IEC 23220 deliver a framework that can be easily used for identities stored on secure devices such as smartphones. This paper lists a selection of outstanding projects using mobile and digital identities in the field of mobile ID. The focus is on Digital Travel Credentials (DTC) which are currently specified by the International Civil Aviation Organization (ICAO).
- KonferenzbeitragTowards Universal Login(Open Identity Summit 2020, 2020) Hühnlein, Detlef; Hühnlein, Tina; Hornung, Gerrit; Strack, HermannThe present paper provides an overview of existing protocols and infrastructures for Identity Management on the Internet and discusses potential paths towards integrating the different approaches in a user centric manner into a “Universal Login” infrastructure, which allows Users to manage their authentication preferences and Service Providers to integrate with Identity Providers in an easy manner.