This section contains general news about the ABC4Trust project.
To keep you updated, we have a RSS Feed containing ABC4Trust News.
ABC4Trust as an Example of a Successfull EU Funded Project
ABC4Trust has been listed by the European Commission as an example of a successful EU funded research and innovation in the Societal Challenges areas which already is integrated into commercially viable products, start-ups and services. Read more in the brochure: https://ec.europa.eu/digital-agenda/en/eu-funded-societal-challenges-projects-lab-market
Now available - the ABC4Trust clip
ABC4Trust Clip on Privacy-ABCs
A main part of ABC4Trust's efforts is to explain the problem of linkage and creation of usage patterns when using online services, the functionality and advantages of Privacy-ABCs and how they help the user to protect his or her privacy. Raising the awareness for this issue is not easy as the threat is not obvious.
This basic information is addressed in the video clip ABC4Trust has produced. Furthermore, it explains how Privacy-ABCs come into play. The clip had its premiere at the Summit Event on January 20, 2015.
The idea behind the clip is to explain Privacy-ABCs and the achievements of ABC4Trust in an entertaining but still informative way. The language used is simple and the duration of the clip does not exceed five minutes.
Download (68 MB)
Download (7 MB)
On youtube: https://www.youtube.com/watch?v=utk4EyoaxAk
All rights reserved.
New Demonstration Scenario – Booking a Hotel Room
In its latest Deliverable 4.2 – Final Reference Implementation, ABC4Trust describes how to use a demonstration the project developed in order to allow interested parties to actually try out Privacy-ABCs in practice. Embedded in a hotel room booking scenario, you can follow all steps from obtaining a credential, to make use of it and revoke it in the end.
The demonstration is deployed as a virtual machine in iso format. (Download Virtual Machine)
The scenario showcases most of the features provided by reference implementation, namely issuance with key carry-over, verification and revocation of credentials. Inspection and issuance with carry-over attributes are not included in the demonstration, but could be included in a future version. The scenario is based around the case of booking a hotel room. In order to book a room, a user must possess valid passport and credit card credentials; however the user will be forced to reveal neither her identity nor her credit card number. A potential feature to add in a future version of the demonstration would be to make the credit card number in the presentation token inspectable in case of a (late) cancellation. This would allow the hotel to withdraw a fee from the customer if certain criteria are met. Similarly, an additional issuer of student card credentials could be implemented. This could be used to showcase advanced issuance (where the student’s attributes are carried over from his student card to the credit card credential) as well as the verifier having different presentation policies, offering students a discount.
The demonstration consists of the following services:
A Grails application running the webpage for a hotel, acting as the verifier.
A Grails application running the webpage for a bank, acting as the issuer of credit card credentials.
A Grails application running the webpage of governmental agency, acting as the issuer of passport credentials.
A revocation service, able to revoke credit card credentials.
A user service, able to manage credentials, communication with smartcards and perform presentations of credentials.
A user UI service, providing a GUI for the user service.
For further details please read D4.2 - Final Reference Implementation. (Download: PDF)
Out Now: The ABC4Trust Project Flyer
The official project flyer is available as download now.
ABC4Trust Publishes New Press Release
On 26th May 2014, the ABC4Trust project published a new press release on the result of its pilots. The press release can be viewed here.
May, 21-22, 2014 ABC4Trust Workshop at the annual Cyber Security & Privacy Forum in Athens
A report on ABC4Trust's workshop "Putting Privacy-ABCs into Practice" can be found here.
Microsoft released updated U-Prove cryptoarchitecture
Already fully compatible with ABC4Trust engine
On December 19, 2013 Microsoft released a public update to its U-Prove Cryptographic Specification V1.1 and open-source C# SDK. This Revision 3 is now interoperable with the ABC4Trust architecture as recently described in "H2.2. ABC4Trust Architecture for Developers".
This smooth integration had also been enabled by the fact, that ABC4Trust had already used a previously unreleased iteration of this release that is now publicly available.
ABC4Trust project publishes source code of privacy-enhancing authentication solution
Online services can use the code to protect customer’s data and reduce exposure to liabilities in case of personal data breaches
“Privacy is an integral part of human dignity and personal freedom”, as Vice-President of the European Commission Viviane Reding stressed at a speech regarding the proposal for a Data Protection Regulation. Personal data breaches cause major liability risks and loss of reputation for businesses and may impact the life of the compromised person in a long term. Protection of personal data is served best by taking data protection aspects into account right from the planning phase. The draft for a General Data Protection Regulation demands privacy by design and privacy by default when developing new processes. This is taken into account by the EU-funded project “Attribute-based Credentials for Trust” (ABC4Trust) that is piloting cryptographic solutions to authenticate persons in a privacy-preserving way with selective disclosure of attributes in authentication processes.
Appropriate privacy-enhancing technologies (PET) as developed in the ABC4Trust project allow secure authentication while only revealing the data essential for the requested service and no longer require verifying every detail of a user’s identity. Reducing data in this early state may aid businesses to comply with these principles by avoiding unnecessary data processing, and citizens gain more privacy. To assist online services in implementing such technologies, the ABC4Trust project has published the source code of the first version of its solution.
Electronic identity solutions are based on attributes about a person with the respective attribute value like the person’s name or date of birth. Classic electronic identification does not allow presentation of selected attributes without invalidating the issuer’s signature and thus risking a rejection. Advanced and privacy-preserving solutions support selective disclosure of attributes: the service provider can only learn those pieces of information that are necessary for the given purpose while the signature verifying the correctness of the information remains intact. The privacy-enhancing attribute-based credentials (Privacy-ABCs) deployed in the ABC4Trust project’s pilots support the above-mentioned attribute selection.
The use of Privacy-ABCs has now become accessible for a broader audience, as the ABC4Trust project has released the first iteration of the Attribute-based Credential Engine (ABCE) implementation. The ABCE allows owners and implementers of online services to leverage the potential of Privacy-ABCs to protect customer’s data and reduce exposure to liabilities in case of personal data breaches.
The first iteration of the ABCE consists of a number of core components and a user interface needed to implement a Privacy-ABC system. The release includes source code and documentation on how to setup and integrate the ABCE and can be found on the ABC4Trust. The components deal with issuing, verifying, inspecting, and revoking privacy-preserving attribute-based credentials, as well as handling the required user interaction. ABC4Trust has developed two applications that are currently deployed and being used by users in two pilot trials; one in Söderhamn, Sweden and the other in Patras, Greece.
Building on the basic components fully functioning support for Privacy-ABCs can be implemented in a given system. The ABCE is provided with adapters for storing keys on smart cards and a very generic user interface. Additional customization will be required regarding the storage of keys and credentials along with the user interaction.
All parts of the ABCE are released under the Apache License 2.0 license. However, the cryptographic engines underlying the ABCE are not currently a part of the ABCE, and must be downloaded separately. The cryptographic engines are IBM Identity Mixer (Version 2.4 or later) and Microsoft U-Prove. The U-Prove binary can be downloaded from https://microsoft.com/u-prove. The IBM Identity Mixer can be downloaded from idemix.
Annual Privacy Forum 2014 - Call for Papers
The Annual Privacy Forum 2014 will take place in Athens on 20th and 21th of May 2014 in course of the Greek Presidency of the Council of the EU. The conference is jointly organized by the European Commission's Directorate General for Communications Networks, Content & Technology (DG CONNECT) and the European Union Agency for and Information Security (ENISA).
Local host for the event is the Systems Security Laboratory (SSL) of the University of Piraeus. The Call for Papers is open.
[Update:] The deadline for proposals has been extended until December 23rd, 2013. Proposed papers should focus on these topics.
- Building privacy by design and by default
- Cryptography for privacy
- Data protection technologies
- Economics of privacy and PETs
- Enhancing privacy in existing systems
- Identity management and privacy
- Location and mobility privacy
- Privacy awareness raising and education
- Privacy and inference control in databases
- Privacy and privacy technologies attacks
- Privacy by policy
- Privacy models
- Privacy-enhanced access control or authentication/certification
- Privacy Friendly Biometrics
- Privacy-friendly payment mechanisms for PETs and other services
- Privacy in Online Social Networks
- Pseudonyms, anonymization, identity management, link ability, and reputation
- Reliability, robustness and abuse prevention in privacy systems
- Traffic analysis
- Transparency enhancing tools
- Usability issues and user interfaces for PETs
Second round of the Patras pilot started
The second round of the Patras pilot started on the 4th of November 2013 and will last until mid of February 2014. The participants are 59 volunteers who attend the course “Distributed Systems I” of the Department of Computer Engineering and Informatics, at the University of Patras. They have already obtained their Smart Cards and, according to the pilot scenarios, have received their first attendance unit in the lecture room, on the 4th of November. Their entry to the pilot system is the portal residing in https://ces.cti.gr/Portal/Portal.html The students can, also, download from there a students' manual that describes all the details relevant to their participation in the pilot.
Before the start of the pilot, the students were shown brief introductory slides on the concepts of Privacy-ABCs, the goals of the pilot as well as the use cases. After the end of the slide presentation, the lecturer and CTI members initiated an open discussion related to the concepts of Privacy-ABCs, the objectives of the project and the scenarios of the pilot. Their interest in the pilot as well as the Privacy-ABCs was high and we expect them to give, in the end, a very helpful evaluation of the technology they used.
The proposal for a Regulation on electronic identification and trust services for electronic transactions in the internal market (eIDAS) is currently under evaluation by the European Parliament. The research project ABC4Trust (Attribute-based Credentials for Trust) is providing its position as input to the legislative process. ABC4Trust considers electronic identification means (eIDs) as an optimal use case for the broad deployment of privacy-enhancing attribute-based credentials (Privacy-ABCs).
The privacy concept of data minimisation is an already legally fixed principle in the Member States and also central to the current draft for a General Data Protection Regulation. A way to enable and enforce data minimisation with technical means is the concept of selective disclosure of attributes. Electronic identity solutions are based on attributes about a person with the respective attribute-value, e.g. name: Johannson, first name: Sven, place of residence: Stockholm, profession: advocate, date of birth: 1975-02-07, etc. Classic identification tokens or certificates do not allow presenting only a selected attribute without invalidating the issuer’s signature. Advanced and privacy-preserving solutions supporting selective disclosure of attributes make it possible to let a service provider only notice those pieces of information that are necessary for the given purpose while the signature verifying the correctness off the information remains intact. Besides the Privacy-ABCs deployed in the ABC4Trust project also the German eID solution supports attribute selection.
ABC4Trust currently evaluates the interoperability and functionality of Privacy-ABCs in two deployment pilots: a school network in Söderhamn, Sweden, and the evaluation of Lectures at the University of Patras, Greece. The first experiences from the pilots show that Privacy-ABCs work with secure smart cards – fulfilling a necessary prerequisite for many Member States to incorporate a technology into their national eID solution.
Consequently the ABC4Trust project considers it necessary that the concept of data minimisation is pointed out more prominent in the eIDAS regulation and welcomes existing proposals from other parties supporting this view. As a minimum Member States must be allowed to notify eID solutions permitting selective disclosure of attributes and other Member States should be hindered to reject a privacy-enhancing solution solely to the fact that not a full set of identifying data is provided but only the necessary information. Member States should be further encouraged to deploy the feature of selective disclosure of attributes in the future.
Finally ABC4Trust suggests making privacy of users and citizen s a central aspect of the regulation. It should be clarified that also the national issuers of eIDs and any services and third parties that may become necessary to make eIDs interoperable also across borders are bound to the European data protection legislation, namely must adhere to the principle of data minimisation and must not, whatsoever, use the data of the citizens or relying parties for tracking or profiling purposes.
Summarizing the above considerations amendments to the eIDAS are necessary in three major aspects:
I. Emphasize the concept of authentication instead of identification
II. Remove barriers for privacy-preserving eID solutions
III. Clarify applicability of data protection requirements also for eID services
More information on this topic from researchers of the ABC4Trust project promoting the deployment of Privacy-ABCs for eID solutions is provided here:
- The ABC4Trust position paper on the draft eIDAS regulation (2 pages).
- Panel participation the conference on eID and Trust services at the European Parliament organized by Amelia Andersdotter, MEP, Jürgen Creutzmann, MEP, and Marielle Gallo, MEP, held April, 10th 2013, (slides of the ABC4Trust presentation).
- Video Interview for a webcast by Amelia Andersdotter, MEP (to come).
- ABC4Trust session at the joint event of the Cyber Security Privacy EU Forum 2013 and Trust in the Digital World 2013 in Brussels, April 18th-19th, 2013.
- The ABC4Trust detailed analysis on the eID section of the eIDAS regulation with proposals for amendments
For further questions please do not hesitate and contact the ABC4Trust project team at ULD.
ABC4Trust paper presentations at CRiSIS conference
The ABC4Trust project will be present at the 8th International Conference on Risks and Security of Internet and Systems, CRiSIS 2013 from October 23th-25th, 2013 in La Rochelle, France. The conference is concerned with challenges to the security of Internet applications, networks and systems. It promotes the exchange of the industry, academia and government to combat increasing security and privacy risks.
Hamza Ghani will be presenting two papers of the DEEDS research group at the Technische Universität Darmstadt. The papers “Predictive Vulnerability Scoring in the Context of Insufficient Information Availability”(authors' version) and “Quantitative Assessment of Software Vulnerabilities Based on Economic-Driven Security Metrics” (authors' version) focus on the assessment of vulnerabilities e.g. in terms of prioritizing countermeasures.
Invitation for ABC4Trust Workshop on Standardisation
On 22nd of January 2013, just a day before the Conference on Privacy and Data Protection (CPDP) ABC4Trust will hold a workshop on privacy and identity management standards, jointly organised with ISO/IEC JTC 1/SC 27 - Security techniques. The workshop will look into relevant standards in ISO and elsewhere, and contextualize this within the policy space, as well as exploring further potential for ABC4Trust technology.
It follows a workshop previously held in Berlin, Germany, this summer, gathering first feedback on the issues involved and is geared to a more international community. Participants from various different stakeholders, including the French DPA (CNIL), Japanese researcher Kazue Sako from NEC and Thomas Roessler from W3C have accepted an invitation to this event, which will be held at the Hanse-Office, the representation of the German federal states of Schleswig-Holstein and Hamburg in Brussels.
Participation is open to all interested parties, for more details see the invitation letter agenda and registration form.
ABC4Trust Architecture for Developers released
ABC4Trust released today a new heartbeat document H2.1 (download PDF, XML schema) on the architecture that focuses on application developers. In particular, compared to D2.1, this heartbeat removes the details of how the ABCE layer looks internally and gives a simpler and more modular explanation of its functionality. Correspondingly, it presents an updated "external" API that the ABCE layer offers to the application layer, as well as an updated version of the data formats. It also presents some updates in the definition of concepts and features of ABCs. This document takes into account early feedback from the implementation and pilot work packages, and describes the functionality realized by the first reference implementation.
The important differences with deliverable D2.1 are listed below.
- Key binding now replaces and unifies the previous concepts of user binding and device binding. A credential can optionally be bound to at most one secret key. Knowledge of the secret key is required to create a valid presentation token from a key-bound credential and to derive pseudonyms. The secret key could be stored on a trusted device like a smart card, which effectively realizes the previous concept of device binding.
- A list of supported attribute encodings is now included in the document, together with the implications for which predicates can be used in combination with these encodings, and whether the encoded attribute values will be inspectable.
- New issuance data formats and interfaces are introduced to let the user-side ABCE return a description of the newly issued credential, and to let the issuer-side ABCE store the issuance token for future reference, together with all issuer-chosen attribute values of the new credential. In particular, the stored issuance token contains the revocation handle of the issued credential, by means of which the credential can later be revoked so required.
- Human-friendly names for credentials and attributes as well as graphical representations (icons) for credentials have been added to the credential specification. This enables the issuer to pass additional information to the identity selection user interface, so that the user can better understand the different options and so that the issuer can brand its issued credentials with custom images. See Section 4.2.1 for more details.
- Minor XML schema changes to simplify XML parsing in the ABCE.
The next update on the architecture will be in D2.2 which will release the final version. D2.2 will be released in beginning of 2014.
This section contains general news about the ABC4Trust project.
To keep you updated, we have a RSS Feed containing ABC4Trust News.
ABC4Trust launches first pilot at Patras University
On the 23rd of November 2012, 32 students of the course “Distributed Systems I” of the Department of Computer Engineering & Informatics at the University of Patras, Greece, started their participation in one of the two pilots that were developed within the context of the ABC4Trust project. This pilot is about remote evaluation of courses that students have attended throughout the semester, using “minimal disclosure” technologies that the ABC4Trust project developed in a reference implementation. Students are allowed to evaluate the course in the end of the semester after proving, anonymously, that they have attended the course sufficiently many times (i.e. over a preset attendance threshold), that they are students of the University, and that they have registered for the course under evaluation. The students have smart cards which they use in order to collect attendance units in class by passing the cards near a contactless reader of a class attendance application. After the semester has ended, they will use their smart cards in order to prove to the course evaluation system their eligibility to participate in the evaluation of the course.
This group of students will use the Idemix technology developed by IBM. Another group of 32 students will soon start their participation too, using the U-Prove technology introduced by Microsoft. We expect that after the pilot has ended (beginning of fall 2013) the students will be able to give accurate opinions from the users’ perspective. These opinions will enable the ABC4Trus consortium to proceed to enhancements of the reference implementation that will take account the students’ opinions towards increased usability, user friendliness, and ease of use.
ABC4Trust/IFIP Summer School 2013 - Call for Papers published
After the success of the last IFIP Summer School “Privacy and Identity Management for emerging Internet Applications throughout a Person’s Lifetime” in September 2011, ABC4Trust is again collaborating with other projects and several IFIP (International Federation for Information Processing) working groups to arrange a Summer School in 2013. This 8th International Summer School, organised jointly by the IFIP Working Groups 9.2, 9.5, 9.6/11.7, 11.4, 11.6 and projects such as ABC4Trust, A4Cloud, PRISMS, DigiDeas and FutureID, will focus on “Privacy and Identity Management for Emerging Services and Technologies”. It will be held in Nijmegen, the Netherlands, from June 17 to 21, 2013. The local organisers are PI.lab and Radboud University Nijmegen.
The aim of the Summer School is to encourage young academic and industry entrants to the privacy and identity management world to share their own ideas, build up a collegial relationship with others, gain experience in making presentations, and potentially publish a paper through the resulting book proceedings. It takes a holistic approach to society and technology and supports interdisciplinary exchange in the keynote lectures, tutorials and workshops. In particular, participants' contributions that combine technical, legal, regulatory, socio-economic, social or societal, ethical, anthropological, philosophical, or psychological perspectives are welcome. The school is interactive in character, and is composed of a combination of keynote lectures and workshops with PhD student presentations. Contributions are selected based on an extended abstract review by a Summer School Programme Committee.
Best Paper Award at Asiacrypt 2011 for ABC4Trust researcher
The ABC4Trust web-team congratulates our colleague Jan Camisch from IBM Research - Zurich as well as the co-authors Stephan Krenn and Victor Shoup for being awarded with the Best Paper Award at the 17th annual AsiaCrypt Conference held in Seoul, Korea, on December 4th - 8th, 2011.
The paper provides a method to design efficient cryptographic proof protocols that can be proven secure in a very strong security model. This assures that a protocols security is retained no matter in what environment a protocol is used. An example of such protocols are the privacy-enhancing technologies designed and applied in the ABC4Trust project.
The contribution with the title "A Framework for Practical Universally Composable Zero-Knowledge Protocols" has been published in the Springer LNCS series.
Zero-knowledge proofs of knowledge (ZK-PoK) for discrete logarithms and related problems are indispensable for practical cryptographic protocols. Recently, Camenisch, Kiayias, and Yung provided a specification language (the CKY-language) for such protocols which allows for a modular design and protocol analysis: for every zero-knowledge proof specified in this language, protocol designers are ensured that there exists an efficient protocol which indeed proves the specified statement.
However, the protocols resulting from their compilation techniques only satisfy the classical notion of ZK-PoK, which is not retained are when they used as building blocks for higher-level applications or composed with other protocols. This problem can be tackled by moving to the Universal Composability (UC) framework, which guarantees retention of security when composing protocols in arbitrary ways. While there exist generic transformations from Σ-protocols to UC-secure protocols, these transformation are often too inefficient for practice.
In this paper we introduce a specification language akin to the CKY-language and a compiler such that the resulting protocols are UC-secure and efficient. To this end, we propose an extension of the UC-framework addressing the issue that UC-secure zero-knowledge proofs are by definition proofs of knowledge, and state a special composition theorem which allows one to use the weaker – but more efficient and often sufficient – notion of proofs of membership in the UC-framework. We believe that our contributions enable the design of practically efficient protocols that are UC-secure and thus themselves can be used as building blocks.
To download the full paper see Springerlink
Report on Architecture for Privacy-ABCs published
With the Report "Architecture for Attribute-based Credential Technologies" (Privacy ABCs) the ABC4Trust consortium published the first version of the architecture design for the deployment of Attribute-based credentials. The ABC4Trust project will brings this privacy preserving technology to life in two pilots. The first pilot provides a social network for pupils in a secondary school in Söderhamn, Sweden. The second pilot will allow anonymous yet securely authenticated evaluation of classes at the University of Patras, Greece.
The architecture report provides the basis for the pilots and describes central aspects of the technology as it will be deployed in ABC4Trust. The architecture report has been designed to decompose future (reference) implementations of Privacy-ABC technologies into sets of modules and specify the abstract functionality of these components in such a way that they are independent from algorithms or cryptographic components used underneath.
The report also provides an analysis regarding the applicability of the ABC4Trust architecture to the popular existing identity protocols and frameworks such as WS-*, SAML, OpenID, OAuth and X.509.
The goal of ABC4Trust is to address the federation and interchangeability of technologies that support trustworthy yet privacy-preserving Attribute-based Credentials (Privacy-ABC).
Towards this goal, one of the main objectives of the project is to define a common, unified architecture for Privacy-ABC systems to allow comparing their respective features and combining them on common platforms. The first version of this architecture is described in the deliverable at hand. Its main contribution is the specification of the data artifacts exchanged between the implicated entities (i.e. issuer, user, verifier, revocation authority, etc.), in such a way that the underlying differences of concrete Privacy-ABC implementations are abstracted away through the definition of formats that can convey information independently from the mechanism-specific cryptographic data. It also defines all technology-agnostic components and corresponding APIs a system needs to implement in order to perform the corresponding operations, i.e. to process an obtained issuance/presentation policy, perform the selection of applicable credentials for a given policy or to trigger the mechanism-specific generation of the cryptographic evidence.
How Privacy-ABCs can be applied in existing identity protocols and frameworks such as WS-*, SAML, OpenID, OAuth and X.509 and how Privacy-ABCs can help to alleviate some of the security, privacy and scalability issues of these protocols is also discussed.
ABC4Trust Public Event in Athens, Greece
Attribute Based Credentials for privacy preserving identity management:
Legal and technical issues, implementation initiatives, and future trends
September 20th 2011, TITANIA HOTEL, Panepisthmiou 52 , Athens, Greece, "OURANOS" Conference Center, on the 10th floor.
For more information click here
Call for Participation for IFIP Summer School 2011
Date: September 5-9, 2011 Location: University of Trento/Italy
ABC4Trust jointly supports the The IFIP Summer School together with PrimeLife and other European and national projects related to privacy and IT security. Please consider your participation. The preliminary agenda as of today can be found below. For details, updates and registration please visit the website of the IFIP Summer School 2011.
Call for Participation IFIP Summer School 2011
Seventh International Summer School organised jointly by the IFIP Working Group 9.2, 9.6/11.7, 11.4, 11.6
IFIP Summer School 2011
to be held at the University of Trento, Italy,
on 5-9 September 2011 in cooperation with the EU funded projects:
PrimeLife, ABC4Trust, Endorse, NESSOS, TAS3, the Norwegian e-Me, PETweb II
and Swedish U-PrIM (in cooperation with HumanIT) projects
Summer School Website: http://disi.unitn.it/security/ifip-summerschool2011/index.html
Early Bird registration until 20th August 2011
Invited keynotes include:
Di Nicola Andrea, University of Trento, Italy
Allessandro Armando, FBK, Italy
David Chadwick, University of Kent, UK
Jean-Pierre Seifert, TU Berlin, Germany
Peter Gullberg, Gemalto, Sweden
Marit Hansen, ULD / Vice Data Protection Commissioner, Germany
Riitta Hellman, Karde AS / Norwegian Computing Center, Norway
Eleni Kosta, KU Keuven, Belgium
Gregory Neven, IBM Research Zurich, Switzerland
Charles Raab, Edinburgh University, UK
Sarah Spiekerman, University of Vienna, Austria
[Edit: Due to recent changes in the agenda and possible further changes please view the latest version of the agenda directly at the Summer School's website. Thank you.]
ABC4Trust supports the IFIP Summer School 2011
Date: September 5-9, 2011 Location: University of Trento/Italy
Excerpt from the Call for Papers:
Internet applications, such as Web 2.0 applications and cloud computing, increasingly pose privacy dilemmas. When they communicate over the Internet, individuals leave trails of personal data which may be stored for many years to come. These developments raise substantial new challenges for personal privacy at the technical, social, ethical, regulatory, and legal levels: How can privacy be protected in emerging Internet applications such as collaborative scenarios and virtual communities? What frameworks and tools could be used to gain, regain and maintain informational self-determination and lifelong privacy?
These questions will be addressed by this year's IFIP Summer School on Privacy and Identity Management for Emerging Internet Applications throughout a person's lifetime. After the success of the 2009 and 2010 PrimeLife/IFIP Summer Schools, IFIP (International Federation for Information Processing), Working Groups 9.2, 9.6/11.7 11.4, 11.6 will in cooperation with the PrimeLife project consortium and the projects ABC4Trust, Endorse, NESSOS, PETweb II, U-PrIm jointly hold a multidisciplinary summer school. A special focus of the 2011 IFIP Summer School will be on application scenarios and use cases to assess the extent to which the PrimeLife project outcomes and other research results can be practically applied.
For previous Summer Schools see: http://www.cs.kau.se/IFIP-summerschool
Joint PrimeLife and ABC4Trust Credential Tutorial
Date: June 10th, 2011, from 10:00 to 16:30
Location: IBM Research Zurich, Säumerstrasse 4, 8803 Rüschlikon, Switzerland
Cost: no registration fee
Joint dinner: June 9th, 2011, 19:00 Restaurant Moosegg, Säumerstrasse 31, 8803 Rüschlikon
Trustworthy, yet privacy-preserving authentication is necessary to enable long-term and lifelong privacy for users. Attribute-based credentials offer a solution allowing strong authentication while the user may remain anonymous towards the relying party and without the identity provider learning to know about the websites visited or services deployed by a user. The technology to deploy attribute-based credentials is available with IBM’s Identity Mixer and Microsoft’s U-Prove. The EC-funded project ABC4Trust now takes up the heritage of the PRIME and PrimeLife projects and will deploy systems using attribute-based credentials in actual production pilots and deliver open reference implementations.
PrimeLife and ABC4Trust organize a joint tutorial explaining the basics of the technology, its potential spheres of application for privacy-enhancing technologies and some building blocks of the underlying cryptography. The tutorial will be held in Rüschlikon (near Zurich) on Friday June 10, 2011 and hosted by IBM Research Zurich.
Tutorials will be given by expert researchers from Microsoft and IBM, presenting a common view on Privacy-ABC technologies that encompasses both the U-Prove and Identity Mixer technologies.
09:30 Welcome coffee in the IBM Cafeteria
10:00 start of Session 1
General introduction to privacy-enhanced attribute-based credentials (Privacy-ABCs)
- Comparison to traditional public-key credentials
- High-level concepts and features
- Cryptographic building blocks (high-level overview)
Integrating Privacy-ABCs in identity management architectures and policy languages
13:00 Lunch in the IBM Cafeteria
14:00 Session 3
Real-life application scenarios & demos
Questions and discussions
16:30 End of the tutorial
PrimeLife is pleased to invite participants arriving on Thursday evening for a dinner. Attendees of the PrimeLife Summit Event and the SEC2011 may conveniently join the meeting by extending their stay in Switzerland and commute via train from Lucerne to Zurich.
Hotel rooms have been reserved in Rüschlikon for booking until the May 20th.
Updates and further information: http://www.primelife.eu/events/workshops
Update: Agenda as PDF