September 29, 2014 - ABC4Trust Information Event in Athens
ABC4Trust Information Event in Athens
The ABC4Trust project invited interested people from industry, politics and science to join its information event held in Athens. The project's partners introduced the audience to Privacy-ABCs technologies in general, the architecture and the project's pilots. The presentation slides are available as PDF download (see below).
Date:
September 29, 2014, starting at 10:00h
Venue:
CTI building
Mitropoleos 26-28,
105 63 Athens
Programme
Time |
Speaker |
Subject |
10:00-10:30 h |
|
Registration and Welcome Coffee |
10:30-11:00 h |
Tasos Economou (Kathimerini) |
Keynote: "Digital privacy: A journalistic perspective" |
11:00-11:30 h |
Prof. Kai Rannenberg (GUF) |
Introduction to the ABC4Trust Project and Privacy-ABCs Download PDF |
11:30-13:00 h |
Souheil Bcheri (EDOCS)
Prof. Yannis Stamatiou (CTI) |
Privacy-preserving School Communication for Pupils, The Söderhamn Pilot Download PDF Anonymous Course Evaluations at Universities; The Patras University Pilot Download PDF
|
13:00-14:00 h |
|
Light lunch; demonstrators available on desk; FI-Ware demo by NSN Download PDF |
14:00-14:25 h |
Ahmad Sabouri (GUF) |
ABC4Trust Architecture Download PDF |
14:25-14:50 h |
Dr. Michael Østergaard (MCL) |
ABC4Trust Reference Implementation Download PDF |
14:50-15:15 h |
Pascal Paillier (CRX) |
Smart Card Implementation (Including live demo) |
15:15-15:40 h |
|
Coffee Break |
15:40-16:05 h |
Dr. Gert Læssøe Mikkelsen (ALX) |
Privacy-ABC technology on Mobile Phones Download PDF |
16:05-16:30 h |
Dr. Jan Camenisch (IBM) |
ABC4Trust as Services in the Cloud |
16:30-17:00 h |
Prof. Kai Rannenberg; Prof. Yannis Stamatiou |
Discussion and Conclusions |
Tasos Economou works as a managing editor at the news web site Kathimerini.gr. His journalistic area of expertise is the intersection of information technologies and society. He was born in Athens at 1973. He is married with three children.
Prof. Kai Rannenberg holds the Deutsche Telekom Chair (formerly T-Mobile Chair) of Mobile Business & Multilateral Security since 2002. Before he was with the System Security Group at Microsoft Research Cambridge, UK focussing on "Personal Security Devices & Privacy Technologies". 1993-1999 Kai worked at Freiburg University and coordinated the interdisciplinary "Kolleg Security in Communication Technology", sponsored by Gottlieb Daimler & Karl Benz Foundation researching Multilateral Security. After a Diploma in Informatics at TU Berlin he had focused his PhD at Freiburg University on IT Security Evaluation Criteria and their potential and limits regarding the protection of users and subscribers. Since 1991 Kai is active in the ISO/IEC standardization of IT Security and Criteria (JTC 1/SC 27/WG 3 "Security evaluation criteria"). Since March 2007 he is Convenor of the SC 27/WG 5 "Identity management and privacy technologies". Since September 2009 Kai is an IFIP Councillor. From May 2007 till July 2013 he chaired IFIP TC-11 "Security and Privacy Protection in Information Processing Systems", after having been its Vice-Chair since 2001. Kai is active in the Council of European Professional Informatics Societies (CEPIS) chairing its Legal & Security Issues Special Interest Network (CEPIS LSI) since 2003. From July 2004 till June 2013 Kai served as the academic expert in the Management Board of the European Network and Information Security Agency, ENISA. Kai`s awards include the IFIP Silver Core, the Alcatel SEL Foundation Dissertation Award and the Friedrich-August-von- Hayek-Preis of Freiburg University and Deutsche Bank.
Introduction to the ABC4Trust Project and Privacy-ABCs–Rapid growth of communication infrastructures and enterprise software solutions has caused electronic services to penetrate into our everyday life. So it is not far from reality that many personal and trust-sensitive transactions happen online. In this regard, one of the biggest challenges to deal with will be proper user authentication and access control, as strong authentication and authorization techniques used nowadays are double-edged swords: while they can protect service providers by offering a satisfactory level of resilience against unauthorized accesses, most of these technologies have the drawback of threatening the clients' privacy. In this presentation, we will give an overview of the privacy problems of the existing Identity Management Systems and then open the discussion on the ABC4Trust project that focuses on Privacy-preserving Attribute-based Credentials to address the shortcomings of the existing IdMs.
Souheil Bcheri is the founder of the Swedish company Eurodocs AB. He has a Master Degree in Mathematics, Statistics and Computer Sciences. Souheil has been working for more than 20 years within the sectors large data analysis and IT-security, including digital identification, encryption and digital signatures. Furthermore, Souheil is very experienced in working on projects dealing with identity, anonymity, and privacy protection.
Privacy-preserving School Communication for Pupils; The Swedish School Pilot - Social networks have become widely used nowadays and are increasingly finding acceptance in different scenarios of our daily activities. Depending on the type of the users being targeted, social networks have been set up to better serve users, enhance their online experience and provide them with an easy way to interact and share with the other members of the network. In this session we are going to describe the members of the use case community – pupils of a Swedish school, their guardians and teachers – were able to use the provided “community services” while, at the same time their privacy was protected by enabling pseudonymous and anonymous access.
Yannis Stamatiou graduated from the University of Patras, Department of Computer Engineering and Informatics. He is currently Associate Professor at the Department of Business Administration of the University of Patras, Greece and Consultant (with deputy directorresponsibilities) on Cryptography and Security for the Security Sector of the Computer Technology Institute & Press (“Diophantus”) in Patras, Greece. His interests lie in cryptography, modelling of computer viruses/worms in computer networks, cryptanalysis and ICT security with a focus in eVoting and eGovernment related security protocols and systems.
Anonymous Course Evaluations at Universities; The Patras University Pilot – In this session we are going to demonstrate the Privacy-ABCs technology in a system that allows anonymous, remote course evaluations at Universities by certified students. We are going to describe the system architecture as well as the use cases and provide a complete demo of the system operation.
Ahmad Sabouri is a scientific researcher and doctoral candidate with the Deutsche Telekom Chair of Mobile Business and Multilateral Security at Goethe University Frankfurt. His main research interests include: Identity Management, Privacy and Cloud Computing. He has been involved in research actives and coordination of the ABC4Trust EU project since 2011.
ABC4Trust Architecture – In this presentation we introduce the generic architecture model of Privacy-ABC Systems that was designed within the ABC4Trust project. More specifically, we focus on the involved entities and their interactions, and discuss how the layered architecture of ABC4Trust enables smooth integration of Privacy-ABCs to various applications.
Michael Østergaard received a Ph.D. in Computer Science in 2008 from the University of Aarhus, where he was part of the cryptography group. Currently he is working at Miracle A/S within the fields of IT security, penetration testing and software development. His research interests include cryptographic protocols with focus on privacy protection, as well as IT security in general.
ABC4Trust Reference Implementation– In this presentation we introduce the different components of the ABC4Trust Reference Implementation and how they interact with each other, as well as various interfaces that are available to application developers. Finally we give a short demo, illustrating what it is possible to achieve in relatively short time, with the Reference Implementation.
Pascal Paillier is a public-key cryptography expert and has more than 16 years of industrial experience in IT security, with a specific interest for designing and developing side channel/fault-resistant cryptographic software for embedded architectures such as smart cards. His favorite research works include the design of public-key primitives, security proofs and more recently the design of hash functions (co-conceptor of the SHABAL hash function submitted to the NIST SHA-3 competition). Until 2009, Pascal was heading the Cryptography & Innovation expert group at Gemalto, the worldwide leader in smart card technologies. Co-founder of CryptoExperts, Pascal has published over 60 research papers and filed about 25 patents, most of which are commonly implemented in the smart card industry. Pascal is also an active member of ISO SC27 WG2, the expert group that defines ISO/IEC cryptography standards.
Smart Card Implementation – In this presentation, we will make a live demonstration of the ABC4Trust smart card: what it contains, what it does and how it works together with the ABCE to provide presentation proofs. A toy scenario will be used to show how the different objects are created and operated in the card.
Gert Læssøe Mikkelsen has a theoretical background in cryptography, and holds a PhD in computer science and cryptography from Aarhus University. He now works at the Alexandra Institute, in their security lab, where he in his daily work works with new technology in the field of digital identity management both in internal projects and in international research projects like the ABC4Trust Project.
Privacy-ABC technology on Mobile Phones– While the project's trials were using laptops and smart cards, it is also possible to use mobile devices like mobile phones or tablets. The advantage is, that most potential users already have one, so there is no need for additional hardware like smart cards and smart card readers. On the other side the usage of mobile devices raises some new challenges, as they are computationally less powerful than laptops, and less secure than special designed smart cards. These challenges will be discussed in this presentation, and we will show that despite these challenges it is possible to use mobile devices as a platform for Privacy-ABCs.
Jan Camenisch received a Diploma in Electrical Engineering in 1993 and a Ph.D. in Computer Science in 1998 both from ETH Zurich. From 1998 until 1999 he has been Research Assistant Professor in Computer Science at the University of Aarhus, Denmark. Since 1999 he is Research Staff Member and project leader at IBM Research -- Zurich. Together with Anna Lysyanskaya, Jan invented the identity mixer protocols that are now part of the ABC4Trust platform. Jan recently got a Grant for "Personal Cryptography" from the European Research Council. His research interests include public key cryptography; cryptographic protocols, in particular those supporting privacy and anonymity; practical secure distributed computation; and privacy-enhancing technologies.
ABC4Trust as services in the cloud – Installing and initialising the different ABC4Trust components to obtain privacy-friendly authentication is non-trivial. The cloud promises to get rid of installation, software is just there to use. In this talk we explain how and to what extend the components of ABC4Trust can be run in the cloud. We finally show a demo that uses ABC4Trust services in the cloud. In fact, all participants can try the demo themselves and experience Privacy-ABCs live.
Demonstrators during Lunch Break
During the lunch break the speakers and further representatives of ABC4Trust’s partners will be available for questions and discussions.
Furthermore, Robert Seidl from ABC4Trust’s partner NSN will make accessible a demonstrator of the related project FI-Ware: A user visits a ‘File Store’ and selects one of 10 access policies which she can satisfy. The user is then forwarded to the ‘Identity Agent’ and is requested to login. After successful authentication, the ‘Identity Agent’ fetches the user’s credential and generates a presentation token which will meet the chosen policy. The user forwards this token to the ‘File Store’ which then requests the ‘Verifier as a Service’ to check the token. If the cryptographic proof succeeds, the user is allowed to access the resource. Differences to the ABC4Trust pilot use-cases: The ‘user application’ is shifted into the cloud and handled by a trusted ‘Identity Agent’. Now the only prerequisite on the user side is a Google Chrome browser which enables mobile devices and ‘wearables’ to be used too. On top of this, the RESTful ABC4Trust interfaces of the Verifier and of the Issuer have been enhanced to include a simple form of authentication in order to prevent unauthorized access.
Robert Seidl studied Electrical Engineering at the Munich University of Applied Sciences. He received his diploma in 1993. Joining Rohde & Schwarz for a first period of practice he was involved in the introduction of digital cordless phones in Germany. Since 1995 he has been with Siemens AG in Munich. After 7 years of hard- and software development he entered the mobile network division in 2001. In 2007 he joined Nokia Siemens Networks (NSN) and has mainly been involved in the area of identity management, reliability, service access control and simplified access to services. He was responsible for NSN in European projects such as SIMPLICITY or SPICE and heading the group on Identity Management within NSN research. Today Mr. Seidl works in the research group of Nokia and is heading a team responsible for Data Analytics and Privacy. He is responsible for the EU funded projects ABC4Trust and FI-WARE.