Open Identity Summit 2013 September 9th - 11th 2013, Kloster Banz, Germany

Transcription

1 Open Identity Summit 2013 September 9th - 11th 2013, Kloster Banz, Germany organised by Special Interest Groups BIOSIG CRYPTO PET within Gesellschaft für Informatik e.v. FutureID Project and Open ecard Team in cooperation with opencloudinitiative.org

2 September 9 th 2013 Pre-Workshop and Welcome Reception Pre-Workshop Trusted Identities for the Cloud (12:00-18:00) Welcome Reception for Open Identity Summit (starting at 19:00) September 10 th 2013 Open Identity Summit 2013 (Day 1) 08:45-09:00 Heiko Roßnagel and Detlef Hühnlein: Welcome to the Open Identity Summit 2013 Common Criteria vs. Open Source 09:00-09:45 Tomas Gustavsson: Common Criteria certified open source software fact or fiction? Trusted Execution Environment and Applications Identity Management in Decentralized Social Networks 09:45-10:15 Maximilian Stein: Mobile Devices as Secure eid Reader using Trusted Execution Environments 10:15-10:45 Roland van Rijswijk-Deij and Erik Poll: Using Trusted Execution Environments in Two-factor Authentication: comparing approaches Simon Thiel, Marcel Heupel, Fabian Hermann and Mohamed Bourimi: Unlinkability Support in a Decentralised, Multiple-identity Social Network Andreas Kuckartz: Identities and the Federated Social Web: Survey and Outlook

3 eid Foundations and Status in Europe 11:00-11:30 Bud P. Bruegger and Moritz-Christian Müller: The eid-terminology Work of FutureID 11:30-12:00 Detlef Houdeau and Udo Sommer: Landscape eid in Europe in CY 2013 Secure Cloud Computing Bernd Zwattendorfer, Bojan Suzic, Andreas Derler and Peter Teufl: Secure Hardware-Based Public Cloud Storage Hubert Jäger and Arnold Monitzer: Sealed Cloud A Novel Approach to Preventing Insider Attacks Lunch (75 minutes) Open Source eid Projects 13:15-13:45 Ahmad-Reza Sadeghi and Sven Wohlgemuth: PersoApp Secure and user friendly internet applications 13:45-14:15 Tobias Wich, Moritz Horsch, Dirk Petrautzki, Johannes Schmölz, Detlef Hühnlein, Thomas Wieland and Simon Potzernheim: An extensible client platform for eid, signatures and more Requirements for eid and Modern Authentication Michael Kubach, Heiko Rossnagel and Rachelle Sellung: Service providers requirements for eid solutions: Empirical evidence from the leisure sector Rolf Lindemann: Not Built On Sand - How Modern Authentication Complements Federation More Open Source eid Components and Applications Distributed and Federated Identity Management 14:30-15:00 Holger Funke and Tobias Senger: An open source eid simulator Armin Lunkeit and Jürgen Großmann: Authentication on high critical infrastructures using interoperable federated identities 15:00-15:30 Yacine Rebahi, Mateusz Khalil and Simon Hohberg: An eid based solution for anonymity and privacy protection in mobile participation The Open eid Fraunhofer project Thomas Bauereiss, Stefan Gohmann, Dieter Hutter and Alexander Kläser: Selective LDAP Multi-Master Replication 15:30-16:00 Raik Kuhlisch, Dirk Petrautzki, Johannes Schmölz, Ben Kraufmann, Florian Thiemer, Tobias Wich, Detlef Hühnlein and Thomas Wieland: An Open ecard Plugin for accessing the German national Personal Health Record Florian Holzschuher and René Peinl: Approaches and challenges for a single sign-on enabled extranet using Jasig CAS

4 Towards collaborating open source projects 16:15-17:15 Panel with selected experts: Synergies and collaboration between open source projects wishful thinking or reality? German Chapter of the OpenID Foundation Poster Presentations 17:30-18:00 Henrik Biering and Axel Nennker: Upcoming specifications from the Menno Pieters: Password Management through PWM OpenID Foundation 18:00-18:30 Towards a German Chapter of the OpenID Foundation Hermann Strack: Authentication and security integration for services at the University of Applied Sciences Harz (Hochschule Harz) using German electronic Identity Card/eID and egovernment Standards 18:30-19:30 Guided tour to explore the picturesque Kloster Banz Dinner (starting at 19:30)

5 September 11 th 2013 Open Identity Summit 2013 (Day 2) From Upper Franconia to Estonia 09:00-09:15 Christian Meißner: Welcome to Kloster Banz and Upper Franconia 09:15-10:00 Tarvi Martens: Internet voting in Estonia Cloud Computing, eid and Electronic Signatures Mobile Authentication 10:15-10:45 Stephan Sädtler: Identity management in cloud computing in conformity with European Union law? - Problems and approaches pursuant to the proposal for a regulation by the European Commission on electronic identification and trust services for electronic transactions in the internal market 10:45-11:15 Marcel Selhorst and Carsten Schwarz: Cloud-based provisioning of qualified certificates for the German eid card Florian Feldmann and Jörg Schwenk: How to authenticate mobile devices in a web environment - The SIM-ID approach Martina Mueller, Fabian Zoller, Ingo Pansa and Ansgar Gerlicher: Authentication on Mobile Devices for Business Application Novelties and Perspectives for Electronic Signatures 11:30-12:15 Jos Dumortier: The European eidas-regulation Status and Outlook 12:15-13:00 Panel with selected experts: Further Novelties and Perspectives for Electronic Signatures

6 Lunch and Farewell Open Identity Partners BIOSIG Biometrics and Electronic Signatures ( The special interest group Biometrics and Electronic Signatures (BIOSIG) within GI e.v. is dedicated to the fundamentals, methods, techniques, processes and implementations used to guarantee the authenticity and integrity of entities. CRYPTO Applied Cryptology (fg-krypto.gi.de) The special interest group "Applied Cryptology" (CRYPTO) within GI e.v. connects users and researchers in the area of cryptology, whereas the scope of activities comprises the design, analysis, implementation and practical application of cryptographic systems. PET - Privacy-Enhancing Technologies (fg-pet.gi.de) The special interest group Privacy-Enhancing Technologies (PET) within GI e.v. aims at introducing and promoting privacy-enhancing technologies in science, industry and policy. FutureID Project ( The EU-funded FutureID project builds a comprehensive, flexible, privacy-aware and ubiquitously usable identity management infra-structure for Europe, which integrates existing eid technology and trust infrastructures, emerging federated identity management ser-vices and modern credential technologies to provide a usercentric system for the trustworthy and accountable management of identity claims. Open ecard Team ( The Open ecard Team is an open community, which aims at providing an open source and cross platform implementation of the ecard-api-framework (BSI-TR-03112) and related international standards such as ISO/IEC and OASIS DSS through which arbitrary applications can utilize authentication and signatures with arbitrary smart cards. BITKOM ( The Federal Association for Information Technology, Telecommunications and New Media (BITKOM) is the voice of the information technology, telecommunications and new media industry in Germany. BITKOM represents more than 1,700 companies, of which 1,200 are direct members and many of them are involved in working groups focusing on Identity Management, eid technology, Open Source Software and Cloud Computing for example. CAST Forum ( The Competence Center for Applied Security Technology, (CAST) e.v. offers a variety of services in the field of secure modern information technology and is a contact for all questions regarding IT security.

7 Deutsche Wolke ( The open source initiative Deutsche Wolke has been established as a network of renowned German and international organisations, which aims at establishing a federal cloud infrastructure for Germany. European Association for eidentity and Security (EEMA) ( For 25 years, EEMA has been Europe s leading independent, non-profit e-identity & Security association, working with its European members, governmental bodies, standards organisations and interoperability initiatives throughout Europe to further e-business and legislation. IDentity.Next Association (IDnext) ( The main mission of the IDnext association is to create an open and independent platform to support and facilitate innovative approaches in the world of Digital identity. IT-Cluster Oberfranken ( In the IT-Cluster Oberfanken e.v. companies and intstitutions from all over Upper Franconia merge to a focused regional network in the field of information and communication technology. In this way a knowledge and development pool evolves which brings advantage for all participating stakeholders. Open Cloud Initiative (OCI) ( The Open Cloud Initiative (OCI) is a non-profit organization, which has been initiated to advocate open cloud computing. For this purpose it maintains a set of Open Cloud Principles (OCP) and uses them to determine whether a given product or service is compliant and therefore "Open Cloud", both by way of community consensus. OpenID Foundation ( The OpenID Foundation is an international non-profit organization of individuals and companies committed to enabling, promoting and protecting OpenID technologies. Formed in 2007, the foundation serves as a public trust organization representing the open community of developers, vendors, and users. OIDF assists the community by providing needed infrastructure and help in promoting and supporting expanded adoption of OpenID. This entails managing intellectual property and brand marks as well as fostering viral growth and global participation in the proliferation of OpenID. Open Identity Exchange (OIX) ( The Open Identity Exchange (OIX) is a non-profit organization comprised of leaders from identity data-centric industry sectors including the internet (Google, PayPal, etc.), data aggregation (Equifax, Experian, LexisNexis, etc.), and telecommunications (AT&T, Verizon, etc.) driving the expansion of existing services and the deployment of new services. OIX develops and certifies trust frameworks, pre-negotiated sets of business, legal, and technical policies that provide identity service providers and relying parties with mutual assurance that their online transactions are reliable and repeatable. OIX is a global center of excellence for identity in next generation digital transactions delivering domain expertise, joint research commissioned by competitors, and pilot projects to test assumptions in the real world. Open Source Business Alliance (OSBA) ( The Open Source Business Alliance short OSB Alliance is with more than 190 members Germany s largest network of enterprises and organisations, which develop or use open source software.

8 Open Source Integration Initiative (OSII) ( The Open Source Integration Initiative (OSII) brings together a range of open source software applications for use by businesses. It's an initiative by MFG Baden- Württemberg Innovation Agency for ICT and Media and the Open Source Business Alliance (OSB Alliance). The aim of OSII is to create a low-cost modular solution a software stack that meets the needs of many different operating processes. SkIDentity Project ( The SkIDentity Project aims at facilitating the use of electronic identity cards (eid) within existing and emerging cloud computing infrastructures in order to provide trustworthy identities for the cloud. TeleTrusT IT Security Association Germany ( TeleTrusT is a widespread competence network for IT security comprising members from industry, administration, research as well as national and international partner organizations with similar objectives. Trusted Cloud Program ( The Trusted Cloud Program is an initiative of the German Federal Ministry of Economics and Technology in which 36 companies, 27 academic institutions and four further institutions are collaborating in 14 projects in order to develop innovative, secure and compliant technologies for trustworthy Cloud Computing.