1 / 32

FIA Madrid

FIA Madrid. Trust & Identity Session Panel 1: Trust. Introduction by Jim Clarke. High-level introduction to the position paper the concept of lanes session focuses on lane 1 (Trust) and 2 (Identity and Privacy). Keynote Sachar Paulus. Trust definition close to “business trust”:

afya
Download Presentation

FIA Madrid

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. FIA Madrid Trust & Identity SessionPanel 1: Trust

  2. Introduction by Jim Clarke • High-level introduction to the position paper • the concept of lanes • session focuses on lane 1 (Trust) and 2 (Identity and Privacy)

  3. Keynote Sachar Paulus • Trust definition close to “business trust”: • willingness to take risk • necessary prerequisite: “get back or blame” • trust vs. faith • achieve trust by providing recovery options (“contract”) • accountability

  4. Keynote Sachar Paulus (2) • Trust into the FI for businesses • Measurability • Trust into the FI for individuals • right to be left alone • right to time and memory loss • but legal environment needed in consumer role •  multi-party security requirements

  5. Keynote Sachar Paulus (3) • Trust in the FI • trust cannot be outsourced • but: trust management can be outsourced (cf. PKI) • Scenario: Cloud Computing • Business: • where is data located? • who runs the services? • who runs the servers? •  accountability • Individuals: • privacy, roll-back option, etc. •  transparency, multi-party security • Security, Privacy and Trust are essential non-functional design properties • no way to outsource them

  6. Position Paper SyedNaqvi (Services) • how to establish trust in Services • trust: A believes that B behaves exactly as expected and required • can services be modeled as generic entity • many concepts that are difficult to converge • introduces convergence areas of trust • e.g., resilient services: possible to restore the level of trust? • RESERVOIR overview: grid, virtualisation, services

  7. Position Paper SyedNaqvi (Services) (2) • RESERVOIR security requirements • separation of services running in the same virtual environment • trust: interoperation of service vendors • protect the management interfaces • policies upon migration: only allow migration to domains with same policy

  8. Position Paper Theodore Zahariadis (Content) • “Prosumer” • relation to • identity, authentication trust • usage • business (payment) • social context (children) • etc. • Requirements scale to network issues (cf. slides) • Identity requirements

  9. Position Paper Mirko Presser (RWI) • there is no single representative scenario • billions of nodes meet billions of consumers • behaviour changes in real-time • Trust starts at the elementary point, i.e., the node • authentication, authorisation, payment, accuracy, quality of service

  10. Discussion (1) • Peter S(?) Eurescom: need for an trustworthy entity (was government, banks etc. before) • Sachar: there will never be one single entity  spread across different entities. Who will be the entities? • Michel: real-time trust necessary, important to design and measure trust in real-time, build up trust scenarios • Theodore: different application layers will have different means for establishing trust (cf. payment vs. sensor network usage), we need different methods

  11. Discussion (2) • real-time trust: • Michel: based on recommendation • or the availability of history (we will need to have logs  immediately raises privacy issues) • Sachar: not a new concept, but the context has changed in the FI • Theodore: trust without history based on reputation metrics

  12. Discussion (3) • ? (Uni Vienna): importance of different means, compartementalisation, how to manage this? • Michel: big difference between trust and security • Syed: trust is a multilateral notion in the FI, • trust based on certification, assurance • Jacques: chained services, liability of software and service providers, one partner for the customer: the provider of the service consumed by the end user, how does trust propagate through the chain? It will just happen, no way to discuss away the complexity • Caspar: pointer to InfoCard, usability of trust, privacy, people have different aptitudes, motivation for response (cf. response time of banks for phishing attacks), systematic response only when critical situation occur

  13. Discussion (4) • activities of GT 2009

  14. Discussion (5) • ? end-point trust (t-shirt example: we have means to evaluate and impose trust based on the evaluation), need for new models for building reputation, responsibility at multiple levels • Sachar: to which extent do we need to regulate? regulations can be helpful, but don’t over-regulate

  15. Discussion (6) • Nick: individuals will likely not be willing to take risk, how to tell them • Michel: depends on the respective trust model, model trust in terms of behaviour • Theodore: example of reading terms and conditions when entering a web site, they are never read • Jacques: normally no absolute freedom in offers and service to customers  consumer protection law that provides some trust, need for similar regulation in the FI • Mirko: ignorance (of the detailed conditions) is a blessing, need only if things go wrong • is there a higher percentage of bad guys in the FI than in the real world • Caspar: it will be impossible to provide complete transparency

  16. After Lunch, Volkmar Lotz Volkmar Lotz, SAP Labs Presentation of Position Paper What is an identity? Considerations • Privacy-friendly identity • Usability and flexibility • Usage Control Enforcement

  17. Caspar Bowden Caspar Bowden, Chief Privacy Advisor Microsoft EMEA An Example of a Strategic Privacy Technology and Implications for Policy • Privacy V Security • The trouble with PKI, “Minimum Disclosure Tokens” • Authentication ≠ Identification, Privacy Friendly revocation • Aligning Technology with Policy • Strategic PETs in a Legal Framework

  18. Phil Jansen Phil Jansen, Manager Security ad Cryptography, IBM Security Lab, Zurich. • Problem: Digital world never forgets. • Challenges: Controlling Access (security), Accuracy and Usage (privacy) • Privacy V. Accountability, Anonymity V Traceability • Role of Identity Provider • Research Directions

  19. Discussion (7) Panel Discussion • Joao Girao, NEC (SWIFT, Daidalos)Virtual ID defined in Daidalos. Separation of one person’s different IDs (Joao Girao from work and Joao Girao from home want a different ID. One should not be traceable to the other.) • Kajetan Dolinar, Privacy Protection Cycle, A concept for a systemic privacy protection (PERSIST)Peer-to-Peer security backed-up with the infrastructure defined in PERSIST.PERSIST Privacy Protection Cycle.

  20. Discussion (8) Panel Discussion Neeli Prasad, Aalbourg University (ASPIRE)Real world scenarios • Tracking your children. Who else can see? How to validate the correct user? • Tracking the food you eat. Where does it come from? How long did it take to get to me? • Am I paying my bill to the right person? What does identity really mean?

  21. Discussion (9) Chair • What are user expectations?, Management of Identity. • What are the gaps? Use these to driver our research roadmap? Caspar “Blinding” developed 19 years ago but not seen as a priority. Now we have a problem. Phishing attacks were predicted by some but ignored. Currently have a unique window of opportunity. Identity V. Anonymity. Prediction rise of traffic analysis attacks by attaacking the router.

  22. Discussion (10) Caspar “Onion Routing” (?) where packets are bounced off multiple router randomly to avoid traffic analysis so web server doesn’t know where packets are coming from. Interface between transport layer and application layer not well understood by most. Phil Janson Gaps are: • Key players need to get together (like IBM and MS). Need to be able to use either technology interchangeability. Requires Standards • Deliberate decision by key stakeholders to start deploying. Firstly in s/w eventually in chips.

  23. Discussion (11) Chair What’s the delay implementing this? Kajetan Dolinar Legislation Joao Girao Need to rewrite some code already out there. The current Internet is not optimal. Neeli Prasad Maybe the pieces are not yet ready. Have to understand what we need. We have nice solutions, now these protocols should be modified for what we need.

  24. Discussion (12) Caspar Economics is the issue. Most professional don’t even know the problem exists, never mind a typical user. Market has failed to take care of this issue. Legal situation is confusion with a clutter of many laws, forcing companies to keep data. Phil Privacy is user-centric. Only the user cares. Stakeholders have to push service providers. Users are not prepared to pay for security/privacy so no business case. Floor Openness and privacy. User awareness is missing. Technology cannot catch up with law. Also need for international laws.

  25. Discussion (13) Floor 2. Reiterate previous speaker. Floor 3. German Awareness initiative for raising awareness among users of security. “What is missing from security learning?” Q to IT students. Their only concern was the availability of their computer. People will always choose comfort over privacy.

  26. Discussion (14) Floor Public Sector procurement policies, panel to discuss. Phil – Switzerland is working on this for citizens’ interaction with the govt. Caspar – Lobbyist shooting down ideas. “Most liberal environment is best for the market” is the thinking. Neeli – Denmark is quite a safe environment. Danish people typically put a lot of information on-line. Jacques (Commission) – Some initiatives already exist like health card in UK. Still societal discussions to take place. Some projects like STORK leading to the possibility for EU govts to come to a policy definition to allow them to start thinking about procurement. Kajetan – Each service provider should be forced to use a Hypocratic database.

  27. Discussion (15) Jacques (Commission) – Standardisation will be introduced. Chair – summary • Some pieces are available and can be deployed. • Lawyers are 20 years behind • Kids don’t care • Users won’t pay.

  28. Martin Potts Martin Pots – Martel (FEDERICA) FEDERICA is a FIRE project. A large open test bed that can be used for many things. Federica similar to GENI. Based on GEANT network. Onelab is European part of PlanetLab. Federica is looking into becoming part of OneLab. Federica can be used by anyone but not for commercial purposes. Usually a timeframe limit of about 3 months but open for all ideas. Jacques – Who pays for access Martin – Federica funded under FP7, only expense is to get connected.

  29. Martin Pots Latif Ladid - Which ideas are of particular interest. Martin – Virtualisation, Security. Federica is IPv6-ready. Floor – Security testing usually involves negative testing. Martin – Mechanisms will be in place to stop people going outside the slice allocated to them. Floor (PII project) – Panlabs network can be used for security testing also. Apply through PII office.

  30. Discussion (16) (New Panel) Jim Clarke – Moving from Trust and Identity/Privacy to Security. Panel member (France) – not talked enough about governance of the process. Identity of things and virtual services. How to design the management framework. Volkmar – Lots of dependencies. How to break it into manageable pieces. Chair (UK) – Need to think about pilots. What kind of pilots should we be deploying. Panel member (France) – Hard to simulate what we need to test – need a real user. Floor – a lot of discussion today on privacy, assuming one overall authority. Not as much discussion on user-management of identity. Panel member (France) – Identity is a vague term (e.g. RFID) treat IP address in different ways in different cases – it is just a pointer.

  31. Discussion (17) Panel member (France) – Need to monitor P2P communications. How to measure all activity on the network. Floor – Hard to test across multiple networks. Jim – Should be taken into consideration.

  32. Conclusion Trust Panel • Real-time • compartementalisation, different means in place, multiple levels of responsibility • multi-lateral • transitivity of trust, liability • usability • motivation for response • the proper level of regulation

More Related