Lightweight Infrastructure for Global Heterogeneous Trust management

Similar documents
D5.5. Open Source Client Library and Server Tools for Delegations. Document Identification. Final UBISECURE, OIX

D12.4. Project Logo, LIGHTest Website and Infrastructure for LIGHTest WIKI. Document Identification. Draft. Don Thibeau (OIX), Charles Sederholm (GS)

1. Publishable Summary

D7.1. Definition of Requirements for derivation and attestation of mobile IDs. Document Identification. Final

A DNSSEC-based Trust Infrastructure

Cross border eservices STORK 2.0

Request for Expressions of Interest: The EU mhealth Hub

Electronic signature framework

A large-scale International IPv6 Network. A large-scale International IPv6 Network.

PROJECT FINAL REPORT. Tel: Fax:

Dr Michaela Black, Prof. Jonathan Wallace.

IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES

eidas Regulation (EU) 910/2014 eidas implementation State of Play

Experience of the Tunisian Participation to the EU s Horizon 2020 Framework Programme as an Associated Country

Media (NEM) Initiative

Natalia Manola University of Athens ATHENA Research and Innovation Center. OpenAIRE. An Open Knowledge & Research Information Infrastructure

Cybersecurity ecosystem and TDL Antonio F. Skarmeta

Shaping the Cyber Security R&D Agenda in Europe, Horizon 2020

DNS/DNSSEC Workshop. In Collaboration with APNIC and HKIRC Hong Kong. Champika Wijayatunga Regional Security Engagement Manager Asia Pacific

European Open Science Cloud

European Commission s proposal for a Regulation on Electronic identification and trust services for electronic transactions in the EU internal market

Coordinating Optimisation of Complex Industrial Processes

TOOP Introducing The Once-Only Principle project

Version 11

e-sens Electronic Simple European Networked Services

Europe (DAE) for Telehealth

European Framework for C-ITS Security 6 th of March 2018 Gerhard Menzel European Commission

European Commission Initiatives in telemedicine Presentation endorsed by the European Commission

eidas Regulation eid and assurance levels Outcome of eias study

Summary. Strategy at EU Level: Digital Agenda for Europe (DAE) What; Why; How ehealth and Digital Agenda. What s next. Key actions

Horizon 2020 Security

Plan a Pragmatic Approach to the new EU Data Privacy Regulation

Comparison of Electronic Signature between Europe and Japan: Possibiltiy of Mutual Recognition

Early Detection and Integrated Management of Tuberculosis in Europe. PJ Early diagnosis of tuberculosis. D2.2 Website.

Cloud28+ Compliance in Cross Border Business

EU Policy Management Authority for Grid Authentication in e-science Charter Version 1.1. EU Grid PMA Charter

Technical guidelines implementing eidas

Identity Ecosystem Design challenges. Wim Coulier eidas Expert Belgian Mobile ID

Trusted National Identity Schemes. Coralie MESNARD

ENISA s Position on the NIS Directive

Directive on security of network and information systems (NIS): State of Play

Establishing Trust Across International Communities

Enhancing Critical Infrastructure Protection with innovative SECurity framework

Evolution in cross-border interoperability of esignatures and eid. Tarvi Martens SK, Estonia

Striving for efficiency

Identify adequate calls and analyze the call text

EGM, 9-10 December A World that Counts: Mobilising the Data Revolution for Sustainable Development. 9 December 2014 BACKGROUND

Cybersecurity & Digital Privacy in the Energy sector

eidas & e-delivery CE Midsummer Conference "The role of policy decisions in the postal & delivery industry", Copenhagen (DK), 12 June 2017

D9.1. ecorreos: Requirements, Scenarios and Demo. Document Identification. Final. Dissemination Level

Toward Horizon 2020: INSPIRE, PSI and other EU policies on data sharing and standardization

2017 ANNUAL TRUST SERVICES SECURITY INCIDENTS ANALYSIS. ENISA Article 19 Team

Public consultation on the revision of the Recommendation on relevant markets

Interoperability Challenge of Certified Communication Systems via Internet

UCD Centre for Cybersecurity & Cybercrime Investigation

Request for Expression of Interest. Consultant - Project Coordinator. Project: I-CARE Global Imperative Indicator

Workshop 4.4: Lessons Learned and Best Practices from GI-SDI Projects II

The 5G Infrastructure Association

eidas Regulation in the context of Cybersecurity: Electronic seals and website certificates: Two sides of a (gold) medal?

Package of initiatives on Cybersecurity

DIGITAL AGENDA FOR EUROPE

Third public workshop of the Amsterdam Group and CODECS C-ITS Deployment in Europe: Common Security and Certificate Policy

Once-Only Principle Reducing Administrative Burden for Citizens and Businesses

Introduction to the Participant Portal services

European Union Agency for Network and Information Security

Security Aspects of Trust Services Providers

SSL/TSL EV Certificates

EU projects for ehealth new ehealth activities in EU

ETNO Reflection Document on the EC Proposal for a Directive on Network and Information Security (NIS Directive)

D2.14. Reference Architecture. Document Identification. Final. Georg Wagner (TUG), Charles Sederholm (GS)

e-sens Electronic Simple European Networked Services Klaus Vilstrup Pedersen WP6 Manager DIFI, Norway

Towards a European Cloud Computing Strategy

EU funded research is keeping up trust in digital society

GDPR Compliant. Privacy Policy. Updated 24/05/2018

ehealth Ministerial Conference 2013 Dublin May 2013 Irish Presidency Declaration

Certification Authority

ehaction Joint Action to Support the ehealth Network

Workshop on Addressing the Barriers to IPv6 Deployment Spanish use case

The NIS Directive and Cybersecurity in

Objective 1.1: Innovative lighting systems based on Solid State Lighting (SSL)

Agenda. 1. The LoU between EC-CEF and OpenPEPPOL about transition and migration to AS4 - Niels

THE CONNECTING EUROPE FACILITY

SEMIC 2013 Semantic interoperability of Civil Status Registers by the International Commission on Civil Status (ICCS-CIEC)

Barry Lowry Government CIO September Digitising Ireland the Government Chief Information Officer's Perspective

USC esignature and Interoperability. Daniel Sánchez Martínez University of Murcia

July 13, Via to RE: International Internet Policy Priorities [Docket No ]

Big Data Value cppp Big Data Value Association Big Data Value ecosystem

European Open Science Cloud Implementation roadmap: translating the vision into practice. September 2018

The current status of Esi TC and the future of electronic signatures

eidas Interoperability Architecture Version November 2015

ICANN and Russia. Dr. Paul Twomey President and CEO. 10 June International Economic Forum St. Petersburg, Russia

CERT.LV activities, role in Latvia and globally. Baiba Kaskina, CERT.LV , Sofia, Bulgaria

LEA Workshop. Champika Wijayatunga & George Kuo, APNIC Wellington, New Zealand 09, May, 2013

A Framework for Information Sharing and Alerting

Transforming Healthcare with mhealth Solutions.

The PICTURE project, ICT R&I priorities in EaP, areas of cooperation

Technical Trust Policy

Gateway Certification Authority pilot project

Regulating Telemedicine: the

Transcription:

LIGHT est A Lightweight Infrastructure for Global Heterogeneous Trust Management Lightweight Infrastructure for Global Heterogeneous Trust management in support of an open Ecosystem of Stakeholders and Trust schemes 1

Agenda European Project and Global Initiative (organizational) The Problem What LIGHT est does Vision and Major Selling Point Going Global Invitation to Collaborate 2

LIGHT est is a Global Initiative set up by an EU-Funded Project Objective: Creation of a Global Trust Infrastructure Global Initiative LIGHTest-trust.{org, net, com} LIGHTest.info Open invitation for collaboration to all interested stakeholders Any geographic region Any application field Global community open to all stakeholders builds a global community creates open standards provides open source software EU Project LIGHTest-trust.eu LIGHTest.eu LIGHT est Consortium 3

The European LIGHT est Project Horizon 2020 Innovation Action Call: H2020-DS-2015-1 Trust eservices Starts September 1, 2016 36 months Estimated cost of 8.7 Mio Euros 14 partners from 9 countries Coordinated by Fraunhofer 4

Agenda European Project and Global Initiative (organizational) The Problem What LIGHT est does Vision and Major Selling Point Going Global Invitation to Collaborate 5

Trust in a changing world In the old days our world was smaller we knew our business partners Deals were sealed in personal contact Increasingly we operate Europe- or World-wide we don t know our business partners Deals are sealed remotely through Cyberspace 6

Transactions are increasingly conducted Virtually We have virtual transactions with.. People Organizations Devices/Things 7

But who is really behind the electronic identity? As expected from the appearance: Trustworthy -- legitimate 8

But who is really behind the electronic identity? Not what we expect!!! Untrustworty -- fraud 9

How can we know whether a remote someone/s.thing is trustworthy? We need Help: Trusted Authorities Trusted Third Parties that publish Reputation Ratings Regulation and Supervision Certifies Trustworthiness Trust List 10

Agenda European Project and Global Initiative (organizational) The Problem What LIGHT est does Vision and Major Selling Point Going Global Invitation to Collaborate 11

The LIGHTest Architecture Existing Governance, Organization, Infrastructure of DNS Existing, Single Trust Root Policy Authoring and Visualization Tools (WP6) Trust Trust Trust List List List Trust Trust Scheme Scheme Publication Authority Authority Authority (WP3) Individual Trust Policy Assurance Levels queries Trust Scheme Trust Scheme Trust Translation Authority Authority Authority (WP4) Delegation Trust Scheme Trust Scheme Publisher Authority Authority (WP5) verifier Electronic Transaction Automatic Trust Verifier (WP6) 12

The LIGHT est Architecture DNS: The Internet Phone Book Existing, Single Trust Root Root Servers 2016: 558 DNS root server instances Existing Governance, Organization, Infrastructure of DNS Top-Level-Domain Name Servers generictdls: com, org, edu, info de, it, at, us, ca, Existing, Single Trust Root Existing Governance, Organization, Infrastructure of DNS Most Organizations have existing Name Servers ec.eu, gov.it, daimler.com, fraunhofer.de Trust Trust Trust List List List Trust Trust Scheme Scheme Publication Authority Authority Authority (WP3) Trust Scheme Trust Scheme Trust Translation Authority Authority Authority (WP4) Delegation Trust Scheme Trust Scheme Publisher Authority Authority (WP5) Policy Authoring and Visualization Tools (WP6) Individual Trust Policy Assurance Levels queries Organization can define lower-level names verifier Electronic Transaction Automatic Trust Verifier (WP6) Existing or dedicated name servers trust.ec.eu, eidas.trust.ec.eu, signature.eidas.trust.ec.eu 13

What does LIGHT est do? (WP3) Infrastructure for Publication and Querying of Trust Schemes Create a global Standard Way for publishing Trust Lists....on a global Trust Infrastructure Across domains Accommodate diverse perceptions of trust No global agreement needed Authorities: EC and MS for qualified signature and trust services Business registers Professional registers (health, justice, law-enforcement,..) Corporate internal registers 14

What does LIGHT est do? (WP6) Trust Policy and Automatic Trust Decisions Make it automatic for Verifiers to query Trust Lists Combine multiple queries to validate an Electronic Transaction against an easy to author Trust Policy Trustworthy? (yes/no) Electronic Transaction e.g. signed document Trust policy: List of Authorities that I trust, 15

What does LIGHT est do? (WP5) Infrastructure for the Publication and Querying of Delegations Delegation: Organization publishes Trust List on....who can sign/act in its name for which purposes Authorizes employees to act/sign in its name Trust List 16

What does LIGHT est do? (WP4) Infrastructure for the Translation across Trust Domains Authority publishes Trust List on....which authorities from other trust domains are trustworthy..how to translate foreign into native trust schemes NIST: Level 3 == EC eidas: Level substantial Bilateral agreements, etc. Trust List 17

What does LIGHT est do? (WP7) Trust Propagation of Derived Mobile IDs Trustworthy through secure enrollment Birth and population registers in person issuance Often unfit for mobile use Derive mobile identities from eids How does trust propagate??? Currently lacks highly trusted electronic identities 18

What does LIGHT est do? (WP9) Pilot Demonstrations e-correos (by Correos) Spanish Postal Service, one of largest world-wide electronic registered delivery service Identities of users Citizens and businesses receive official notifications from various administrations PEPPOL e-invoicing (by IBM) e-invoicing in OpenPEPPOL environment Approach applicable to other PEPPOL applications Demonstrates easy of integration of LIGHT est in existing product Demonstrates delegation-enabling an application with LIGHT est. 19

Agenda European Project and Global Initiative (organizational) The Problem What LIGHT est does Vision and Major Selling Point Going Global Invitation to Collaborate 20

The Vision of LIGHT est Out of Reach: Setting up and funding a global server infrastructure Setting up a global organization (Registries) Consensus on the Governance of a global Single Trust Root By using the existing Domain Name System: LIGHT est is the ONLY possible way to create a global, cross-domain trust infrastructure 21

THE Unique Selling Point A multitude of Trust Anchors is very difficult to provision LIGHT est uses the Single Trust Root of the DNS The single trust root of LIGHT est brings multi-faceted trust decisions in the realm of the feasible 22

Agenda European Project and Global Initiative (organizational) The Problem What LIGHT est does Vision and Major Selling Point Going Global Invitation to Collaborate 23

Going Global Community Building We need to go beyond the limits of the Consortium Build up a global community around the vision of LIGHT est Go Viral Global community in support of LIGHT est IETF Potential sub-community/ application field Consor tium Activated sub-community/ application field 24

Going Global Approach Global Players in the Consortium OIX, GlobalSign, IBM Members of Existing Communities in Consortium IETF Dane Advisory Board Associate Partners Loosely linked Web-based Community 25

Going Global Community Based Dissemination Empower the Community to Disseminate the LIGHT est Vision/Technology Open Source and (International) Open Standards Open Document Licenses for Dissemination Material Empower Others to Disseminate the Vision Adapt to new application fields Translate 26

Agenda European Project and Global Initiative (organizational) The Problem What LIGHT est does Vision and Major Selling Point Going Global Invitation to Collaborate 27

Invitation to Collaborate First Focus: Inventories Discussion later in same session Help us solve YOUR problem! Requirements Later: An open, global LIGHT est Community.. (stay tuned) Use LIGHT est results and software to solve your trust problems! Open Source, Open (international Standards), Support from Community Make sure today that your problem is on our radar! 28

Contact Heiko Roßnagel (coordinator) Rachelle Sellung (Inventories) Jon Shamah (Communications and Community) <heiko.rossnagel@iao.fraunhofer.de> <rachelle.sellung@iat.uni-stuttgart.de> <jon.shamah@eema.org> 29

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback