Embed Size (px)
Citation preview
Newsletter Edition 2 December 2016
Produced by EEMA - WP6 Lead, FutureTrust @FutureTrust_EU LinkedIn www.futuretrust.eu
NewsletterEdition 2December 2016
A project funded under The European Commission program: H2020 DS-05-2015 GA No: 700542
DISSEMINATION AND COMMUNICATION OF THE FUTURETRUST PROJECT AT ISSE CONFERENCE IN PARIS
At EEMA’s annual Information Security Solutions Europe (ISSE) conference, which this year took place in Paris on 14th and 15th November, the Chair of EEMA - the Brussels-based independent Think Tank - Jon Shamah hosted a track session dedicated to introducing delegates to the FutureTrust Project, in a well-received presentation entitled ‘Future Trust Services for Trustworthy Global Transactions’.
With a focus on ‘Securing Future European Business’, ISSE 2016 was the ideal platform for FutureTrust, with more than 100 security and identity experts from many of the 28 EU Member States, and beyond, convening to debate and drive forward issues relating to identity in Europe, Transatlantic eID, standards, compliance and
regulation, as well as trust services and broader IT security topics.
Mr Shamah stated that: “FutureTrust is a practical way of deploying eIDAS,” explaining how the project has received funding from the Horizon 2020 programme and will design and develop innovative open source components and services complementing the current eIDAS ecosystem.
Addressing delegates he observed how: “We are not living within ‘blue borders’. We are trading with the world, not just within the EU. Supply
chains are global and this needs to be taken into consideration.”
Focusing on what FutureTrust will deliver, Mr Shamah explained how it would support the practical implementation of eIDAS and beyond by actively driving the standardisation process and demonstrating positive business cases for the reliance on electronic signatures, company seals and long-term authenticity of data and documents.
During the session, the ‘non-agility’ of regulation was discussed, highlighting how eIDAS Regulation
replaces the 15-year-old eSignature Directive. Yet eIDAS itself was a long time in the making, commencing in 2011 but will not be comprehensively rolled out until 2019/20. Mr Shamah made the point that: “Europe was ahead digitally, but now it is behind, caused in part by slow moving legislation.” He observed the impressive progress that has been made by Estonia, a nation that has developed rapidly because of its agility.
He closed his presentation by introducing the FutureTrust project partners that are collaborating to once again place the EU and wider Europe at the forefront of the digital world.
Andrea Servida, Head, eGovernment and Trust, DG CONNECT and others in discussion.
Jon Shamah, EEMA Chair, presenting FutureTrust Project
Newsletter Edition 2 December 2016
Produced by EEMA - WP6 Lead, FutureTrust @FutureTrust_EU LinkedIn www.futuretrust.eu
WHAT’S IN A NAME: THE CONFLICTING VIEWS OF PSEUDONYMISATION UNDER EIDAS AND THE GDPRAuthors: Niko Tsakalakis, Sophie Stalla-Bourdillon, Kieron O’Hara from Southampton University UKFirst published at Open Identity Summit, Rome, 2016
The use of pseudonyms in electronic identification has been highlighted by the eID literature as a privacy-enhancing technique that can significantly reduce data misuse when combined with other techniques like selective disclosure and attribute-based credentials. Electronic identification is one of the Commission’s ‘Digital Agenda’ goals for the internal market, which led to the enactment of the eIDAS Regulation, aiming to shape a harmonized legal framework for cross-border electronic transactions. At the same time, our data protection legal framework is changing, with the GDPR replacing the existing Data Protection Directive on May 2018.
Article 5 of eIDAS prescribes that pseudonyms inside the eIDAS framework shall not be prohibited. This same Article mandates full compliance with data protection
rules, effectively assigning both eIDAS and the GDPR a key role in shaping European electronic identification systems. It would only make sense, then, that any use of pseudonyms in the eIDAS framework must fully comply with the GDPR, which introduced for the first time a definition for pseudonymisation in its Article 4.
In our article ‘What’s in a Name’ the conflicting views of pseudonymisation under eIDAS and the General Data Protection Regulation” we attempt to investigate how the two Regulations regard the notion of pseudonymisation and explore the interplay between them. We propose that each employ different views on pseudonymisation that, on occasion, are unrelated to each other. We suggest that the GDPR’s definition of pseudonymisation is in practice unattainable by the framework specified in eIDAS, due to the way selective disclosure and unique identifiers function under the latter. It appears instead that pseudonyms in an eID setting are currently limited to mainly serve as substitutes for unique identifiers.
http://eprints.soton.ac.uk/400477/
PARTNER PROFILE
ecsec GmbH is a specialized vendor of innovative solutions in the sector of security in the information and communication technology, security management, smart card technology, identity management, web security and electronic signature technology. Based on experiences from several consulting projects with international reach ecsec GmbH counts to the leading providers in this sector and supports well known customers within the conception and implementation of tailor-made solutions. Due to the observance of current results of science and technology and current and future international standards, an excellent consulting quality and sustainable customer prosperity are guaranteed
ecsec has unique know-how and experience with respect to the secure integration of electronic identification (eID) and cloud technologies as demonstrated within the EU-funded FutureID project and the multiply awarded SkIDentity project. ecsec is active in pertinent standardisation committees within DIN, CEN, ISO, ETSI and OASIS, maintains the Open eCard project, which created an Open Source eID-
Client, which has been certified by the Federal Office for Information Security and contributes to Open Identity Summit and been involved in open interoperability initiatives such as the Open Signature Initiative and Common eID project.
In the FutureTrust project ecsec leads WP3 (Design) and contributes to aspects related to the design of the FutureTrust ecosystem. In WP4 ecsec is working on the implementation of a scalable preservation service and implementation of components/modules for a strong mobile authentication solution and remote signing and sealing.
The CEOs of ecsec receiving the Bavarian Innovation Award 2016
Newsletter Edition 2 December 2016
Produced by EEMA - WP6 Lead, FutureTrust @FutureTrust_EU LinkedIn www.futuretrust.eu
EID CONFERENCE - MULTICERT 19TH AND 20TH SEPT 2016.
The conference held in Maputo, Mozambique, was a great success and congratulations to Multicert for a valuable and successfully executed conference.
Generally, during one on one introduction conversations with participants of the eID Conference, it was revealed that the awareness of the FutureTrust brand by participants at the eID conference was low. The majority of them had not heard of FutureTrust before the preparation for the eID Conference.
On the positive side a considerable amount of discussion was had with participants before and after the FutureTrust presentation.
Between Nuno Ponte and Bruce Anderson the object was achieved to generate awareness of the FutureTrust brand and who the members of the consortium were.
The information shared with the eID Conference participants, provided a sound foundation of the “FutureTrust background and objectives.”
There was a confirmed interest from one of the participants requesting to be a member of the consortium.
FUTURE OF IDENTITY CONFERENCE http://www.futureofidentity.org
The Future of Identity Conference took place on 1st and 2nd September 2016 in Tallinn Estonia. Its primary focus was the use of virtual eIDs as a way of advancing employment and boosting economies. It looked at the e-Residency model in Estonia, but was primarily concerned with how that model could be replicated in a more global environment. The replication and use of eIDAS outside of the EU was discussed in detail.
The combination of an ‘External’ capable eIDAS, and e-Residency was determined to be a good potential model. There was interest from the Estonian e-Residency Unit in exploring how FutureTrust could play a part in future planning.
WORLD EID AND CYBERSECURITY CONFERENCE (http://www.worlde-idandcybersecurity.com/
World eID and Cybersecurity conference took place between 26th and 28th September 2016 in Marseille, France.
The World eID conference attracted attendees from across the world, with attendees from global organisations and SDOs such as NIST. It had a number of tracks compassing Blockchain, AutoTech, IOT, Cybersecurity, Global eID deployments, eIDAS
and also a special track funded by the World Bank looking at how eID could be brought to the 1.8 Billion Global Citizens without any formally recognised identity at all.
FutureTrust was presented alongside fellow H2020 projects: LIGHTest and Existenz. There was much interest and all collateral was distributed by the end of the first day.
Three new organisations approached FutureTrust with a view to joining the project as Associate Partners, and one Associate Partner delivered signed documentation at the conference.
DILBERT © 2009 Scott Adams. Used By permission of UNIVERSAL UCLICK. All rights reserved.
Newsletter Edition 2 December 2016
Produced by EEMA - WP6 Lead, FutureTrust @FutureTrust_EU LinkedIn www.futuretrust.eu
FUTURE TRUST IN SIX EASY SLIDES
UNDERSTANDING FutureTrust SERVICES IN SIX SLIDESSlides available on Opencardhttps://dev.openecard.org/dmsf/files/887/view
1
5
2
4
3
6
Newsletter Edition 2 December 2016
Produced by EEMA - WP6 Lead, FutureTrust @FutureTrust_EU LinkedIn www.futuretrust.eu
FUTURETRUSTPROJECT PARTNERS
Full details of all Partners can be found on Opencard.
Federal Office of Administration GermanyEEMA (Belgium)Arhs Spikeseed (Luxembourg)Federal Computing Centre of Austriaecsec GmbH (Germany)Giesecke & Devrient GmbH (Germany)LAW trusted Third Party Services (Pty) Ltd (S Africa)Ministry of Interior Republic of SerbiaMulticert (Portugal)Public Service Development Agency (Georgia)PwC (Belgium)Ruhr-Universität Bochum (Germany)Secure Information Technology Center AustriaSouthampton University (UK)Trustable Ltd (UK)Türkiye Bilimsel veTeknolojik Arastruma Kurumu TUBITAK (Turkey)
PLANNED ACTIVITIES AND EVENTS 2017
1-12 Jan: International Identity Management – The World Bank Washington
2 Feb: OIX Economics of Identity – London
8 Mar: IDM Europe - Amsterdam7 Mar: EEMA High Level Briefing
ATOS LondonJune: EEMA Annual Conference Nov: ISSE-EEMA Conference
FutureTrust BUSINESS CARDS
Order your FutureTrust business cards today.
An easy-to-use template has been created for you to personalise your own FutureTrust project business cards via Opencard.
To create your cards and to place an order see instructions on Opencard,
