Prime Discount
expires in
Register Now

Agenda

Wallet Security

Wallet Security

Combined Session
Wednesday, June 05, 2024 15:30—16:30

Wallet Security Mechanisms for the Decentralized Ecosystem
15:30—15:50
 

The concept of building trust relationships is an integral part of a decentralized ecosystem. A verifier must trust the identities of issuers to ensure the authenticity and integrity of data and a wallet must trust the identities of verifiers to ensure data is only sent to identified and authorized parties. The other important trust relationship is in the identity of the wallet and assures both issuer and verifier that they are communicating with a genuine, verified and unaltered wallet. Especially in the environment of eIDAS 2.0, this trust becomes all the more important, as highly sensitive and regulated use cases require a secure environment in the wallet. Among other things, device binding, user binding and wallet authenticity must be proven and issued in a wallet attestation in a technology-neutral and interoperable manner. In this presentation, the general concept of wallet attestations is explained, followed by the current state of discussions in the eIDAS process and the Architecture Reference Document (ARF). Furthermore, I explain the technical realization using the IETF Draft Attestation-Based Client Authentication and how it integrates into the omnipresent OpenID4VCI protocol.

Paul Bastian
Senior Innovation Developer
Bundesdruckerei GmbH
Paul is an expert on digital identity management at Bundesdruckerei. His focus is on identity credentials, wallet security, holder binding, device binding and initial trust for the upcoming...
The eIDAS 2.0 Era: Exploring the Security Landscape of Digital Identity Wallets
15:50—16:10
 

In the digital era, the security and privacy of personal and sensitive information has become a critical concern. Digital identity wallets have been introduced as a result of the new European regulation known as eIDAS 2.0. The digital identity wallet offers a practical and secure method for individuals to manage their personal data across various online platforms through a decentralized digital identity management model, without the reliance on centralized identity providers. However, since the model is relatively new, the security and privacy threats are still not fully known; this makes it difficult to prevent data breaches, unauthorized access, and violations of user privacy.
This session will delve into the emerging threats by providing a high-level overview of potential threats applicable to the digital identity wallet, derived from academic literature, technical specifications, and relevant regulations (including eIDAS 2.0). Furthermore, it will include an analysis of existing digital identity wallet solutions, and an assessment of adopted security measures against identified threats. This analysis aims to provide an overview of available and effective mitigation strategies against a set of identified threats.

Dr. Giada Sciarretta
Researcher
Fondazione Bruno Kessler (FBK)
Giada Sciarretta is a researcher of the Security & Trust research unit of Fondazione Bruno Kessler. She obtained her MSc in mathematics at the University of Trento in 2012 and received her...
Dr. Amir Sharif
Researcher
Fondazione Bruno Kessler (FBK)
Amir Sharif is a researcher in the Security & Trust Research Unit of the Cybersecurity Center at Fondazione Bruno Kessler, Trento, Italy. He earned his Ph.D. in Secure and Reliable Systems from...
The business Entity as an Authentic Source for Attributes
16:10—16:30
 

eIDAS version 2 introduces a new trust service that will significantly impact the identity landscape: the provisioning of attestations of attributes. Having attributes issued by a qualified trust provider will greatly enhance the reliability and availability of attributes required for business decisions. Businesses generate data about themselves and other natural and legal persons, and they are the authentic source of the attributes they generate. Hypervault (https://hypervault.com/) and Trust Agency (https://www.trust-agency.eu/) are collaborating on a study to explore the use of attributes generated in business entities, the impact on business processes, and the requirements for issuing, distributing, and validating trustworthy attributes. This presentation will disseminate some of the outcomes of that study, including what businesses need to do to tap into the potential of these authentic business attributes. We will also discuss how eIDAS 2 can help exploit the potential of these attributes to improve automation, strengthen security, and even open up new business processes that were previously impossible.

Wim Mintiens
Managing Partner
Trust Agency
Wim has over 30 years of experience in providing trust services (PKI) and electronic signature services. He started his career as a project manager for government and defence projects at a Belgian...
Secure your ticket
Be quick before the Prime Discount expires in
00d 00h 00m 00 s
Get a ticket
Almost Ready to Join EIC 2024?
Reach out to our team with any remaining questions
Get in touch