|
|
Sarah Spiekermann
|
Sarah Spiekermann is a senior researcher and faculty member at Humboldt University Berlin (Germany) since 2003 and Adjunct Professor of Information Systems at the Heinz School of Public Policy and Management at Carnegie Mellon University (USA) since May 2008. From 2004 to 2008 she was director of the Berlin Research Centre on Internet Economics conducting research on the impacts of information technology on markets. She co-led the technology assessment study on Ubiquitous Computing for the German Ministry of Research and Education and has published over 50 articles in the area of electronic privacy, security and RFID, personalization and user interaction in E-Commerce and M-Commerce as well as knowledge managment. Sarah regularly serves as a senior reviewer for the EU Commission and is associate editor of the European Journal of Information Systems.
Before joining academia Mrs. Spiekermann worked as a strategy consultant for A.T. Kearney (1997-2000) and from 2002 to 2003 led the EMEA Business Intelligence for Openwave Systems. She received a Ph.D. in Information Systems from Humboldt University in 2001, a master of business from the European School of Management (ESCP-EAP) in 1997 and a Master of Science degree from Aston University (Birmingham, UK) in 1998. |
Abstract of the talk: |
A Privacy Impact Assement for RFID - A Proposal
In May 2009 the EU Commission published its 'Recommendation on the implementation of privacy and data protection principles in applications supported by radio-frequency identification'. Here it is described that retailers seeking to implement RFID need to run through Privacy Impact Assessments (PIA) that will determine how to handle RFID vis-a-vis customers. Sarah's talk will deal with 3 questions:
1) What are consumers afraid of?
2) PIA: When is privacy technically undermined by RFID? - A systematic approach for analysis
3) How can privacy be protected with RFID: Shortfalls of the Recommendation
|
Peter van Rossum
|
Short Bio: To be updated. |
Abstract of the talk: |
Mifare Classic Troubles:
The Mifare Classic RFID tag is by far the most widely used
contactless smart card. It is typically deployed in access
control systems and in public transport payment systems
(such as the London Oyster Card and the Dutch OV-chipcard).
Although its manufacturer used to boast that it featured "field-proven cryptography", last year's research has shown
the security features of the Classic to be virtually
inexistant; the cryptography has been called "Kindergarten
cryptography" by a leading expert in the field.
In this talk we'll see what is wrong with this tag and we'll
also discusss how it is possible that this tag is (still)
so widely used. |
Marc Vauclair
|
After obtaining a Master in electrical engineering in 1983 (Université Libre de Bruxelles, Belgium), Marc Vauclair was employed for 8 years in the Philips Research Laboratory Brussels (artificial intelligence, deductive databases, formal languages, Prolog, cryptography...). Afterwards, he worked during 4 years as a freelance building CD-i authoring tools, consulting in the security domain, translating the first edition of "Applied
Cryptography" book (Bruce Schneier) from English to French and writing device drivers for various Unix variants. In 1995, he joined the security and cryptography team of the Philips Development Laboratory in Brussels for 3 years where he held the job of security expert. Afterwards, he was transferred to the Philips Digital Systems Laboratories Leuven to take on a job as DSP developer and system architect for security and DRM (Digital Rights Management) systems. He joined in 2006, NXP Semiconductors as Security System Architect and as Technology Manager for Security Applications. |
Abstract of the talk: |
MIFARE Plus and Privacy Preserving Technologies:
Privacy preserving technologies are and will be key to the
adoption of wireless tokens (like public transportation tickets, access control badges…). NXP
MIFARE Plus is the latest addition to the MIFARE family of contactless technologies used in
transport networks and access management. MIFARE Plus meets high security standards but
also provides unique privacy preserving features that helps building systems that
prevent individuals from being identified and tracked without their consent. |
Rene Struik
|
René Struik has been with Certicom Research since 2001. René's main work focuses on "ubiquitous security". His main interests include efficient cryptography, security and trust lifecycle management aspects of highly constrained environments (such as sensor and control networks), and "security and ease of use". René is a frequent contributor to standards for wireless constrained networks, such as IEEE 802.15, ZigBee, and ISA SP100.11a, and industrial security consultant. René holds a M.Sc. degree in Computer Science and a Ph.D. degree in Mathematics, both from Eindhoven University of Technology, The Netherlands.
|
Abstract of the talk: |
Sensor Security: A Kaleidoscopic View:
We discuss several security and cryptographic topics relevant to
general sensor networks. We discuss how a security architectural
design could be tailored towards achieving design objectives, such as
low overall implementation cost, adaptability towards different trust
models underlying network operations, and support for semi-automatic
lifecycle management with minimum human intervention, scalability,
survivability, mobility, and topology changes. We argue that, to be
useful, the security approach should hide security details from the
user, thus allowing ease of device and network setup and flexibility
of trust lifecycle management. We give some examples, using deployment
scenarios discussed within the IEEE 802.15.4, ZigBee, and ISA SP100
community. Finally, we point towards directions for further research. |
|
|
|