diff --git a/_data/destinations.yml b/_data/destinations.yml index e944313..9aa5945 100644 --- a/_data/destinations.yml +++ b/_data/destinations.yml @@ -1098,6 +1098,15 @@ startDate: "2024-09-25" endDate: "2024-09-27" +- id: CRiSIS2024 + name: 19th International Conference on Risks and Security of Internet and Systems + acronym: CRiSIS 2024 + url: https://crisis2024.univ-gustave-eiffel.fr + type: conference + location: Aix-en-Provence, France + startDate: "2024-11-26" + endDate: "2024-11-28" + - id: EUROSP2024 name: 9th IEEE European Symposium on Security and Privacy acronym: EUROS&P 2024 diff --git a/_data/people.yml b/_data/people.yml index d49a132..3b0f388 100644 --- a/_data/people.yml +++ b/_data/people.yml @@ -242,6 +242,10 @@ name: Daniel Ricardo surname: dos Santos +- id: DanielaPöhn + name: Daniela + surname: Pöhn + - id: DanieleDelSale name: Daniele surname: Del Sale @@ -1077,6 +1081,10 @@ name: Wendy surname: Barreto +- id: WolfgangHommel + name: Wolfgang + surname: Hommel + - id: WorachetUttha name: Worachet surname: Uttha diff --git a/_data/publications.yml b/_data/publications.yml index 59d67f3..c23c9ad 100644 --- a/_data/publications.yml +++ b/_data/publications.yml @@ -2099,6 +2099,24 @@ year: 2024 #doi: +- id: CRiSIS2024 + #id_iris: 348308 + title: "Protecting Digital Identity Wallet: A Threat Model in the Age of eIDAS 2.0" + authors: + - AmirSharif + - ZahraEbadiAnsaroudi + - GiadaSciarretta + - DanielaPöhn + - MajidMollaeefar + - WolfgangHommel + - SilvioRanise + abstract: > + The revised eIDAS regulation (eIDAS 2.0) advocates a shift from federated identity management systems (such as SAML and OpenID Connect) to user-centric identity-based systems. It defines the European Digital Identity Wallet as a key component. The main goal is to enhance privacy by empowering citizens to selectively disclose personal data in a controlled way. To facilitate the implementation of an interoperable Wallet solution, the EU Commission published a reference architecture and identified a high-level set of requirements. However, comprehensive security and privacy guidelines to ensure a secure and privacy-preserving solution are still missing. To address this gap, we provide threat modeling explicitly designed for the Digital Identity Wallet context. This allows for identifying potential threats and a set of effective controls to secure the implementations. + destination: CRiSIS2024 + year: 2024 + #doi: + urlNews: /news/2024/10/09/paper-accepted-at-crisis-2024/ + - id: EUROSP2024 id_iris: 351187 title: "CSRFing the SSO Waves: Security Testing of SSO-Based Account Linking Process" diff --git a/_news/2024-10-09-paper-accepted-at-crisis-2024.md b/_news/2024-10-09-paper-accepted-at-crisis-2024.md new file mode 100644 index 0000000..a636b38 --- /dev/null +++ b/_news/2024-10-09-paper-accepted-at-crisis-2024.md @@ -0,0 +1,13 @@ +--- +title: Paper accepted at CRiSIS 2024 +papers: + - CRiSIS2024 + +people: + - AmirSharif + - ZahraEbadiAnsaroudi + - GiadaSciarretta + - MajidMollaeefar + - SilvioRanise + +--- diff --git a/_projects/POTENTIAL.md b/_projects/POTENTIAL.md index d6d1b7a..f49d23b 100644 --- a/_projects/POTENTIAL.md +++ b/_projects/POTENTIAL.md @@ -1,6 +1,10 @@ --- project: POTENTIAL website: https://www.digital-identity-wallet.eu/ + +publications: + - CRiSIS2024 + --- POTENTIAL (*PilOTs for EuropeaN digiTal Identity wALlet*) develops pilots for testing the Digital Identity Wallet in Europe. The large scale pilot ambition is to provide people with a way to simplify online procedures like opening a bank account, renting a car or signing documents remotely. diff --git a/_projects/STRIDE.md b/_projects/STRIDE.md index d30fde5..5931e6a 100644 --- a/_projects/STRIDE.md +++ b/_projects/STRIDE.md @@ -13,6 +13,7 @@ publications: - EUROSP2024 - SECRYPT2024 - iMETA2024 + - CRiSIS2024 --- In the scope of the Italian Partnership - Partenariato Esteso "Security and Rights in CyberSpace" (SeRiCS), FBK is participating in the "Spoke 5: Cryptography and Distributed Systems Security" project "Secure and TRaceable Identities in Distributed Environments (STRIDE)". diff --git a/_topics/IdentityManagement.md b/_topics/IdentityManagement.md index 13c7aeb..a4fb895 100644 --- a/_topics/IdentityManagement.md +++ b/_topics/IdentityManagement.md @@ -34,6 +34,7 @@ publications: - EUROSP2024 - iMETA2024 - IEEE_SP2024 + - CRiSIS2024 theses: - DamianoSartori_B