World e-ID & CyberSecurity - Digital Identity and Data Protection for Citizens and Businesses | Sept. 25-27, 2017 – Marseille, France


This version is continuously updated and enriched with additional speakers: keep posted!
Update: August 21, 2017
DAY 1 – Monday Sept. 25 AFTERNOON
World e-ID and Cybersecurity Smart Security Week Innovation Live
Keynotes & panels addressing transversal topics of the Smart Security Week conferences


Welcome Cocktail
DAY 2 – Tuesday Sept. 26
Track 1 Track 2  
Digital Identity Management and FuturE ID GDPR: Managing Privacy & Compliance
All-day: Exhibition & Demos
Mobile ID for Gov & Business eIDAS & GDPR in Business & Government
Managing Cybersecurity in Business
Exhibition & Demos
ID on Blockchain for eGov & Developing World eIDAS Impacts on Trust Services Provision
Smart Security Week Awards Ceremony
Gala Evening
DAY 3 – Wednesday Sept. 27
From National e-ID to Digital ID
Exhibition & Demos
Access control & Biometrics Advances National ID Deployments & Border Management
Exhibition & Demos

DAY 1 - Monday September 25 Afternoon

2.00pm – 6.30pm: Opening Session | 3.50pm – 4.30pm: Coffee & Refreshment Break – Networking – Exhibition

Cooperative Cybersecurity for our Connected World

Common to the co-located conferences forming Smart Security Week, the Grand Opening will give a global view of public and private Cybersecurity initiatives to forge a united response to cyber threats, from policies and regulations to PPP, from industry solutions to best practices. The European Union’s responses to cyber threats has paved the way to cooperative cybersecurity between Member States with the NIS Directive, cPPP, IoT “Trust Label”, Privacy, GDPR, eIDAS and a renewed cybersecurity framework in preparation. On the other side of the Atlantic, the US NIST’s Framework also aims to the convergence of cybersecurity responses. The recent development of these initiatives, and others from around the globe, will be presented and discussed in the first part of the Opening. The second part will focus on private sector cybersecurity responses with focuses on Digital Identity management and IoT security challenges.

Part 1 – Large Scale Cybersecurity Initiatives Worldwide
Day 1
25 Sep 2017

European Union Cybersecurity Strategy: a new framework to deal with new challenges

Slawomir Górniak

Cybersecurity Strategies in the EU

  • Policies for cooperation at EU level:  Cooperation and protection of infrastructure, Crisis management
  • Emerging EU policy areas
  • Strategies: Cooperation, Preparedness, Certification
Donna Dodson

US NIST Cybersecurity Framework 1.1: Achievements & Road Ahead (Title TBD)

Donna Dodson

PANEL DISCUSSION: Transatlantic Cybersecurity Cooperation: Forging an United Response to Universal Cyber Threats

Part 2 – Preparing to Cyber Attacks: Security Industry Responses to Protect Data, Assets and People
Day 1
25 Sep 2017
Dr. Detlef Houdeau

ECIL recommendations to EU Commission

European Cyber Security Leaders (ECIL): harmonization replace fragmentation, NIS2.0 should follow NIS, rapide action force is indicated, incentive for private actors to participate on security information sharing, recommendations for asset protection of SMEs in EEA, security algo based on guidelines from EU, staged security and mutual acceptance is needed, backdoor for illegal use must be prevented, EU regulatory sandboxing is recommended, new cyber security innovation via economic incentives.

Raghu K Dev

Cognitive Security and Threat Intelligence (Title TBD)

Patrice Slupowski

Future of Identity for a Global Connected World

• Life is becoming more digital so crime is following the trend
• With 15 connected objects for each user are we going to be physically hacked and harassed by things?
• Passwords are dead and new tools are absolutely required
• Privacy will become absolutely essential to protect our digital patrimony

Helmut Scherzer

Reload the Responsible Internet Citizen – The Internet of the Future

• Personal Identity Card with free Digital Signature
• Signature for Internet Communication
• Wiki-Reality
• Name the ‘dark side’ of the power
• Privacy Initiative
• Back to the responsible Citizen
• Reality Check

Alain Ducass
Patrice Slupowski
Mohammed Murad
Michiel Loeff

PANEL DISCUSSION: Next Massive Attacks of Biometric Databases: Are We Ready?

Smart Security Week Innovation Live
2.00pm: Exhibition Opening

DAY 2 - Tuesday September 26

9.00am - 1.00pm: Break-out Sessions | 10.50 - 11.20am: Coffee & Refreshments Break – Networking – Exhibition

Track 1: Technologies & Enterprise
Digital Identity Management and Future ID
Day 1
26 Sep 2017
Gustav Poola
Karina Egipt

KEYNOTE Secure Governance of Digital Identity and Authentication

● Identifiers definition methods
● Rules of the game to use identifiers
● Identifiers and authentication relation to new informational concepts
● Assurance and accountability of information systems designed for efficient use of identifiers

Stephan Krenn

Credential: Secure and Private Cloud Service Managing Digital Identities

● Innovative secure cloud service for storing, managing and sharing digital identity & personal data
● Providing a high level of security for accessing user data through strong multi-factor authentication
● Use of complex proxy cryptography for preserving data user privacy
● Open architecture and broad interoperability and portability between systems and services

Augustin Mrazik

TRUST-EX – Object-Oriented Trust Model

● Trusted identity of users – crowd-funded as well as automatic rating of user credibility
● Easy-to-use strong authentication
● Transparent encryption of all data and messages
● Encapsulation of present identities, users continue using their previous e-mail accounts

Arshad Noor

Leveraging PKI Towards Simpler, Stronger Authentication

● X.509 Certificate/Smartcard-enabled web-applications are neither easy/cheap to create
● A FIDO Alliance protocol is gaining traction and becoming a W3C standard this year for web-auth
● FIDO strong-authentication protocols are easier/cheaper to integrate in applications, and to use
● Leveraging PKI credentials to get o FIDO strong-authentication is a viable bridge to the future

Track 2: Cybersecurity Regulations
GDPR: Managing ePrivacy & Compliance
Day 1
26 Sep 2017
Zoltán Précsényi

KEYNOTE GDPR and ePrivacy Regulation Impacts (Title TBC)

Athena Bourka
Prokopios Drogkaris

ENISA Perspective: How Data and Privacy are Protected Across the EU (Title TBC)

Rob van der Staaij

How to Protect Privacy Data in the Most Effective Way

● The General Data Protection Regulation requires that privacy-related information be protected
● Encryption is by far the most effective means to protect privacy data
● Many organisations do not have sufficient knowledge and expertise in the area of encryption
● Yet, encryption can be implemented in an effective way

Frederic Engel

All of Me, Privately

Mobile ID for Gov & Business
Day 1
26 Sep 2017
Andras Barsi

Mobile ID Provision: Empowering the End-User in the Digital World

● Legal compliance, an ever-growing problem for service provider creating a barrier to expansion
● Mobile ID provision can be the next generation value added service for banks or telecom companies
● Demo of Mobile ID in a banking scenario

Christian Bull

Data-Driven and User-Friendly Authentication on Mobile Devices

● Continuous authentication from smartphone sensor data is possible and promising
● Security and privacy of our solution is key and requires care, including user requests to delete or access data
● Machine learning can help make sense of the stream of data about you
● Requiting and motivating users is important for the success our project

Libor Neumann

Triangle Authentication for a Trusted Mobile e-ID Ecosystem

● Logistics of mobile eID is very different from smart card eID logistics in eID ecosystem
● Introduction to triangle authentication – four types of triangle authentication description
● Triangle authentication use cases – local and remote identity proofing, self-service authenticator management and remote digital signature
● Triangle authentication – a solution to eID logistics

Markus Hertlein

Strong Authentication: A Solution for the Upcoming Challenges

eIDAS & GDPR in Business & Government
Day 1
26 Sep 2017
Erik Van Zuuren

e-Identity and Trust Services in the Area of e-Justice

● Trusted eIdentities for secured lawyer access
● Qualified eSignatures to ensure legal value in real court cases
● Qualified eDelivery to have guaranteed notification/delivery in legal proceedings
● Trustworthy Operational environment (incl stringent privacy protection)

John Erik Setsaas

Client On-Boarding and the Future Role of eIDAS

● Onboarding for financial institutions is costly and complex
● 40% of clients abandon
● eIDAS defines assurance levels
● Reasonable assurance and gradual onboarding

Jon Shamah

Extending Trusted Services beyond eIDAS

● Public and private sector schemes need to grow and interlink
● Scemes can either Integrate or Interconnect
● Visibility of Standards, transparent policies, as well as technical interoperability is essential
● As part of The EU Horizon 2020, FutureTrust and LIGHTest projects are driving that Interconnection

Dr. Shaun Topham

EKSISTENZ EU project in eIDAS scenarios (Title TBC)

Matthias Schwan

Seven Steps to Get Connected to eIDAS Network

1.00 – 2.00pm: Lunch – Networking – Exhibition | 2.00 – 6.45pm: Break-out Sessions | 3.50 – 4.30pm: Coffee & Refreshments Break – Networking – Exhibition

PSD2: Leveraging Identity Data in Banking
Day 1
26 Sep 2017
Erik Van Zuuren

eIdentity & Cyberchallenges in the Era of PSD2

● Quick overview of key PSD2 characteristics
● Modelling the required platform – Understanding the key building blocks
● PSD2 from a hacker/fraud perspective
● Overview of required eIdentity (verification) and other security measures

John Erik Setsaas

Turning the Open API Requirements of PSD2 into a Business Driver for Banks

● PSD2 puts new requirements on the bank – Identities is an important part of this
● Banks have valuable identity data, which can be monetized, by making it available
● Internal identities must be consolidated

Georg Nikolajevski

Next Generation e-ID

● Cross-border authentication and e-signing challenges
● One key to all e-services across European Union
● Changing user’s experience in digital world
● Trusted eID for banks

Yves Chemla

Best way to strengthen an easy customer journey following both together PSD2 for payment-transaction & GDPR privacy for Web-banking & customer secure access

● How can we Authentify in large scale while protecting sensitive data & Create a FraudLess world ?
● The need to offer a native solution supporting both PSD2 and GDPR European Directive
● What do we need ?
● What ARE The NEEDS for Banks & Retail
● How to best Answer to PSD2
● How Answer to GDPR

Managing Cybersecurity in Business
(Jointly with Security Automation World)
Session Chair: Sławomir Górniak, Data Security & Standardization Unit, ENISA – European Union Agency for Network and Information Security
Day 1
26 Sep 2017
Emmanuel Meriot

KEYNOTE The Enterprise Immune System: Using Machine Learning for Next-Generation Cyber Defence

● How new machine learning and mathematics are automating advanced cyber defence
● Why 100% network visibility allows you to detect threats as they happen, or before they happen
● How smart prioritisation and visualization of threats allows for better resource allocation and lower risk
● Real-world examples of unknown threats detected by ‘immune system’ technology”

Peter Allor

Where Cybersecurity Strategy (Risk Management) and Practical Deployment Meet

● Risk based Strategy
● Formulating a risk approach that can realize a practical deployment
● Where to start & what tools can help with risk based strategy
● Get past strategy and to the practical reality

Mark Hearn

Inside the Mind of a Hacker: Knowledge is Cybersecurity Power

● Security shouldn’t be treated as a check box
● How hackers operate, what they are after and how they gain access despite security measures
● Making difficult to exploit vulnerabilities from IoT services and connectivity
● Implementing a proper cybersecurity approach

Gerd Pflueger

The Mobile Security & Identity Management Collision

● When mobility and identity collide: with the rise of IoT, more mobile devices are being used for authentication
● The new identity management model in light of IoT
● How businesses can drive digital transformation securely without compromise between mobility and security

Aljosa Pasic

WATIFY: Awareness Campaign for the Modernisation of Europe’s Industry

ID on Blockchain for eGov & Developing World
(Jointly with Identity World)
Session Chair: Jim Dray, Science Adviser, US National Institute of Standards and Technology (NIST)
Day 1
26 Sep 2017
Adewale Omoniyi

Blockchain – Building Trust through Digital Identity

● Blockchain as a Trust Broker – Public Private Decentralized Ledgers
● IBM POV on digital Identity for Governments
● Blockchain and Cyber Security POV
● Identity – Fundamental to Access – Financial and Economic Inclusion, Access to Health and Social Services, Education, Governance and Transparency

John Erik Setsaas

Identities on a Global Level – Taking the Blockchain Thinking to the Next Level

● Blockchain is excellent for ensuring immutability, and thereby that identities cannot be deleted
● Blockchain is not the best when it comes to privacy and the right to be forgotten
● A new distributed infrastructure is needed, where blockchain is an important part
● Four storage areas in the distributed network: blockchain, IdP truststore, identity data, secret key

Daniel Gasteiger

How Blockchain Technology Can Enable Governments To Deliver Secure Digital Identity And E-Gov Services

● The Issue with Identity and how blockchain can help (self-sovereign digital identities)
● How such an identity forms the basis for secure e-gov services on blockchain tech
● Switzerland as a logical hub for companies involved in such products (democracy, stability/security, data protection

Salvatore Francomacaro

Blockchain and Distributed Ledger Technology in International Standards

Jim Dray
Adewale Omoniyi
Daniel Gasteiger
Salvatore Francomacaro
John Erik Setsaas

PANEL DEBATE – Blockchain Based Identity Management: From Promises to Reality

eIDAS Impacts on Trust Services Provision
Session Chair: Jon Shamah, Chair of EEMA, UK; Principal Consultant, EJ Consultants, UK
Day 1
26 Sep 2017
Slawomir Górniak
Arno Fiedler

eIDAS Website Authentication and the Global Web PKI

● eIDAS Framework for Trust Services
● Qualified Website Certificates and PSD/2 Requirements
● CA/B-Forum and Google Requirements for Publicly-Trusted SSL/TLS Certificates
● ENISA approach for global recognition

David Ruana

Cloud Identity and Remote Signature

● Compliance with the security requirements for trustworthy systems supporting server signing
● Use cases of implementation of signature generation services in real projects

Eric Bohner

Electronic Signatures (Re-)Invented: 5 Value-Adding Services

● Plain electronic signature solutions don´t suffice for high-value and risky transactions
● 5 important needs to achieve complex transactions
● Client cases to increase the value of plain electronic signature solutions significantly

Ingolf Rauh

Digital Onboarding – How PKI and Certificates Protect You in 2017 & 2018

● Important topics to be respected in 2017 and 2018: https everywhere, GDPR, eIDAS, CT log
● What is a certificate and why should I use it?.
● Best practices and pitfalls in choosing and using different certificate types
● The importance of the governing law behind certificates

Jon Shamah
Carlos Serratos

PANEL DEBATE – Cybersecurity regulation & standards in EU: what path for harmonization for the Security Industry and for the consumers?

Gala Evening

DAY 3 - Wednesday September 27

9.00 – 10.50am: Break-out Sessions | 10.50 – 11.20am: Coffee & Refreshments Break – Networking – Exhibition | 11.20am – 1.00pm: Break-out Sessions

Next Gen Secure Documents
Day 1
27 Sep 2017
Lukas Praml

KEYNOTE The Next Digital ID – It’s Not All About the Blockchain

● User centric identity management system
● Self-sovereign identity versus state issued identity
● Integrated solution of IDs and eIDs
● Security built upon secure processes rather than hardware

Petri Viljanen

First ‘Common Criteria-like’ Physical Security Evaluation Scheme and Launch of a Self-Evaluation Tool

Marc Pic

A Sealed ID-Picture Against Falsification

● ID Picture is the main target of physical ID document falsification
● An offline and low-cost way to secure the authenticity of the picture
● A smartphone allows to check its authenticity
● Dematerializing the ID without infrastructure costs

From National e-ID to Digital ID
Day 1
27 Sep 2017
Stefane Mouille

The Future Digital Identity Landscape in Europe

Salvatore Francomacaro

NIST Updates: eID, Cybersecurity and more

• Cybersecurity Framework: what is new
• SP 800-63-3 – Digital Identity Guidelines: the new edition
• Mobile ID, Derived Credential and other
• Blockchain for Identity

Andre Boysen

The Economics of Identity – Canada Case

● Identity authentication is more important now than ever, requiring a need for effective online verification
● Digital identity ecosystem to verify online ID by leveraging trusted digital credentials
● Major Canadian and American institutions cases

Urmo Keskel

Smart-ID : A New Split Key Technology Based e-ID Solution

● Smart-ID: a new generation PSD2 and eIDAS compliant eID authentication scheme
● First widely used split key technology based eID solution
● Key success factors of modern eID
● The biggest challenges of rolling out the new eID scheme

Access control & Biometrics Advances
Session Chair: Tom Kevenaar, Director Technology, Genkey, Netherlands
Day 1
27 Sep 2017
Tom Kevenaar

Presentation (Title TBC)

Mohammed Murad

Iris Comes of Age for National ID Programs

● Overview of Iris recognition technology
● Implementation of case studies
● Lessons learned from real-life deployments
● The technology works equally well for children

Yves Chemla

Multibiometry including Behavioural Biometry to Replace the Password

● Is the password really dead?
● Why Multi-Biometry?
● Why Behavioural Biometry a plus?
● Database anonymization process for a better end user privacy
● Customer cases

Jonas Andersson

Mobile Biometric Identification (Title TBC)

Tomas Trpisovsky

Smartporter Kit

● Physical access control management based on identification, authentication and localization of persons
● Deterministic access control in parallel with behavior profiling
● Sensors on LP WAN integrated
● Advanced Power Actuators for site management

National ID Deployments & Border Management
Day 1
27 Sep 2017
Oktay Adalier

Latest Advances in Turkish National İD and Security Documents

● Issuance and personalization of huge amount of enrollments: National security document Personalization Center
● Usage of eID in Turkey
● Usage of Turkish eID in web based technologies like Open ID Connect and OAuth2.0
● Coming feature works of eID technologies in Turkey

Christophe Rapine

Strong Identity, Strong Borders

1.00 – 2.00pm: Lunch – Networking – Exhibition | 2.00 – 4.30pm: Break-out Sessions

IoT Security: Trusted ID & Certification
(Jointly with Connect Security World)
Session Chair: Dr. Detlef Houdeau, Senior Director of Business Development, Identification Market, Infineon; Member of Silicon Trust, Eurosmart and BITKOM
Day 1
27 Sep 2017
Scott Choi

New Biometrics based authentication for IoT/Mobile Services in Korea

Jan Rochat

Blurred Boundaries in Physical and Logical Security

● Why boundaries are blurring? / Effect of Internet of Things
● Data collection; Security & Value vs. Privacy
● Governance, Privacy & Security by Design
● End to End Secure ecosystem / Securing physical & logical security
● Continuous trust by adding identity assurance

Ernst Bovelander

Security and Trustworthiness in Connected Devices

● Trustworthiness in critical connected IoT devise, e.g medical devices
● Focused on a practical approach to establish assurance through third party evaluation
● What can we learn from different sectors, e.g. payment industry
● Next steps towards successful certification

Philippe Cousin

Trust IoT Labelling

● challenge in IoT trust and security
● challenge in current security certification scheme
● Need for new European certification-labelling scheme for IoT-Trust IoT labelling
● need for automated and formal approach to testing: the model based testing

Benoit Makowka

IoT Security through Digital Identity and Reliable Root of Trust

● How can data collected by sensors and edges devices be trusted to be used in IoT application (back-end servers)
● How can devices remain under the controlled of authorized authorities (and not hackers)
● How can stake holders can be protected against attacks (DDoS, men in the middle…)
● A solution through Digital Identity and reliable Root of Trust based on PKI technology

Dr. Detlef Houdeau
Ana-Maria Fimin

PANEL DEBATE: Secure Labelling of Connected Devices: Where does EU Stand, Challenges and Road Ahead

(Jointly with Identity World)
This workshop will be scouring the European e-ID landscape to provide contributions for the design of a model identity ecosystem for a developing country.
Day 1
27 Sep 2017
Dr. Shaun Topham
Jon Shamah
Tuire Saaripuu

WORKSHOP: eIDAS Deployments in the EU and Lessons for e-ID Globally


End of the conference