Trust and Internet Identity Meeting Europe
2013 - 2020: Workshops and Unconference

TIIME Proceedings 2019

User groups and co-located events

Monday, 11.Feb.

Time           Title Contents
11:00-18:00 FIM4R Federated Identity Management for Research Workshop
11:00-17:30 IdPy Identity Python User Group
Tuesday AARC AARC User Group



Monday evening

Tables have been reserved at Gasthaus Wild.

Address: Radetzkyplatz 1 1030 Wien

We will go as a group with public transport after FIM4R ends.

Credit cards are not accepted, please have some cash with you.




Tuesday, 12.Feb: Agenda for AARC

Time            Title Speaker
09:00-12:30 AARC BPA Reloaded Nicolas Liampotis (GRNET)
12:30-13:30 Lunch Break
13:30-14:30 Bests practises for Identity Provider Discovery/Hinting Marcus Hardt (KIT)
14:30-15:00 Coffee break
15:00-17:00 Best practises for OpenID Connect clients Marcus Hardt (KIT)



(Sorry for arranging this on the Monday page because of technical reasons & short notice)

Conference Tracks

Tuesday, 12.Feb., (preliminary schedule)

Track Time Room Contents
SSI 9:00-17:00 Self-Sovereign Identity
Legal 9:00-17:00 Legal Aspects of Identity Management
OSS IAM 9:00-17:15 Open Source Identity & Access Management Projects

Self-Sovereign Identity

Self-Sovereign Identity (SSI) is an emerging paradigm around the idea that digital identity should be created, managed, disclosed, and destroyed by a subject alone, without dependency on an intermediary or central authority. It can be considered an evolution of the user-centric identity concept, but with even stronger assumptions and guarantees. Identity is modeled using a combination of components such as identity wallets, agents on personal devices as well as in the cloud, and decentralized registration and discovery mechanisms built e.g. with blockchains. Proof-of-concepts with SSI are currently being conducted around the world, and standards such as Decentralized Identifiers (DIDs), Verifiable Credentials, DID Auth, and others are emerging.

During the event, you will learn about the roots, principles, and current state of the SSI concept. You will also have an opportunity to take a closer look at the various proposed technical components and protocols that make up an SSI system. You can learn about current concrete projects and initiatives that implement SSI. Finally, there will be opportunities to discuss challenges of SSI, and how SSI can relate to existing identity infrastructure such as OIDC, SAML, WebAuth, eIDAS, etc.

Each session will begin with a presentation of some 20 min. The audience can then explore the topic for longer part of the session interacting with the presenter.

Preliminary agenda, to be confirmed:

Time           Title                Contents Contribution
09:00-09:30 Intro session Introduction session, agenda of the day Chairman; Markus Sabadello
09:30-10:15 Strategy of the Dutch Blockchain Coalition on SSID The Dutch Blockchain Coalition is a consortium of academia, the financial industry, technology companies, the land registry, notaries, medical domain, and many others. The objective is to make Self Sovereign Digital Identity work nationwide in the Netherlands, using the SSID, DID, MSID concepts. After a large set of first POC’s there are tangible results, governance conclusions, whitepapers, and the vision and strategy are carried on at government level. What are these lessons learned, best practices, and challenges? Jacoba Sieders (ABN AMRO)
10:15-11:00 Demo: data sharing in Dutch health care system Together with Dutch industry partners TNO is experimenting in their SSI-lab with components (apps, protocols and principles) to develop the future IT data sharing infrastructure. The traditional way of IT backend integrations between organizations are replaced by an ‘user in the loop’-approach. In this talk TNO will present a demo of provisioning of medical supplies, covering IT systems of the general practitioner, health care insurance and supplier of medical supplies. Oskar will share their experience and the challenges ahead including SSI app ecosystems and Q&A protocol. Oskar van Deventer (TNO)
11:00-11:45 Blockchain on the Move Report on Jolocom's recent pilot project in Antwerp and related work. Kai Wagner (Jolocom/Bundesblock Deutschland)
11:45-12:30 TrustNet and the SSI sandbox in Finland Project overview; Evaluating MyData Principles versus shortlisted DLT providers; DLT-based pilots and PoCs with the joint effort of industry and eGovernment; FIndy - Finnish DLT test infrastructure in works Harri Honko
12:30-13:30 Lunch break
13:30-14:30 Awesome Research Areas in Blockchain and SSI Decentralization is the mantra of many blockchain and self-sovereign systems and because of convenience we see frequently the emergence of agent based system which are at least temporary in control of data or blockchain assets. If we take into account the recent data breaches, it probably best to have no data concentration whatsoever, but this taps into highly interesting and still very much unsolved topics, like: decentralized key-management & recovery, zero-knowledge proofs, user interfaces for lay-users, decentralized storage and long-time quantum security. During this track we will discuss about limitations and the current level of implementation, embracing "radical" decentralization. Thomas Zeinzinger (Lab10)
14:30-15:30 Coffee break
15:30-16:15 W3C Verfiable Credentials/FIDO in Health IS I describe how we enhanced FIDO to support strong authorisation using W3C Verifiable Credentials, and describe the prototype implementation that authorised patients to book and cancel appointments and reorder repeat prescriptions. David Chadwick
16:15-17:00 Eco-System-of-Trust Building an open „Eco-System-of-Trust“ for people, organisations and things (Problem statement; overall concept; what we want to achieve) Sebastian Zehetbauer, Staatsdruckerei
17:00-17:15 Closing session

This track is facilitated by Robert Garskamp, IdentityNext.

Open Source Identity and Access Management Projects

This conference track is for people working on and working with Open Source IAM to to discuss best practices, integration patterns and solution stories about Open Source IAM. For each slot there will be 2-3 very short introductory presentations as input for discussions.

This track is facilitated by Peter Gietz, DAASI International.

Time           Title Speakers
9:00-9:30 Welcome and Introduction Round Peter Gietz (DAASI International)
9:30-10:30 LDAP servers, current status, standard schema extension, interop Howard Chu (Symas/OpenLDAP), Radovan Semancik (Evolveum/midPoint), Arvid Requate (Univention)
10:30-11:30 IDM persistence layer: LDAP or RDBMS Emmanuel Lecharny (Symas/ApacheDS), Francesco Chicchiriccò (Tirasa/Syncope), Peter Gietz (DAASI International)
11:30-12:30 Provisioning, features, standards Peter Pfläging (pflaeging.net), Slavek Licehammer (Masaryk University/Perun)
12:30-13:30 Lunch break
13:30-14:30 Connector framework future (ConnId/Wren:ICF, etc.) Radovan Semancik (Evolveum/midPoint), Francesco Chicchiriccò (Tirasa/Syncope)
14:30-15:00 Coffee break
15:00-16:00 SSO: SAML, OIDC/OAuth2 and CAS: Implementations and interoperability Janne Lauros (CSC/Shibboleth), Misagh Moayyed (CAS), Hans Zandbelt (Zmartzone/Apache webserver)
16:00-17:00 Authorization in different contexts (X-BAC, etc.) Colin Wallis (Kantara/UMA), Slavek Licehammer (Masaryk University/Perun)
17:00-18:00 Open Source Business models and cooperations for IAM Ishara Karunarathna (WSO2), Peter Gietz (DAASI International), Matthew Hardin (Symas)

The agenda with identity-related topics in the area of GDPR, e-privacy and e-evidence is being worked out.

This Track is facilitated by Prof. Nikolaus Forgó, University of Vienna, Department of Innovation and Digitalisation in Law.

Time            Title Contribution
09:00 – 10:30 GDPR and identity management Prof. Nikolaus Forgó
10:30 – 11:00 Coffee break
11:30 – 12:30 Federated authentication systems used by the Austrian Chamber of Commerce Dr. Gerhard Laga, Dr. Walter Hötzendorfer
12:30 – 13:30 Lunch break
13:30 – 15:00 Identity management in e-commerce and business law Dr. Martin Mirnicki
15:00 – 15:30 Coffee break
15:30 – 17:00 Legal Framework of E-Government Mag. Gregor Schmied

Evening event

Tables have been reserved at The Highlander.

Address: Sobieskiplatz 4, 1090 Wien

Transfer

Credit cards are not accepted, please have some cash with you.

Unconference

Wednesday, 13.Feb., 9:00-17:30 and Thursday, 14.Feb., 9:00-16:00

The unconference is using an agile format with participant-driven contents, covering the attendees’ current interests. TIIME's format has been designed for solving trust and identity issues, developing and sharing new concepts. If you are looking for a substantial discussion on this subject it is likely that you will meet the right people here!

To get an idea about the contents look at Topics or into the proceedings from previous conferences.

Keynotes

Wednesday

How the Domain Name System can support identification and trust services (Jon Shamah, Alberto Crespo)

This presentation dives into the challenge to build a a global cross-domain trust infrastructure on the domain name service using existing off-the-shelf DNS/DNSSEC implementations. It should be possible to query and combine trust aspects related to identity, business, reputation etc. and understand the assurance the policies provide. Such a system has to be designed with respect to the data protection, security usability and economic requirements of an identity system in mind. The talk will report on the general architecture, and elaborate the concepts that where developed in the LIGHTest project.

Thursday

Trust and the Internet of Things (Robin Wilton, ISOC)

This keynote will explore the relationship between users' choices, certification schemes for consumer products, and trust in the Internet of Things. The session will describe the Internet Society's current and planned work in this area, including its research, partnerships, and potential areas for collaborative work with the TIIME community.

Schedule Wednesday

Time            Title
08:00 – 09:00 Coffee
09:00 – 10:30 Keynote, agenda creation
10:30 – 10:45 Coffee break
10:45 – 11:30 Sessions (1)
11:30 – 12:15 Sessions (2)
12:15 – 12:45 Plenary
12:45 – 14:00 Lunch
14:00 – 14:45 Session (3)
14:45 – 15:30 Session (4)
15:30 – 16:00 Coffee break
16:00 – 16:45 Session (5)
16:45 – 17:15 Plenary
18:30 ~ 21:45 Hothouse dinner

Schedule Thursday

Time            Title
08:00 – 09:00 Coffee
09:00 – 10:30 Keynote, agenda creation
10:30 – 10:45 Coffee break
10:45 – 11:30 Sessions (6)
11:30 – 12:15 Sessions (7)
12:15 – 12:45 Plenary
12:45 – 14:00 Lunch
14:00 – 14:45 Session (8)
14:45 – 15:30 Session (9)
15:30 – 16:00 Plenary

Keynotes

Wednesday

How the Domain Name System can support identification and trust services (Jon Shamah, Alberto Crespo)

This presentation dives into the challenge to build a a global cross-domain trust infrastructure on the domain name service using existing off-the-shelf DNS/DNSSEC implementations. It should be possible to query and combine trust aspects related to identity, business, reputation etc. and understand the assurance the policies provide. Such a system has to be designed with respect to the data protection, security usability and economic requirements of an identity system in mind. The talk will report on the general architecture, and elaborate the concepts that where developed in the LIGHTest project.

Slides and the background paper on DNSSEC and DANE

Thursday

Trust and the Internet of Things (Robin Wilton, ISOC)

This keynote will explore the relationship between users' choices, certification schemes for consumer products, and trust in the Internet of Things. The session will describe the Internet Society's current and planned work in this area, including its research, partnerships, and potential areas for collaborative work with the TIIME community.

Slides

List from 2019

David Chadwick
Profile PictureDavid has published widely, with over 150 publications, and is actively involved in standards’ meetings, being the BSI lead representative to ISO/ITU-T X.500, the author of 2 Internet RFCs and an invited expert to the W3C Verifiable Credentials Working Group. He specialises in identity management, policy-based authorisation, privacy protection, the management of trust, and cloud security.
Alberto Crespo (ATOS)
Profile PictureHead of Identity & Privacy Laboratory at Atos Research & Innovation, managing a multi-disciplinary information security research team which has been/is involved on several security-related national and European projects (IDENTICA, Segur@, Thofu, PICOS, SEMIRAMIS, MobiGuide, DAPHNE, MoveUS, PACT, PRIPARE, STORK, STORK 2.0, STRATEGIC, FutureID, FIDES, FIDES2, PIME, ABC4EU, SSEDIC, WITDOM, PRISMACLOUD, CREATE-IoT, LIGHTest, ARIES, LEPS, ESMO, FENTEC, CREDENTIAL and PAPAYA). He has several years of professional experience in information security projects across Europe which encompass, among others, trust and privacy applied to complex Identity and Access Management projects, credential and access control systems development and analysis (including anti-fraud solutions based on biometrics and international standards is smart cross-border access control settings with secure travel and identity documents).
Peter Gietz (DAASI International)
Profile PicturePeter Gietz, Master of Arts (Magister Artium) in Cultural Studies, is the founder and CEO of DAASI International. As he has been active in the fields of information technology since 1985, he became an internationally recognized expert for directory services. His current interests include Digital Humanities, Identity Management, X.500, LDAP, PKI, metadata and ontologies. He is a frequently invited guest at conferences and events for talks about the latest identity management technologies and developments of the Digital Humanities and is actively participating in the projects DARIAH-DE and AARC. Furthermore, Peter Gietz is engaged in numerous standardization committees and was involved in the creation of measure catalogues for the German Federal Office for Information Security.
Harri Honko
Profile PictureHonko has a M.Sc. degree in signal processing and has been conducting technology research, management and strategy at Nokia Corporation during 1995-2010. He has business and R&D leadership experience with PHR-integrated mobile services, digital service design, cloud computing frameworks and agile software development. He has knowledge on identity, access, authorisation and privacy engineering technology via the MyData research management he has conducted at the Finnish Digital Health Revolution programme during years 2014-17. His current interests include health information systems and data standards and emerging Personal Health Record platforms, MyData architecting and data interoperability frameworks, IaaS (Identity as a Service) and DaaS (Data as a Service) solutions. He holds two patents. He is also co-founder and head of product at Wellness Warehouse Engine Ltd, a wellness data brokering service (W2E).
Walter Hötzendorfer
Profile PictureDr. Walter Hötzendorfer is Senior Researcher and Senior Consultant at the Research Institute – Digital Human Rights Center in Vienna. He has degrees in law as well as in IT (business informatics/information systems) and practical experience in scientific research, consulting, legal counseling, software engineering, and process management. From 2011 to 2016 he was a Researcher at the University of Vienna Centre for Computers and Law, where he worked in several national and international research projects and did a PhD on Data Protection and Privacy by Design in Federated Identity Management. Since 2012, Walter has been advising the Austrian Chamber of Commerce and the Austrian Identity Federation Authority in establishing a Federation Governance Framework and Policy. His research interests span data protection law, privacy by design, privacy engineering, data protection management, identity management, public security, information security, cloud computing, telecommunication and the legal aspects of these and other fields of ICT.
Janne Lauros (Géant GN4-2 JRA3 Task 3, CSC)
Profile PictureJanne is an application engineer interested in anything related to OpenID Connect, SAML2, Shibboleth and other SAML2 products, Identity Federations, Authorization, Smart Cards. Using mostly technologies like Java, Spring, Vagrant, Ansible and Vaadin 8. Currently developing user authorization and Shibboleth IdP 3 extensions.
Slávek Licehammer (CESNET)
Profile PictureEmployee of CESNET and Masaryk University in the Czech Republic; focused on AAI design and implementation. Member of the team responsible for the development and operation of open source identity and access management system Perun.
Peter Pfläging (pflaeging.net)
Profile PicturePeter Pfläging has a long experience as ICT architect in the governmental and healthcare environment. He lead-authored the specification of the Austrian governmental federation protocols (PVP). Now he works as a private consultant for large organisations in ICT architecture and agility. He operates his own cloud service for agility and has written a new method for agile teams. This also has a connect to federated identities.
Radovan Semančík (Evolveum)
Profile PictureRadovan graduated from the Slovak Technical University with a master degree in Software Engineering and PhD degree. At the time he works as a software architect at Evolveum. His main areas of interest are digital identity and distributed systems architecture. He designed one of the first full-scale identity management deployments in Central Europe and provided key consulting services to many more comprehensive identity management solutions. He is an open-source project contributor and participates in several software development projects. He currently dedicates most of his time to lead the midPoint project. He is Apache Foundation committer.
Jacoba Sieders (ABN AMRO/NL)
Profile PictureJacoba is an all-round Digital Identity and Information Security expert. She has 17 years of experience in the international finance industry, in technology, governance, consultancy, implementation and relevant legal aspects. Today, she is accountable for digital identity services and access control for customers, employees and partners to ABNAMRO’s data, transactions, and infrastructure. Major topics on her agenda today are ABAC, data centric security, API-banking, PSDII requirements, and the interaction of IAM tools with the rest of the bank’s cybersecurity landscape, including the new authentication concept for which ABNAMRO is acquiring a patent. Her special interests are legal requirements impacting digital identity, such as the GDPR, the e-IDAS scheme, KYC and AML legislation, and digital signing. Jacoba is presenting on these topics regularly. She holds a master degree in Classics from Leiden University (Greek, Latin, Hebrew).
Jon Shamah (Chair, EEMA)
Profile PictureEuropean eID Subject Matter Expert. Roles at Hitachi, McDonnell Information Systems, Thales, CoreStreet, and NETS, spanning over 15 years involvement in Identity Management and Transaction Security. Specialising in the business exploitation of technologies related to Identity, Privacy and Trust, especially in critical national infrastructures and large scale programs for the European Union.
Oskar van Deventer (TNO)
Profile PictureDr. M. Oskar van Deventer is senior scientist on blockchain networking and self-sovereign identity. His focus is on public-private R&D partnerships, European collaborative R&D projects and international standards. He is active contributor to international standards bodies (Hyperledger, ISO, MPEG, HbbTV, DVB, …). Oskar is assigned member of the Economic Advisory Council of Sovrin, the world-leading blockchain for self-sovereign identity. Oskar is also leading several projects on blockchain and self-sovereign identity in the Techruption program, a Dutch private-public partnership on admintech. He is author of one book, more than 150 publications, over 80 patent applications, over 700 standardization contributions and he holds a Guinness world record.
Kai Wagner
Profile PictureKai Wagner is responsible for partnership development and strategy at Jolocom, a Berlin based Blockchain and identity startup. In addition to his role at Jolocom,he is active in the German Blockchain Association where he is working on digital identity standardization and data privacy, representing the Association internationally.He is driven by the vision of an open standards based decentralized identity layer that is based on cooperation – thereby enabling novel business models for the web that respect individuals rights to their data.
Robin Wilton (Technical Outreach Director - Identity and Privacy, Internet Society)
Profile PictureRobin Wilton brings 28 years of industry experience to the role of Technical Outreach Director for Identity and Privacy, in the Internet Society's Trust and Identity Initiatives group. Since 2001 he has specialised in digital identity, privacy and public policy, building a reputation as a thought leader, communicator and translator between different stakeholder groups. Before joining the Internet Society Robin spent two years as a research analyst in Gartner's Identity and Privacy Strategies team, where – in addition to his privacy work - he specialised in public key infrastructure, electronic signature, single sign-on and federated identity.
Thomas Zeinzinger (Head of the board, lab10.coop)
Profile PictureThomas Zeinzinger is Co-Founder of the BlockchainHub Graz as well as the cooperative lab10 collective eG. He has studied Materials Science in Leoben / Austria and gathered experience in various leading positions in the automotive and energy business. His current job title ‘Talkative Doer’ points to his passions: inspiring people for the potential of blockchain, develop visions for a better world, and implementing them right away. The lab10 collective has several projects but the ARTIS blockchain and the Minerva wallet are especially focusing on data ownership and privacy in connection with self-sovereign identity.