ISSE 2006 Securing Electronic Business Processes (eBook)

Prof. Dr. Sachar Paulus is Chief Security Officer of SAP, Walldorf, Germany. Prof. Dr. Norbert Pohlmann is Professor for System and Information Security at the University of Applied Sciences in Gelsenkirchen, Germany. Prof. Dr. Helmut Reimer is Chief Executive Officer of TeleTrusT, Germany.

Contents 6
Preface 12
About this Book 14
ISCOM: On the Way for ICT Security in Italy 16
RFID e-ID Cards Trusted Computing Interoperability 18
Radio Frequency Identification (RFID) and Data Protection Legal Issues 20
1 What RFIDs are all about 20
2 Use of RFID technology 21
2.1 Retail/Consumer Goods Sector 21
2.2 Manufacturing Sector 21
2.3 Recycling & waste management
2.4 Transportation/Logistics Sector 22
2.5 Libraries 22
2.6 Tracking of animals (dogs, cows and sheep) 22
2.7 Health Care Sector 23
2.8 Tracking of people (schools, prisons, VIP clubs) 23
2.9 Passports and Ids 23
2.10 Transportation: e-pass, e-plate, e-ticket 24
3 Legal Implications 25
3.1 Infringement of the right to privacy and data protection 25
3.1.1 Identification and profiling of a person 25
3.1.2 Unnoticed remote reading without iine-of-sight 26
3.1.3 Use of RFID technology for law enforcement purposes 26
3.2 Infringement of the right to personality 26
3.3 Infringement of the right to human dignity 27
3.4 Unfair competition 27
3.5 Labour iaw 27
4 Existing and proposed Legislation 28
5 Open Legal Issues 28
5.1 Do RFID tags contain personal data 28
5.2 Applicability of Directive 2002/58/EC 29
5.3 Prior-checking 30
6 Guidelines 30
6.1 Legal Guidelines to the deployers of RFID technology 30
6.2 Technical recommendations 31
7 Conclusions - Recommendations 32
e-ID and Smartcards - Current Status, Hopeful Developments and Best Practices 34
1 Background 34
1.1 Financial Sector 34
1.2 l//lobile Phone Sector 34
1.3 Ticketing 35
1.4 Identification 35
1.5 Convergence 36
2 Experience with e-ID 36
2.1 US Federal Government Initiatives 36
2.2 Belgian Government Cards 37
3 The Issues 37
3.1 Interoperability 37
3.1.1 ISO 24727 38
3.2 Privacy 38
3.2.1 Example: Australian Driver Licence Smartcard 39
4 Conclusion 41
European Citizen Card Combined with Travel Document Function, Convergence or Divergence? 42
1 Introduction 42
2 The EU nation strategies and the new ECCStandard 43
3 Selected card interface for ECC 44
4 ECC and the "carrier" 44
5 ECC and addressable memory space 44
6 The legal framework for the ECC 44
7 ECC and the challenge for the supplier industry, for example the semiconductor producer 45
8 Conclusion 45
Physical Unclonable Functions for enhanced security of tolcens and tags 47
1 Introduction 47
2 Physical realisations 48
2.1 Coating PUFs 48
2.2 Optical PUFs 49
3 Overview of PUF applications 50
3.1 PUF-Based Tokens 50
3.2 Secure Key Storage 50
3.3 Unclonable RFID-Tags 52
4 Conclusion 53
Hardware Security Features for Secure Embedded Devices 55
1 Introduction 55
2 Physical Attacks on Secure Hardware 56
2.1 Invasive Techniques 56
2.2 Hardware Countermeasures 56
3 SoC and Cryptographic Coprocessors 57
3.1 Attacks on Public Key Coprocessors 57
3.2 Attacks on Secret Key Accelerators 59
4 Conclusion 60
Security in Next Generation Consumer Electronic Devices 62
1 Introduction 62
2 CE Devices Under Attack 62
2.1 Goals of Attackers 63
2.2 Attack Models and Protection Profile 63
3 Protecting CE devices 64
3.1 Security Strategy for CE 64
3.2 A level of Protection In CE Devices 65
3.2.1 Eliminating Errors in Code 65
3.2.2 Secure Boot 66
3.2.3 Prevent Unauthorised Introduction of New Code 66
3.2.4 Isolation 67
3.2.5 Obstructing Analysis 68
4 Security in Small Spaces 68
5 Conclusions 69
Security Architecture for Device Encryption and VPN 71
1 Introduction 71
2 Existing Solutions 72
2.1 Windows Vista BitLoclcer Drive Encryption 72
2.2 Cisco VPN Client 73
3 The EMSCB Project 73
4 Turaya Security Kernel 74
5 Device Encryption 75
6 VPN Client 76
7 Implementation 77
8 Conclusion and Outlook 79
TPM Enterprise Key Management requires centralized Hardware-based Security 81
1 Introduction 81
1.1 TPM background 82
1.2 TPM market 82
2 Enterprise IT Management 83
2.1 The current state of TPM enterprise key management 84
3 Challenges faced by the different key management options 86
3.1 TPM enterprise key management based on centralized i-lardware Security l//lodules 87
4 Conclusion 88
Implementation of DRM Systems under the EU Legal Framework 89
1 Introduction 89
1.1 How does Digital Rights Management ("DRM") woric? 89
1.2 Interests in the DRM Value Chain 91
2 DRM and Data Protection 91
2.1 What is the issue? 91
2.2 Which Legislative Instruments are applicable at EU Level? 92
2.3 What are Personal Data 93
2.4 Responsibility for Compliance with Data Protection Rules 94
2.5 Which Principles Do In particular Impact on Data Processing? 94
2.5.1 "Necessity of Processing" and Consent - Requirements 94
2.5.2 Sensitive Data 97
2.5.3 Data Avoidance 98
2.5.4 Finality Principle 98
2.6 Other relevant Principles 99
3 The Mechanisms of the "InfoSoc" Directive 99
3.1 Overview 99
3.2 DRM and the Rights of Beneficiaries of Public Policy Privileges (also: Private Copy) 100
3.2.1 Principles and Definitions 100
3.2.2 Limitations of Copyright 101
3.2.3 Limits of the Protection of Anti - Circumvention Devices and "Fair Use" 104
3.3 The Protection of Electronic Rights Management Information ("RMI") and its Limits 104
4 Interoperability vs. Exclusive Proprietary Systems 105
5 Further Impact of DRM 107
5.1 Levy Systems 107
5.2 Collective Rights Management Societies 107
6 Conclusion 108
6.1 Protection of DRM Systems and Licensing 109
6.2 Data Protection 110
6.3 Technical Solutions and Trusted Platforms 110
IT-Grundschutz: Two-Tier Risk Assessment for a Higher Efficiency in IT Security l//lanagement 112
1 Need for an Information Security IVIanagement l//lethod 112
2 Optimising resources 112
2.1 The IT-Grundschutz concept 113
2.2 Two-Tier Risk Assessment versus Traditional Risic Assessment 114
2.3 Risk Analysis based on IT-Grundschutz 115
3 Consolidation of the IT Security Concept 116
4 ISO 27001 Certification based on iT-Grundschutz 117
5 Conclusion 117
ISO/IEC 24727 - A Future Standard for Smart Card Middleware 119
1 Overview 119
2 Market Impact of ISO/IEC 24727 119
3 Parts of the ISO/IEC 24727 Standard 120
3.1 Encapsulation of Smart Card Access 120
3.2 The Service Access Layer 121
3.2.1 Default Services in the SAL interface 121
3.2.2 Model-based Architecture 122
3.2.3 IAS Services and Secure Sessions 123
Information Security Standardization - the ETSI Perspective 125
1 Introduction 125
2 Mobile and Wireless Communications 126
2.1 GSM and UMTS 126
2.1.1 Anonymity 126
2.1.2 Authentication and Signalling Protection 126
2.1.3 IMEI 127
2.1.4 Fraud Information Gathering System 127
2.1.5 Priority 127
2.1.6 Location 128
2.2 TETRA 128
2.2.1 Mutual authentication 128
2.2.2 Encryption 128
2.2.3 Anonymity 128
3 Next Generation Networks 128
3.1 NGN Release 1 128
3.2 Security Design Guide 129
4 Lawful Interception 129
4.1 Handover Interface 129
4.2 IP interception and Service-specific details 130
5 Electronic Signatures 130
6 Smart Cards 131
7 Algorithms 132
8 Future Challenges 132
8.1 Next Generation Networks 132
8.2 Privacy 133
8.3 Product Proofing 133
8.4 Data Rights l//lanagement 133
8.5 Data Retention 133
8.6 l//lobiie terminal security 133
8.7 Banking security and eCommerce 134
8.8 RFID 134
9 Conclusions 134
Digital Signatures witliout the Headaches 136
1 Why OASIS DSS? 136
2 What Does OASIS DSS Do? 138
3 DSS specification set structure 139
4 Variations and Profiling DSS 140
5 Technical Details 142
5.1 Sign protocol 142
5.2 Verify protocol 144
5.3 XML Time-stamp token 144
6 Conclusion 144
Could Test Standards Help on the Way to Achieve Global e-Passport Interoperability? 146
1 Passport and Reader Compliance 146
2 Biometric Data Compliance and Performance of Biometric Systems 151
3 Assessment 154
A New Standard Based Road to Interoperable Strong Authentication 156
1 The strong authentication eco-system 156
1.1 Overview 156
1.2 Devices 156
1.3 The client framework 157
1.4 Validation framework 157
1.5 Provisioning framework 158
1.6 Applications 158
2 The interoperability challenge 158
2.1 Interoperability between devices and validation systems 158
2.2 Interoperability from an application view 158
2.3 Provisioning Interoperability 159
3 Standards 159
3.1 Algorithms 159
3.1.1 OATH - HOTP, RFC 4226 HMAC based one time password algorithm 159
3.1.2 OATH - Mutual OATH: HOTP Extensions for mutual authentication 159
3.1.3 MasterCard EMV - Chip Authentication Program (CAP) 159
3.2 Device interface 160
3.2.1 DTPS - PKCS #11 V2.20 Amendment 1: PKCS #11 mechanisms for One-Tlme Password Tokens 160
3.2.2 MasterCard EMV 161
3.3 Validation interface 161
3.3.1 OTPS - OTP-WSS-Token: Web Services Security One-Tlme Password Tolcen Profile 161
3.3.2 OTPS- OTP Validation Service 161
3.4 Provisioning 162
3.4.1 OATH - Portable Symmetric Key Container 162
3.4.2 OATH - XKI/AS Provisioning of OATH Shared Secret Keys 162
3.4.3 OTPS-CT-KIP 162
4 Interoperability 163
4.1 Now 163
4.2 The future 163
5 Conclusion 163
Identity Management Biometrics PKI-Soiutions Networic Security 166
Identifying Patterns of Federation Adoption 168
1 Introduction 168
2 Federation Adoption Patterns 169
2.1 Employer Based Federations 170
2.1.1 Internal Federation 170
2.1.2 External Federation 171
2.2 Parent Company/Subsidiary Mergers and Acquisitions
2.3 Specialized Content Providers 174
2.4 Enabling Internal Users: Rich Client Adoption 176
3 Observations 176
4 Conclusions 177
Fidelity: Federated identity IVIanagement Security based on Liberty Aliiance on European Ambit 178
1 Liberty Alliance Federated Identity Management approach 179
2 Liberty Alliance Protocols suit proof of concept 180
3 Technical approaches 181
4 Security Aspects: Attacks and testing tools 182
5 Concluding remarks 183
Deflecting Active Directory Attaclcs 185
1 Introduction 185
2 Attack#1: Cracking Passwords Based on the LM Hash 185
2.1 Attack#1: Prevention 186
3 Attack#2: Cracking Passwords Based on Kerberos Pre-authentication Data 187
3.1 Attack#2: Prevention 187
4 Attack#3: Privilege Elevation by Using SIDHistory 187
4.1 Attack#3: Prevention 188
5 Attack#4: DoS Attack Based on Excessive AD Object Creations 188
5.1 Attack#4: Prevention 189
6 Attack#5: DoS Attack Based on the MaxTokenSize Property 190
6.1 Attack#5: Prevention 190
7 Conclusion 191
Implementing role based access control - How we can do it better! 193
1 Introduction 193
2 Classic access control models 194
3 Role Based Access Control (RBAC) 194
4 Role Engineering 196
4.1 Top-down approach 197
4.2 Bottom-up approach 198
4.3 Role Engineering in ERP Environments 199
4.4 Company-wide multi-system role engineering 200
5 Conclusion 201
Identity and Access Control - Demonstrating Compliance 203
1 The challenge of Identity and Access Control 203
1.1 Introduction 203
1.2 IdM initiatives often fall short of meeting expectations 204
2 The way forward 205
2.1 Increasing abstraction 205
2.2 A possible way forward 205
2.2.1 Unifying technologies 205
2.2.2 Control library 207
2.2.3 Combining unification and control libraries 208
3 Case study 209
3.1 The challenge 209
3.2 The solution 209
3.3 Role-mining the authorisation data 209
3.4 Defining and testing compliance via business rules 210
4 Conclusion 212
Robust and Secure Biometrics: Some Application Examples 213
1 Introduction 213
2 Key Extraction from Noisy Data 214
2.1 General Setting 214
2.2 Application to Biometrics 214
3 A Server Access Token 215
3.1 Introduction and Problem Definition 215
3.2 Deriving the Secret Key from the Biometric 216
4 3-Way Check for Biometric ePassport 217
4.1 Introduction and Problem Definition 217
4.2 Architecture for a 3-Way Check 217
5 A Secure Password Vault 218
5.1 Introduction and Problem Definition 218
5.2 Architecture for a Secure Password Vault 218
6 Conclusion 220
Selecting the Optimal Biometric 2-factor Authentication Method - a User's Viewpoint 221
1 Concept 221
2 Integration 223
3 Business Case 224
4 Form factor and user experience 225
5 Alternative concepts: 226
5.1 The trusted platform module (TPM) 226
5.2 Cardio sampling 227
6 Conclusion 227
A Face Recognition System for l//lobile Phones 228
1 Introduction 228
2 System description 229
3 System implementation 231
4 Experimental results 232
5 Conclusions 233
Advanced certificate validation service for secure Service-Oriented Architectures 235
1 Introduction 235
2 Certificate validation 236
2.1 SAVaCert 237
3 Validation architecture 238
3.1 Goals 238
3.2 Design 239
3.2.1 Clients 239
3.2.2 PKIs 240
3.2.3 Certificate Validation Service 240
4 Scenarios 242
5 Conclusions and future work 243
An Introduction to Validation for Federated PKIs 245
1 Introduction 245
2 Establishing Trust in a Hierarchical PKI 246
3 Establishing Trust in a Federated PKI 248
4 Applying Validation Policies 250
5 Building Trust Paths 251
6 Evaluating Validation Deployment Choices 252
6.1 Delegated Path Validation 253
6.2 Delegated Path Discovery 254
7 Conclusion 256
MADSig: Enhancing Digital Signature to Capture Secure Document Processing Requirements 258
1 Motivations 258
2 Technical Landscape 259
3 MADSig principles 260
4 The European Arrest Warrant Example 261
PKI Consolidation Project and l//lultiapplicative Smart Payment Cards 266
1 Introduction 266
2 PKI consolidation Project of Banca Intesa ad Beograd 267
3 Multiapplicative smart payment cards of Banca Intesa ad Beograd 270
4 Main features of the implemented PKI solution 271
4.1 interoperability 271
4.2 Architecture of the implemented PKI solution 272
4.2.1 Certification Service 272
4.2.2 Registration Service 272
4.2.3 Enrolment Service 273
4.2.4 Web server application 273
4.2.5 RA Operator application 274
4.2.6 CA Administrator application 274
4.2.7 Application Programming Interface 274
5 Conclusion 274
Security Analysis and Configuration of Large Networks 276
1 Introduction 276
2 The POSITIF framework 277
2.1 Overview 277
2.2 P-SDL 278
2.3 P-SPL 279
2.4 Checking security and generating configurations 279
2.5 Mapping to actual protection technology 280
2.6 Configuration deployment 280
2.7 Monitoring security 280
2.8 Supporting new blocks 281
2.9 Managing the framework 281
2.10 The framework at work 282
2.11 For further information 282
3 Conclusion 282
S-VPN Policy: Access List Conflict Automatic Analysis and Resolution 283
1 Introduction 283
2 Modelling of Rules Relation 284
2.1 Rules Relations 285
3 Conflict Analysis 286
3.1 Conflicts Classification 286
4 Conflict Resolution 288
4.1 All Disjoint Algorithm 288
4.2 Inclusive Match Ordered Algorithm 289
5 Software Implementation 290
6 Conclusions and Future Works 290
Lock-Keeper: A New Implementation of Physical Separation Technology 292
1 Introduction 292
2 Physical Separation Principle 293
2.1 Firewalls and their Drawbacks 293
2.2 Concept of Physical Separation Principle 294
2.3 Lock-Keeper Sluice Technology 294
3 The Lock-Keeper System 295
3.1 Architecture of the SingleGate Lock-Keeper 295
3.2 Functionalities 295
3.3 Performance Analysis 296
4 Comparison with other ''Physical Separation" Implementations 296
5 Architecture Improvement: DualGate Lock-Keeper System 297
5.1 Architecture of the DualGate Lock-Keeper 297
5.2 Functionalities and New Cliaracteristics 298
5.2.1 increasing the transmit capacity (TC) 298
5.2.2 Reducing the minimum round trip time of small messages through the Lock-Keeper 298
5.2.3 Using the whole time for transferring files between connected hosts 299
5.2.4 Implementing a few file queuing algorithms 299
5.3 Experiments on Performance Measurement 299
5.4 Lock-Keeper Cluster 299
6 Lock-Keeper Applications 300
6.1 Mail Transfer via Lock-Keeper 301
6.2 File Transfer via Locl(-Keeper 301
6.3 Database Synchronization via Loclc-Keeper 301
6.4 Secure Web Services Provider 302
7 Conclusion 302
SPEECH: Secure Personal End-to-End Communication with Handheld 304
1 Introduction 305
2 Existing solutions 306
3 SPEECH 307
3.1 Audio Module 309
3.2 Voice Codec 309
3.3 Security l/Aodule 309
3.4 WSP Module 309
3.5 WTP Module 310
4 The SPEECH Security 310
4.1 User Authentication and Key Agreement 310
4.1.1 Keyescrowing 311
4.2 Confidentiality 312
4.3 Non-repudiation 312
5 Conclusions 312
Finding the l//lobile Trusted Element 315
1 Introduction 315
2 Mobile Trusted Elements 316
3 Mobile Secure Services Design 318
4 Use Case: DVB-H 321
5 Conclusions 324
Security Management Applications 326
Centrally Administered COIs Using Cross-Organizational Trust 328
1 Introduction 328
2 Cross-Forest Collaboration Goals 329
3 Cross-Forest Collaboration Solutions 329
4 Using the CFCOI 331
5 Conclusion 334
Improving Assurance of Information Security Rol 335
1 Changing Security Architectures 335
1.1 New Demands 336
2 A New Approach 337
2.1 Defining the Parameters 338
2.2 Criteria for the Semantic Structure 338
2.2.1 Information Attributes 338
2.2.2 Defining a Breach 339
2.2.3 Defining Business Detriments 339
2.2.4 Costing Business Detriments 339
2.3 The Process 339
2.3.1 Business Enquiry Phase 340
2.3.2 Technical IVIapping Phase 340
3 Methods 340
3.1 Interviewing 340
3.2 Metadata Management 341
4 Return on Investment 341
5 Conclusion 342
Modelling the Economics of Free and Open Source Software Security 343
1 Introduction 343
2 Software Dependability and F/OSS 344
3 A System Dynamics Approach 345
4 Towards a Dynamic Model of Software Dependability 346
5 Model Validation and Utilization 349
6 Conclusions 350
Securing service-oriented applications 353
1 Introduction 353
2 Business Applications and Security infrastructure 353
3 SOA Security Model 354
4 Message security 356
5 Trust Model 356
6 Programming model - Design Principles 358
7 Infrastructure-managed vs. application-managed 358
8 Flexibility of choice 359
9 Security Engineering 360
10 Conclusion 360
A Service Oriented Trust Development Platform 361
1 Introduction 361
2 Trust Development Platform Architecture 362
3 Federation services 364
3.1 Identity Federation 364
3.2 Trust Federation 365
4 Policies 366
5 Trust Development Rationale 367
5.1 PKI Traditional Models 367
5.2 The Problem of PKI: Technology or Model? 368
5.3 Trust Service Provider Model 369
5.4 Semantic Trust 370
6 Conclusion 371
A Trust Label for Secure and Compliant e-ID Applications: The Belgian Experience 373
1 Challenges of e-ID applications 373
1.1 Potential of e-ID applications 373
1.2 Consumer concerns 374
1.3 Countering consumer concerns 374
2 e-ID applications and legal compliance 374
2.1 Importance of legal compliance 374
2.2 Purposes of e-ID applications 375
2.3 e-ID applications and authentication 375
2.4 e-ID applications and transaction 376
3 A standard and label for secure e-ID applications 376
3.1 Importance of an independent audit 376
3.2 Development of a standard 377
3.3 Setting up and functioning of a standardisation organisation 377
3.4 Development and granting of a label 378
4 Protection of the standard and the label 378
5 Official launch of the standard and the label 378
6 Promotion of the standard and label 379
6.1 Belgium 379
6.2 Europe 379
7 Conclusion 379
Electronic signature in Italy after ten years of "running in" 380
1 The History 380
2 The Present 381
2.1 Electronic document 381
2.2 Electronic log-book 382
2.3 Registered E-Mail 382
2.4 Electronic Substitutional Storage 382
2.5 Electronic fiscally relevant documentation 383
3 The state of the art 383
3.1 Electronic signature 383
3.1.1 Electronic Document Content and Format 383
3.1.2 Signature formats 384
3.1.3 Signature types 384
3.1.4 Time Referencing 385
3.1.5 Revocation 386
3.2 Electronic Log Book 387
3.3 Registered e-Mail - REM (In Italian: Posta Elettronica Certificata - PEC) 387
3.4 Substitutional Documents Conservation 388
3.5 e-lnvoicing 388
4 A few numbers 389
4.1 Qualified electronic Signatures 389
5 Conclusion 390
Awareness Raising Compliance Data Protection Cyberspace Regulation 392
Internet Early Warning System: The Global View 394
1 Introduction 394
2 Aims and Task of the Internet Analysis System 395
3 Mode of Operation of the Internet Analysis System 396
4 Tasks and Mode of Operation of the Probes 397
6 Evaluation of the Collective Raw Data 399
7 User Interface of the Internet Analysis System 399
8 Results of the Internet Analysis Systems 400
8.1 Transport Protocol Distribution 400
8.3 Types of E-mail Messages 401
9 Uses of the Internet Analysis System 402
10 Conclusion 402
IT Security Vulnerability and Incident Response Management 404
1 Context 404
2 State-of-the-Practise 405
2.1 IT Management 405
2.2 Computer Emergency Response Teams 406
2.3 Technology push 407
2.3.1 Intrusion detection systems 407
2.4 Vulnerability Scanning 408
3 Case studies 408
3.1 ITIL 408
3.2 IT security incidents 409
3.3 Computer Security Incident Response Teams 409
4 Conclusions & Recommendations
4.1 Conclusions 409
4.2 Recommendations 409
4.2.1 Vulnerability lifecycle management 409
4.2.2 IT security incident responses 411
Blending Corporate Governance with Information Security 413
1 How to define ''Corporate Governance" 413
2 Principles 415
2.1 CEO Involvement 415
2.2 Organizational Understanding of Information Assets 415
2.3 Integrating Data Storage with the System Lifecycie 416
2.4 Systems l//lust Be Tested 416
2.5 Comparative Analysis 416
3 Shifts in Information Security Perspective 417
4 The fives areas of responsibility 418
4.1 The Board of Directors. 418
4.2 The CEO. 418
4.3 Executive Committee. 418
4.4 Senior Managers. 419
4.5 Employees. 419
5 The Security Governance Framework & Architecture
6 Conclusion 421
On Privacy-aware Information Lifecycle IVIanagement in Enterprises: Setting tlie Context 422
1 Introduction 422
2 Overview of ILM and IDM Solutions 424
2.1 Information Lifecycle Management Solutions 424
3 Privacy-Aware Information Lifecycle Management 425
3.1 Requirements and Open Issues 425
3.2 Core Properties and Functionalities 427
3.3 Our Approach 427
4 Important Issues and Next Steps 430
5 Conclusions 430
Regulation of State Surveillance of the Internet 432
1 Introduction 432
2 Impact of the Internet 433
3 Impact on State Surveillance by 9/11 U.S. attacks 434
4 Overview of State Surveillance laws regarding Internet communications 434
4.1 Introduction 434
4.2 Council of Europe Convention on Cybercrime 435
4.3 European Union (EU) 436
4.4 USA 437
4.5 South Africa 437
5 Evaluation of the justifiability of State Surveillance regulation of Internet communications 438
5.1 Introduction 438
5.2 Considerations 438
6 Conclusion 441
How Can NRA Contribute to the Improvement of IT Security? 443
1 Introduction 443
1.1 The investigation of security incidents 443
2 NRA response 445
2.1 Consumer education 445
2.2 Reduction of negative impact of security incidents 446
2.3 l//lanaging security incidents (CERT functions) 446
2.4 Draft Law on Network and Information Security 447
3 Public and private partnership 449
4 Conclusions 449
Information Security Regulation: Tomorrow Never Dies? 450
1 Introduction 450
2 Information security and the law 450
3 Sampling law 452
3.1 Case Law 453
4 Relevant activities 455
5 Conclusions 455
Introducing Regulatory Compliance Requirements Engineering 456
1 Introduction 456
2 Background 457
2.1 Compliance and Security 457
2.2 Problem Frames 459
2.3 Abuse and Misuse Cases 460
3 Compliance Frames - A Data Protection Exampie 461
4 Conclusion 462
Legal Issues in Secure Grid Computing Environments 465
1 Introduction 465
2 Contracts in the Grid Environment 466
2.1 Licensing in the Grid 466
2.2 Contracting a node to the Grid 468
3 Privacy in the grid environment 469
4 Intellectual Property in the grid environment 470
5 Discussion 471
The Impact of Monitoring Technology on the Law 472
1 Introduction 472
2 Surveillance with the help of technological means 474
2.1 Camera surveillance in public and non-public places 474
2.2 Surveillance of telecommunication 474
2.3 Entry control identification of persons and goods
2.4 Detection and prosecution of crimes 476
2.5 Conclusions regarding surveillance technology 477
3 Legal considerations 477
3.1 Privacy versus safety? 477
3.2 Suspects and non-suspects 478
3.3 Technology and social control 479
3.4 Technology and solidarity 480
3.5 Subsidiarity and proportionality 481
4 Conclusions 482
Index 484

Identifying Patterns of Federation Adoption (S. 151-152)

Heather Hinton • Mark Vandenwauver

IBM Software Group {hhinton mvanden}@us.ibm.com

Abstract
"I dont see that [federation identity] happening this year, I dont see it happening next year or the year after that~that leaves 2009, and Ill leave that one open ... There are a lot of issues, but basically it boils down to trust and antitrust." [Penn06]. Despite this pessimism, federation technology and models are being deployed and are in production now, only not in those areas that they were originally expected. In this paper, we describe several adoption patterns that we have observed and the characteristics that have driven these deployments. Existing business relationships between companies are often strong enough to support federated relationships and are being used as the foundation of present-day federated identity deployments.

1 Introduction

Federation has typically been cast as the "next best thing" to happen to a users online experience. For example, the much-hyped travel agency example has been used to illustrate the benefits of a federation relationship - when booking travel tickets with an online travel agency, John can seamlessly access the airline (to book seats and identify special requirements), the car rental agency and the hotel. Another equally well discussed example is based on the Internet Service Provider as w/r-Identity Provider, allowing Jane to authenticate to her ISP and then engage in online shopping. These examples, while excellent for explaining some of the values of a federated single sign-on environment, do not yet have widespread adoption, leading many to question if, not even when, federation technology will be adopted.

What is interesting with these early examples of (hypothetical) federation adoption is that they all describe scenarios where federated technology is used to bootstrap a business relationship between companies. It helped, of course, that the average Internet user could immediately see the value of this type of environment. What hurt, however, is that it was not immediately obvious to the federation partners what value they would realize with this environment, if they acted in any role other than an Identity Provider. And given that they all act as Identity Providers right now, why would they willingly give that up? This leads to the conclusion that federation technology can not (and should not) be driving federation adoption in and of itself.

Our customer experience shows us that federation technology and models are being adopted right now though. Federated technology is being adopted in many environments between companies with existing business relationships. Adoption is taking place where there is a need for tighter integration achieved through the loose coupling offered by federation. The adoption/deployment of federated identity solutions that we have been involved with (to date), have all been based on scenarios where:

• Business agreements are already in place upon which a federation-driven trust relationship can be based, and,
• One of the participants is a clear "owner" of the user identities and is responsible for the identity lifecycle management