Difference between revisions of "AFSecurity Seminar"

From mn/ifi/AFSecurity
Jump to: navigation, search
Line 1: Line 1:
== ''FutureID'' ==
+
== ''Meaningful Risk Assessment'' ==
  
Date: 17 September 2014.
+
Date: 29 October 2014.
  
 
Location: Kristen Nygaards sal (room 5370), Ole-Johan Dahls hus (IfI).
 
Location: Kristen Nygaards sal (room 5370), Ole-Johan Dahls hus (IfI).
Line 15: Line 15:
 
'''SPEAKER:''' Dr. Bud Peter Bruegger (Fraunhofer Institute)
 
'''SPEAKER:''' Dr. Bud Peter Bruegger (Fraunhofer Institute)
  
'''TITLE:''' ''The FutureID approach to interoperable, cross-border digital identity''
+
'''TITLE:''' ''How to make risk assessment meaningful for organisations.''
  
'''ABSTRACT:''' The FutureID project builds a comprehensive, flexible, privacy-aware and ubiquitously usable identity management infrastructure for Europe, which integrates existing eID technology and trust infrastructures, emerging federated identity management services and modern credential technologies to provide a user-centric system for the trustworthy and accountable management of identity claims.
+
'''ABSTRACT:''' Risk is a relatively vague concept with many facets, and can be difficult to interpret. When organisations spend considerable time and money for the purpose of managing risk it is important that this effort results in meanigful results. This talk discusses the meaning of risk and its components, and how organisations can get the most benefit out of risk assessment exercises.
  
The FutureID infrastructure will provide great benefits to all stakeholders involved in the eID value chain. Users will benefit from the availability of a ubiquitously usable open source eID client that is capable of running on arbitrary desktop PCs, tablets and modern smart phones. FutureID will allow application and service providers to easily integrate their existing services with the FutureID infrastructure, providing them with the benefits from the strong security offered by eIDs without requiring them to make substantial investments. This will enable service providers to offer this technology to users as an alternative to username/password based systems, providing them with a choice for a more trustworthy, usable and innovative technology.
 
  
The benefits of the FutureID platform for both users and service providers are substantial. By implementing an intermediary for trusted e-ID services, cross-border e-ID applications become both economic and efficient by providing simple processes and a critical mass of reachable users.
 
 
For existing and emerging trust service providers and card issuers FutureID will provide an integrative framework, which eases using their authentication and signature related products across Europe and beyond. To demonstrate the applicability of the developed technologies and the feasibility of the overall approach FutureID will develop two pilot applications and is open for additional application services who want to use the innovative FutureID technology.
 
  
 
'''SPEAKER BIO:'''
 
'''SPEAKER BIO:'''
  
Dr. Bud Peter Bruegger is Senior Scientist at Fraunhofer IAO, Germany, and Technical Coordinator for the FutureID project.
+
Roy Stranden has worked within security for more than 25 years, and has experience from the Nationa Police Security Service, the National Intelligence Service as well as from the consulting company Ernst & Young. Roy Stranden is currently the security manager for the media company Schibsted. Roy has an MSc in Risk, Crisis and Disaster Management, a Postgraduate Diploma in Security Management, a Certificate in Applied Intelligence and is currently studying for a Certificate in Terrorism Studies. Roy is also a Certified Information Security Manager (CISM).
 
+
Roy Stranden cheared the working group that developed the recent national standards prNS 5831 Risk Management and prNS 5832 Risk Analysis.
Dr. Bruegger holds a Dipl.Ing. degree from the Swiss Federal Institute of Technology and a PhD from the University of Maine. His career spans work in five countries and three languages, both in research and as a consultant. He has a long-standing experience in identity management and IT security, including very active participation in the Italian eID Pilot program, pioneering eID interoperability in Europe, and consulting on identity management and security for several large projects. Bud is a long-standing member of the Porvoo Group and organizer of Porvoo 12, acted as European chair for the Global Collaboration Forum on eIDs, and represented the Italian Ministry of the Interior in the Government Security Program with Microsoft. Currently, Bud holds the position of Senior Scientist in the Identity Management group at Fraunhofer IAO where he was lead author of the architecture of the EC-funded FutureID project. Bud is the author of a large number of publications and presentations and has been an invited expert and speaker for several EC events on identity.
 

Revision as of 07:01, 24 September 2014

Meaningful Risk Assessment

Date: 29 October 2014.

Location: Kristen Nygaards sal (room 5370), Ole-Johan Dahls hus (IfI).

Agenda

10:00h Welcome at IfI

10:15h Invited talk

11:00h Discussion

SPEAKER: Dr. Bud Peter Bruegger (Fraunhofer Institute)

TITLE: How to make risk assessment meaningful for organisations.

ABSTRACT: Risk is a relatively vague concept with many facets, and can be difficult to interpret. When organisations spend considerable time and money for the purpose of managing risk it is important that this effort results in meanigful results. This talk discusses the meaning of risk and its components, and how organisations can get the most benefit out of risk assessment exercises.


SPEAKER BIO:

Roy Stranden has worked within security for more than 25 years, and has experience from the Nationa Police Security Service, the National Intelligence Service as well as from the consulting company Ernst & Young. Roy Stranden is currently the security manager for the media company Schibsted. Roy has an MSc in Risk, Crisis and Disaster Management, a Postgraduate Diploma in Security Management, a Certificate in Applied Intelligence and is currently studying for a Certificate in Terrorism Studies. Roy is also a Certified Information Security Manager (CISM). Roy Stranden cheared the working group that developed the recent national standards prNS 5831 Risk Management and prNS 5832 Risk Analysis.