research at MSEC Vincent Naessens Jorn Lapon Jan

  • Slides: 20
Download presentation
research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix

research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire

Overview • Research scope MSEC • RL 1: Identity Management on Mobile platforms •

Overview • Research scope MSEC • RL 1: Identity Management on Mobile platforms • RL 2: Formal Security and Privacy Analysis • Applied research projects

Security research at KU Leuven • Department of Electrical Engineering • Cryptographic algoritms and

Security research at KU Leuven • Department of Electrical Engineering • Cryptographic algoritms and protocols • Hardware support and embedded design • Department of Computer Science • Middleware for security • Methodological support • Technology driven • Close collaboration with industry

Research scope MSEC o RL 1: Identity management using mobile platforms Jorn Lapon –

Research scope MSEC o RL 1: Identity management using mobile platforms Jorn Lapon – Anonymous Credential Systems: From Theory Towards Practice • Jan Vossaert – Privacy friendly identity management • Faysal Boukayoua – Improving security and privacy on mobile devices • o RL 2: Formal security and privacy analysis Koen Decroix – A Formal Approach for Inspecting Privacy and Trust in e-Services • Laurens Lemaire – Analysis and management of security in industrial control systems •

Identity management on mobile platforms • Extending the scope of Belgian e. ID technology

Identity management on mobile platforms • Extending the scope of Belgian e. ID technology (J. Lapon) Secure Storage 1. Identification 2. Authentication 3. Digital signature Proxy certificates

Identity management on mobile platforms • Revocation strategies using anonymous credentials (J. Lapon) •

Identity management on mobile platforms • Revocation strategies using anonymous credentials (J. Lapon) • Strong authentication • Selective disclosure • Unlinkable transactions • Complex revocation strategy as no serials numbers are exposed

Identity management on mobile platforms • Privacy preserving smartcard authentication (J. Vossaert) • Weak

Identity management on mobile platforms • Privacy preserving smartcard authentication (J. Vossaert) • Weak security • No personalisation • No user control • Single point of attack • Static set of attributes • Limited user control 1. Increased flexibility 2. User control 3. Online/offline services

Identity management on mobile platforms • Privacy preserving smartcard authentication (J. Vossaert) (6)collect attributes

Identity management on mobile platforms • Privacy preserving smartcard authentication (J. Vossaert) (6)collect attributes IDX IDY (3)verify policy (1) mutual auth. Service request Handler (2)attribute_query Cached attributes last. Val. Time Cert_SP (personalized) policies IDZ (4)Attr query (5) PIN (7)release_attr’s SPi

Identity management on mobile platforms • Client-Side Biometric Verification based on Trusted Computing (J.

Identity management on mobile platforms • Client-Side Biometric Verification based on Trusted Computing (J. Vossaert) [2] [4] [3] • Secure authentication • Biometric attestation • Selective disclosure 1. Fingerprint templates are not exposed 2. Solution based on trusted computing technology [1]

Identity management on mobile platforms • Improving secure data storage in Android (F. Boukayoua)

Identity management on mobile platforms • Improving secure data storage in Android (F. Boukayoua) • KDF slows down brute force attacks • Secure element online attacks • Closed system • Open system • Security based on passcode • Offline attacks

Identity management on mobile platforms • Improving secure data storage in Android (F. Boukayoua)

Identity management on mobile platforms • Improving secure data storage in Android (F. Boukayoua) • No denial-of-service attacks • Prevention of key stealing • No dictionary attacks • Decryption keys are protected [2] [1] Context aware security decisions to constrain data and credential availability

Formal Security and Privacy Analysis • Inspecting Privacy and Trust in e-Services (K. Decroix)

Formal Security and Privacy Analysis • Inspecting Privacy and Trust in e-Services (K. Decroix) • • Modeling complex interations in advanced electronic services Reasing about profiles compiled by service providers Evaluating the impact of authentication technologies on privacy Studying impact on trust on user selection

Formal Security and Privacy Analysis • Inspecting Privacy and Trust in e-Services (K. Decroix)

Formal Security and Privacy Analysis • Inspecting Privacy and Trust in e-Services (K. Decroix) IDP: a knowledge base system providing multiple forms of inference and a declarative programming environment for an extension of first order logic.

Formal Security and Privacy Analysis • Analysing security in industrial control systems (L. Lemaire)

Formal Security and Privacy Analysis • Analysing security in industrial control systems (L. Lemaire) • Input 1. Modeling ICS and SCADA systems 2. Modeling advanced attacks • Output/feedback 1. Analysing the impact of security vulnerabilities 2. Evaluating accountabilities 3. Proposing countermeasures

Applied research projects • Agency for Innovation by Science and Technology o Strategic Basic

Applied research projects • Agency for Innovation by Science and Technology o Strategic Basic Research Di. Co. Mas – Distributed Collaboration using MAS architectures • Mob. Com – A Mobile Companion • • Middle/long term valorisation; user group: R&D departments o Technology Transfer Projects e. IDea – Developing advanced applications for the Belgian e. ID • Wiscy – Developing secure wireless environments • Secure. Apps – Developing secure Mobile applications • • Short/middle term valorisation; user group: SMEs

Applied research projects

Applied research projects

Applied research projects • AXSMate – A platform for distributing digital keys Simplifying key

Applied research projects • AXSMate – A platform for distributing digital keys Simplifying key management Supporting accountability Manageable revocation

Applied research projects • Torekes – An alternative currency system o Increase social interaction

Applied research projects • Torekes – An alternative currency system o Increase social interaction in poor districts o Attract students by alternative payment method

Jorn Utzon Jrn Utzon Jorn Utzon 5 ThingsJorn Utzon Jrn Utzon Jorn Utzon 5 Things
A kvetkez lapon tallhat nhny tippet mint amilyenA kvetkez lapon tallhat nhny tippet mint amilyen
Nurses Role in Assisted Suicide Desirae Naessens ObjectivesNurses Role in Assisted Suicide Desirae Naessens Objectives
5 Jan 12 Jan 19 Jan 26 Jan5 Jan 12 Jan 19 Jan 26 Jan
5 Jan 12 Jan 19 Jan 26 Jan5 Jan 12 Jan 19 Jan 26 Jan
Learning Technologists Virtual Community Practitioners Linda Jorn DirectorLearning Technologists Virtual Community Practitioners Linda Jorn Director
Failures and fault classification Jrn Vatn NTNU jornFailures and fault classification Jrn Vatn NTNU jorn
Ruimteschip Aarde klimaatverandering vanuit de ruimte Jorn vanRuimteschip Aarde klimaatverandering vanuit de ruimte Jorn van
A biodiversityinspired approach to marine ecosystem modelling JornA biodiversityinspired approach to marine ecosystem modelling Jorn
Evaluatie en CV Even voorstellen Jeroen Moes JornEvaluatie en CV Even voorstellen Jeroen Moes Jorn
A biodiversityinspired approach to marine ecosystem modelling JornA biodiversityinspired approach to marine ecosystem modelling Jorn
Quantifying the organic carbon pump Jorn Bruggeman TheoreticalQuantifying the organic carbon pump Jorn Bruggeman Theoretical
RCM Reliability Centred Maintenance Jrn Vatn NTNU jornRCM Reliability Centred Maintenance Jrn Vatn NTNU jorn
Jrn Vatn NTNU jorn vatnntnu no Trondheim GjvikJrn Vatn NTNU jorn vatnntnu no Trondheim Gjvik
M C DHIVYA Assistant Professor Mathematics MSEC DefinitionM C DHIVYA Assistant Professor Mathematics MSEC Definition
MSEC WG status Brian Weis IETF62 Minneapolis MNMSEC WG status Brian Weis IETF62 Minneapolis MN
HARMONIC ANALYSIS T MANIKANDAN AP MATHEMATICS MSEC HARMONICHARMONIC ANALYSIS T MANIKANDAN AP MATHEMATICS MSEC HARMONIC
Introduction to Multimedia and MSEC 20 791 MikeIntroduction to Multimedia and MSEC 20 791 Mike
MARKOV CHAIN M PRABHA AP MATHEMATICS MSEC MarkovMARKOV CHAIN M PRABHA AP MATHEMATICS MSEC Markov