This is a presentation by Jean-Baptiste Machemie, from the University of Limoges and a new project called Arya Security. The topic is automated analysis of Java Card applets, which is one of my favorite topics, and I am very happy to see interest from academia, as well as the emergence of companies who distribute such […]
Chip to Cloud, day 2: Java Card, 15 years later
Yes, this is my own session, so this is not really live. The idea is here to identify the most important events in the past 15 years of Java Card, and to take a look at the future. So, here are the selected events: 1996, Java on a smart card. That’s even more than 15 […]
Chip to Cloud, day 2: NFC authentication in the cloud
This is a presentation from Gemalto’s Maurizio Divona, delivered by her colleague Virgine Galindo. It starts from cloud authentication, where strong authentication typically happens with tokens that need to be distributed by service providers. The idea is of course to use NFC technology to simplify this, which would allow the use of strong authentication in […]
Chip to Cloud, day 2: My personal attribute hub
This is a talk by Annette Laube, from the University of Bern. It builds on Switzerland’s eID program, extending it for new uses. The idea of national eIDs is to provide electronic signatures, and to certify personal attributes taken from official documents like a passport. The SuisseID used in Switzerland is a tradtional one, in […]
Chip to Cloud, day 2: Identity in the real world
This is a talk from Sebastien Taveau, from Validity. He starts by reminding password and PIN issues, and how they are becoming liabilities very quickly. In addition, every person has several identities online, which are more or less related to each other. Authentication systems in use of Internet have no way to relate services to […]
Chip to Cloud, day 2: Adaptive authentication
This first speech of the day is by Gemalto’s Asad Ali, about adaptive authentication, which I would define as authentication that adapts to the current situation. For instance, if something is unusual, like if you are very far from home, it will ask you for more information, such as authentication from a second factor. Basically, […]
Chip to Cloud, day 1: Mobile authentication
Presentation from Vasco’s Nicolas Fort. Of course, the use case is about banking, since this Vasco’s stronghold. Banks have been used to interface with customers face to face in branches. 40 years ago, they added the phone, first with a human on the bank’s end, then without. They then added the ATM network to check […]
Chip to Cloud, day 1: Security of the cloud interface
This is a talk by Karen Lu, a Gemalto scientist. She has shown that the number of API’s available for building cloud apps is growing exponentially, with over 7000 APIs available today. Since APIs are the way to access cloud resources, they must be aquately protected. When a client uses an API, it has to […]
Chip to Cloud, day 1: Now, cloud TSM
A presentation by Thian Yee, from Cassis (a Safran Morpho company). TSMs are moving from 1-1 relationships to n-n relationships. The challenges they face are related to customer experience, which must be very simple and consistent; flexibility and scalability, as demand is very variable, depending on product launches, with unsustainable peak demand; and finally, regulatory […]
Chip to Cloud, day 1: Cloud SE
Inside Contactless proposes to put many Virtual Secure Elements in a cloud server, rather than having a Secure Element on every device. Only authentication is performed on the deive, with the SIM. This is quite daring for a silicon vendor, since the virtual SEs are obviously not small chips (they mentioned that it would run […]