Presentation is loading. Please wait.

Presentation is loading. Please wait.

Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire.

Published byMarshall Townsend Modified over 9 years ago

Similar presentations

Presentation on theme: "Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire."— Presentation transcript:

1 research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire

2

3

4 Overview Research scope MSEC RL 1: Identity Management on Mobile platforms RL 2: Formal Security and Privacy Analysis Applied research projects

5 Security research at KU Leuven Department of Electrical Engineering Cryptographic algoritms and protocols Hardware support and embedded design Department of Computer Science Middleware for security Methodological support Technology driven Close collaboration with industry

6 Research scope MSEC o RL 1: Identity management using mobile platforms Jorn Lapon – Anonymous Credential Systems: From Theory Towards Practice Jan Vossaert – Privacy friendly identity management Faysal Boukayoua – Improving security and privacy on mobile devices o RL 2: Formal security and privacy analysis Koen Decroix – A Formal Approach for Inspecting Privacy and Trust in e-Services Laurens Lemaire – Analysis and management of security in industrial control systems

7 Identity management on mobile platforms Extending the scope of Belgian eID technology (J. Lapon) Proxy certificates Secure Storage 1.Identification 2.Authentication 3.Digital signature

8 Identity management on mobile platforms Revocation strategies using anonymous credentials (J. Lapon) Strong authentication Selective disclosure Unlinkable transactions Complex revocation strategy as no serials numbers are exposed

9 Identity management on mobile platforms Privacy preserving smartcard authentication (J. Vossaert) Weak security No personalisation No user control Single point of attack Static set of attributes Limited user control 1. Increased flexibility 2. User control 3. Online/offline services

10 Identity management on mobile platforms Privacy preserving smartcard authentication (J. Vossaert) SP i ID X ID Y ID Z (personalized ) policies Cached attributes lastValTime (1) mutual auth. (2)attribute_query Cert_SP (4)Attr query (5) PIN (7)release_attr’s Service request Handler Service request Handler (6)collect attributes (3)verify policy

11 Identity management on mobile platforms Client-Side Biometric Verification based on Trusted Computing (J. Vossaert) [1] [2] [3] [4] Secure authentication Biometric attestation Selective disclosure 1.Fingerprint templates are not exposed 2.Solution based on trusted computing technology

12 Identity management on mobile platforms Improving secure data storage in Android (F. Boukayoua) KDF slows down brute force attacks Secure element  online attacks Closed system Open system Security based on passcode Offline attacks

13 Identity management on mobile platforms Improving secure data storage in Android (F. Boukayoua) [1] [2] No denial-of-service attacks Prevention of key stealing No dictionary attacks Decryption keys are protected Context aware security decisions to constrain data and credential availability

14 Formal Security and Privacy Analysis Inspecting Privacy and Trust in e-Services (K. Decroix) Modeling complex interations in advanced electronic services Reasing about profiles compiled by service providers Evaluating the impact of authentication technologies on privacy Studying impact on trust on user selection

15 Formal Security and Privacy Analysis Inspecting Privacy and Trust in e-Services (K. Decroix) IDP: a knowledge base system providing multiple forms of inference and a declarative programming environment for an extension of first order logic.

16 Formal Security and Privacy Analysis Analysing security in industrial control systems (L. Lemaire) Input 1.Modeling ICS and SCADA systems 2.Modeling advanced attacks Output/feedback 1.Analysing the impact of security vulnerabilities 2.Evaluating accountabilities 3.Proposing countermeasures

17 Applied research projects Agency for Innovation by Science and Technology o Strategic Basic Research DiCoMas – Distributed Collaboration using MAS architectures MobCom – A Mobile Companion Middle/long term valorisation; user group: R&D departments o Technology Transfer Projects eIDea – Developing advanced applications for the Belgian eID Wiscy – Developing secure wireless environments SecureApps – Developing secure Mobile applications Short/middle term valorisation; user group: SMEs

18 Applied research projects

19 AXSMate – A platform for distributing digital keys Simplifying key management Supporting accountability Manageable revocation

20 Applied research projects Torekes – An alternative currency system o Increase social interaction in poor districts o Attract students by alternative payment method

Download ppt "Research at MSEC Vincent Naessens – Jorn Lapon – Jan Vossaert – Koen Decroix – Faysal Boukayoua – Laurens Lemaire."

Similar presentations

Fraunhofer Institute Secure Telecooperation Areas of Work.

Fraunhofer Institute Secure Telecooperation Areas of Work.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
OOI-CI–Ragouzis–2007.10.15 Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop 17-19 October 2007.

OOI-CI–Ragouzis– Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop October 2007.
A Security Analysis of Two Commercial Browser and Cloud Based Password Managers Rui Zhao 1, Chuan Yue 1, Kun Sun 2 University of Colorado Colorado Springs.

A Security Analysis of Two Commercial Browser and Cloud Based Password Managers Rui Zhao 1, Chuan Yue 1, Kun Sun 2 University of Colorado Colorado Springs.
Presenter: Nguyen Ba Anh HCMC University of Technology Information System Security Course.

Presenter: Nguyen Ba Anh HCMC University of Technology Information System Security Course.
9/11/2012Pomcor 1 Techniques for Implementing Derived Credentials Francisco Corella Karen Lewison Pomcor (http://pomcor.com/)

9/11/2012Pomcor 1 Techniques for Implementing Derived Credentials Francisco Corella Karen Lewison Pomcor (
Claudia Diaz, Hannelore Dekeyser, Markulf Kohlweiss, Girma Nigusse K.U.Leuven IDIS Workshop 29/05/2008 [Work done in the context of the ADAPID project]

Claudia Diaz, Hannelore Dekeyser, Markulf Kohlweiss, Girma Nigusse K.U.Leuven IDIS Workshop 29/05/2008 [Work done in the context of the ADAPID project]
Secure Communication Architectures.

Secure Communication Architectures.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center 2014 www.know-center.at Security.

Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center Security.
Access Control Methodologies

Access Control Methodologies
Authentication & Kerberos

Authentication & Kerberos
Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer

Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer
SKS – Secure Key Store KeyGen2 –Token Provisioning Protocol Executive Level Presentation.

SKS – Secure Key Store KeyGen2 –Token Provisioning Protocol Executive Level Presentation.
EDUCAUSE Fed/Higher ED PKI Coordination Meeting

EDUCAUSE Fed/Higher ED PKI Coordination Meeting
User Managed Privacy Using Distributed Trust Privacy and Security Research Workshop Carnegie Mellon University May 29-30, 2002 Lark M. Allen / Wave Systems.

User Managed Privacy Using Distributed Trust Privacy and Security Research Workshop Carnegie Mellon University May 29-30, 2002 Lark M. Allen / Wave Systems.
May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current.

May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current.
Dr. Sarbari Gupta Electrosoft Services Tel: (703)757-9096 Security Characteristics of Cryptographic.

Dr. Sarbari Gupta Electrosoft Services Tel: (703) Security Characteristics of Cryptographic.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.

Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.

Similar presentations

Ads by Google