[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Call for input: Asia PKIF Forum Panel Discussion
Dear All The next meeting of the Asia PKI Forum (Taipei, September 13-15) features a panel discussion about PKI in the "ubiquitous network". I will be speaking on the panel. This e-mail is to invite input from the TC on this topic. Attached is the panel background. I will also upload the conference program to the TC pages, for further information. As you can see, there is a certain emphasis on privacy and cybercrime. I happen to have been working extensively on these topics in the past 12 months, and I have also developed various views about embedded/automated client side PKI. So my initial thoughts about the panel discussion are listed below. However, I would like to make sure that my presentation is reflective of the PKI TC. So please let me have your thoughts too. -- NIST and others have concluded that the only way to prevent Man In The Middle attack (a major new vector for phishing and id crime) is PKI- enabled smartcards. This is a major indicator of the requisite widespread use of PKI and smartcards to protect privacy and combat cyber crime. -- Further, PKI offers ways to mask identities via anonymous digital certificates in order to deidentify such transactions as electronic health records, e-voting, online census collection etc. -- A major trend in PKI deployment worldwide is embedded digital certificates, whereby the technology is no more complex for users than are magnetic stripes on regular plastic cards. Examples include EMV smartcards, e-passports, national identity cards, national health entitlement cards, and set-top cable TV boxes. -- Smartcards (and related mobile devices like cell phones and PDAs) can function as containers for multiple digital credentials. This means that PKI need not lead to a single digital identity, and therefore PKI can be fundamentally privacy-enhancing. Comments are welcome! If anyone is interested, further details on some of these thoughts are at http://www.lockstep.com.au/library/ehealth/a_novel_application_of_pki_sm and http://www.lockstep.com.au/library/privacy/submission_to_the_2005_senate Cheers, Stephen. Stephen Wilson Lockstep Consulting Pty Ltd www.lockstep.com.au ABN 59 593 754 482 11 Minnesota Ave Five Dock NSW 2046 Australia P +61 (0)414 488 851 -------------------- About Lockstep Lockstep was established in early 2004 by noted authentication expert Stephen Wilson, to provide independent advice and analysis on cyber security policy, strategy, risk management, and identity management. Lockstep is also developing unique new smartcard solutions to address privacy and identity theft.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]