|
|
|
|
| Smart Event Home > e-Smart Home > e- Smart Program (last update: September 15, 2009) |
e-Smart
at a glance
| Morning |
|
|
| Afternoon |
End of the conference |
|
Technology Innovations |
|
Smart Security |
|
|
Badges delivery - Registration - Welcome Coffee
|
Smart Event 2009 Grand Opening Session - Plenary Session
Part 1: TRUST IN DIGITAL LIFE
Chaired by Jacques Bus, Head of Unit Trust & Security in ICT
Research at the European Commission
Our ever more connected world faces raising concerns about cybercrime,
identity theft, bank cards frauds and other data breaches. To ensure
durable growth of consumer and citizen centric digital services, each
part of the digital offer must gain trust from users. This challenge
stimulates innovation from Smart Security stakeholders along with other
industries - device manufacturers, application and service
providers, operators, etc. - and governments.
The trust factor will be discussed in its multiple dimensions:
- European Trust Approach and the public-private partnership initiated
by Gemalto, Philips, Nokia and Microsoft
- Standardisation and interoperability issues to achieve trust in
digital services
- "Digital identity" challenges in ID management and ID provisioning
onlineIndustrial perspective: cooperation and innovation to harmonize
R&D and marketing efforts
Outstanding keynote speakers include:
- Kim Cameron, Chief Architect of Identity and Access, Microsoft
- Prof. Reinhard Posch, CIO for the Federal Government of Austria
- Jacques Seneca, Executive Vice President Security Business Unit,
Gemalto
- Walter Weigel, Director General, ETSI … |
|
Part 2: Grand Opening Panel Debate:
NFC and Mobile Payment: Challenges and Opportunities
Moderated by Marc Bertin, Chairman, Eurosmart
|
|
Who is going to brave the Crunch to lead NFC Mobile Payment deployment? The one who will solve some sizeable problems that hinder the development of the currently fragile, embryonic NFC ecosystem. One of them relates to the flagship application of mobile banking/payment. But nobody has not yet managed to find the proper deployment and logistical models that will fulfil all the requirements, in terms of security and marketing for the banks, as well as those of their inevitable partners, the MNOs. This is rendered all the more frenetic by incessant reminder that end-user expectations are incredibly high.
The challenges are well-known and the opportunities are still great!
The panel will include:
- Bent Bentsen, Vice Chair, Mobey Forum
- Nader Henein, Security Advisor, EMEA, Research In Motion
- Dr. Andreas Schauer, Product Line Manager Mobile Payment, Division Payment, Giesecke & Devrient
- Jean-Philippe Betoin, NFC Forum |
|
Lunch - Networking - Exhibition
|
|
|
Breakthroughs in Smart Security
Technologies: 2009 Harvest
Moderator: Jean-Paul Thomasson, Security Expert, STRATEGIES TELECOMS & MULTIMEDIA
Discover
the latest smart card technologies from the labs: parallel computing,
new flash memory management, record-breaking 90nm EEPROM, power-aware
application development and other advances of secure and mobile
devices… This session also takes the opportunity to analyse the
potential usage and new market that are now possible with theses new
features.
|
Hardware Technologies Breakthroughs:
|
A Breakthrough for Smart Cards: Parallel Computing - Or - Why Several Cards are Smarter Than One ...
• Parallel computing for smart cards
• SSL stack architecture for parallel computing
• Analysis of experimental results with java cards.
Pascal Urien, Professor - TELECOM PARISTECH (France)
|
eFTL: A Software Solution to Improve Data Cycling for Internal Flash Memory ...
• Differences between EEPROM and embedded Flash management
• The eFTL architecture and benefits of each algorithm
Hubert Rousseau, Smart Card Architect - STMicroelectronics (France)
|
A 90nm EEPROM Technology for Secure IC's ...
• Advanced EEPROM with byte access, using ROM masked OS
• Benefits of 90nm technology
• Presentation of the first prototype results
Roberto Annuziata, Antonino Conte (speaker) Microcontrollers Memories
& Smart Cards R&D Manager - STMicroelectronics (Italy); Jean Devin - STMicroelectronics (France)
|
Coffee & Refreshments Break - Networking - Exhibition
Software Technologies Breakthroughs:
|
Rapid Power-Aware Application Development for Smart Card Systems ...
• Extend existing software development environments with power
consumption information
• Enable rapid application development by providing power consumption feedback
• Decrease time-to-market due to the avoidance of potential ‘power bugs’
Andreas Genser (Speaker), Christian Bachmann, Christian Steger, Reinhold Weiss, Institute of Technical Informatics - GRAZ UNIVERSITY OF
TECHNOLOGY (Austria); Josef Haid, Design Center Graz - INFINEON
(Austria)
|
Higher Radix and Mixed Radix Logic in Secure Devices ...
• Power analysis and methods of protection; balanced encodings.
• Binary vs multi-valued; problems of multi-valued logic synthesis.
• Mixing radices in order to optimise power consumption of the secure devices.
Ashur Rafiev (Speaker) PhD Student, Julian P. Murphy PhD Research
Associate, Alex Yakovlev DSc Professor Head of Multi-Synchronous Design
Research Group - NEWCASTLE UNIVERSITY (UK)
|
A Secure-Runtime in the Mobile - The Next Step in Mobile Device Security ...
• What are the benefits of a Secure-Runtime environment in the
application processor of a mobile?
• How can such a secure execution environment be realized?
Dr. Stephan Spitz Manager New Technologies (Speaker) - GIESECKE &
DEVRIENT (Germany); Dr. Walter Hinz - GIESECKE & DEVRIENT (Germany); Robert Brown - ARM (UK)
|
Closing discussion:
Smart Security Technology Breakthroughs
for Customers Real Needs |
|
|
Modelling, Testing &
Implementing Smart Security
Moderator: to be appointed
Trends
and concrete solutions in the field of smart security modelling and
testing to ensure an adequate level of security for every use cases:
service oriented architectures, open smart card environment, Java Card
and GlobalPlatform environments. The evaluation of security includes
innovative and advanced threat analysis techniques. The possibilities
of quantum key distribution are also on the agenda.
|
Security Modelling & Formal Methods:
|
Meta Modelling Environment for Design and Generating Security Requirements in SOA ...
• Concept of Model Driven Security for a software development process
• Correct realization and cost-efficient management of decentralized, security-critical workflows
Mirad Zadic (Speaker), Andrea Nowak - AUSTRIAN RESEARCH CENTERS (Austria)
|
A Formal Model of Multi-application, Multi-Actor and Opened Smart Card Environment ...
• Formal modeling of Java Card and GlobalPlatform environments
• Open and Communicating environments
• Security properties of GlobalPlatform UICC Configuration
• Increased confidence for multi-actor environment on future (U)SIM cards
Bruno Barras, Guillaume Dufay Senior Security Consultant (Speaker), Claire Loiseaux - TRUSTED LABS (France)
|
Dedicated Smart Card Security Checking Based on Property Driven Model ...
• Methodology to stimulate attacks on the C source code of a smart card
• How physical fault injection can be simulated by code injection
Francis Chamberot, Application Embedded Development Group Leader; Xavier
Kauffmann, Embedded Development Engineer, Cryptography & Security
Group (Speaker) - OBERTHUR TECHNOLOGIES (France)
|
Coffee & Refreshments Break - Networking - Exhibition
Smart Security Implementation:
|
Combining Information Theory and Side Channels to Break Secure Implementations ...
• Theoretical foundations behind MI-based attacks, limitations and
assets
• Extension of the works published at CHES 2008
Emmanuel Prouff Security Expert (Speaker), Matthieu Rivain,
Cryptography & Security Group - OBERTHUR TECHNOLOGIES (France)
|
A Proved "Correct by Construction" Memory Protection Unit ...
• The memory protection unit (MPU) used in the new ST23 family of
product
• Main design steps followed to achieve the development of code
• Comparison with the code for the same macro-cell developed in a traditional flow.
Marc Benveniste, DSA Division, STMicroelectronics (France)
|
Using
Quantum Key Distribution as a strong security enabler in digital
networks : the SECOQC demonstration network and the next generation of
QKD-based security applications ...
• Quantum key distribution (QKD) and QKD networks
• Achievements of the SECOQC FP6 integrated project
• Demonstration of a secure application based on QKD
• ETSI ISG on QKD
Romain Alleaume, Assistant Professor - TELECOM PARISTECH & Co-founder of SeQureNet (France)
|
Closing discussion:
Taking-up the Smart Security Technologies Endless Challenge |
|
|
Trusted Personal Devices
Moderator: Jean-Pierre Delesse - EUROSMART
These
convenient technologies of storing data have to be proven as secure as
smart cards. After a thorough state-of-the-art of the new form factors
tokens, this session will review various solutions and technologies
aimed at securing computer based transactions, physical and logical
access control or Electronic Cash Registers. A final look at elliptic
curve cryptography in small devices will conclude the session.
|
Smart USB Token-Another Innovative Solution in The Smart Security World
Jean Pierre Delesse, Convenor of the New Form Factors Working Group - EUROSMART (Belgium)
|
Smart Tokens as Security Enabler for Mobility Solutions ...
• A comprehensive picture of the world of smart tokens
• Insights on the emerging challenges for this technology
Gérald Maunier, Senior Architect - GEMALTO (France); Dr Jacques Fournier Research Engineer (Speaker) - CEA-LETI (France)
|
SmartUSB for Safe Computing and Media Sharing ...
• How USB technology can be used both to extend traditional smartcard
applications and bring security to Computer operations
• Main features of STMicroelectronics smartUSB devices
Olivier Rouy - STMicroelectronics (France)
|
Coffee & Refreshments Break - Networking - Exhibition
URpass: A Single Device Both Physical and Logical Access Control ...
• URpass overview and Architecture
• Authentication & Authorization
• Deployment
Sean Gao, Vice President - WATCHDATA (China)
|
INSIKA - A New Approach against Tax Frauds at Electronic Cash Registers ...
• The INSIKA concept with special features and characteristics of the
smart card
• Showing the models, system interfaces and verification mechanisms
• Showing the advantages of the system for the society
Dr Norbert Zisky (Speaker), Head of the WG 8.52 Data communication
& security, Jörg Wolff, Research Associate - PHYSIKALISCH
TECHNISCHE BUNDERSANSTALT (Germany); Mathias Neuhaus, System engineer -
cv cryptovision (Germany)
|
Secret Handshakes - Performance Evaluation of Asymmetric TLS Primitives on Small Devices ...
• TLS protocol suite advantages
• Thorough performance comparison of the different ciphersuites
• The new possibilities offered by elliptic curve cryptography
Manuel Koschuch Scientific Assistant (Speaker), Matthias Hudler, Michael Krueger - VIENNA UNIVERSITY OF APPLIED SCIENCE (Austria)
|
| Lunch - Networking - Exhibition |
|
|
NFC & RFID: Wireless Technologies Security
Moderator: Laurent Sourgen, Strategic R&D Program Director, MMS Group - STMicroelectronics
Contactless
is one of the 2009’s keywords in smart card industry. Beyond the hype,
this session assesses the NFC and RFID devices through security
evaluation. Most advanced techniques of risk analyses and penetration
testing are here applied to wireless platforms: risk analysis
methodology, glitch attack, practical algebraic attacks along with the
use of common criteria package.
|
Risk Analysis Methodology on Contactless Link ...
• Risk analysis methodology on contactless systems
• Vulnerabilities and threats on the contactless radiofrequency link
• Description of attack scenarios on contactless cards
• Quotation methodology for risk ranking
François Vacherand Head of Security Division (Speaker), Jacques Revery,
Project Manager - CEA LETI MINATEC; Claude Tételin, CTO - RFID FRENCH
NATIONAL CENTRE; Alain Boudou, Security Certification Manager - GEMALTO
; Mathieu Lisart, HW Security Engineer - STMicroelectronics (France)
|
Is Glitch Attack still Possible in Contactless? ...
• Most common contactless features and countermeasures
• Glitch attack Analysis. Circuitry to perform the attack and parameters
• Results and interpretation
Guillem Ernest Malagarriga Vilella Product & Project Evaluation
Manager (Speaker), Nuria Carrio Misas Testing Engineer, Manel Rodriguez Millan Testing Engineer - APPLUS-LGAI (Spain)
|
Practical Algebraic Attacks on the Hitag2 Stream Cipher in RFID Transponders ...
• Cryptanalysis of LFSR-based stream ciphers,
• Constraint satisfaction problems, heuristic methods for solving NP-hard problems,
• Philips/NXP HT2 Transponder Family, Communication Protocol
Nicolas T. Courtois - UNIVERSITY COLLEGE LONDON (UK) ; Sean O'Neil - VEST CORPORATION (France) ; Prof. Jean-Jacques Quisquater (Speaker) - UNIVERSITY CATHOLIQUE LOUVAIN (Belgium)
|
Coffee & Refreshments Break - Networking - Exhibition
Experimental Measurements for Risk Analysis Quotation on Contactless Devices ...
• Quotation and estimation of criteria for risk analysis
• Eavesdropping on ISO 14 443 systems
• Remote activation on ISO 14 443 systems
• ISO 14 443 protocol information leakage
François Vacherand Head of Security Division, Jacques Revery, Project
Manager - CEA LETI MINATEC; Claude Tételin, CTO, RFID FRENCH NATIONAL
CENTRE; Alain Demange, Professor, ISEN Toulon; Eric Bourbao, Security
Test Engineer - GEMALTO; Philippe Lalevee et Rémi Nannini, ENSM. SE
(France)
|
EAP_VAN5: a Common Criteria Package to Optimize Complex Product Evaluation Requiring High Robustness as m-NFC Smartcards ...
• The challenge of evaluating new Mobile smartcard platform using
Common Criteria
• Overview of the EAP_VAN5 package
François Guérin, Security Program Manager Gemalto, contributor in EPOMI RESEARCH PROGRAM (France)
|
Closing discussion:
What security for the contactless devices? |
|
|
| State of the Art in Security Advanced Research |
| This
session invites best-in-class researchers to present the latest
advances of their work in complementary fields, all related to
enhancing strong security: networking, IT security engineering, secure
components design. |
|
|
Keynote
Adaptive resilience of networks in the presence of attacks
Erol Gelenbe, Professor in the Dennis Gabor Chair - IMPERIAL COLLEGE LONDON (UK) |
| |
Towards Security as an Engineering Discipline (to be confirmed)
Antonio Maña, Professor, Computer Science Department - UNIVERSITY OF MALAGA (Spain)
|
Coffee & Refreshments Break - Networking - Exhibition
Physical and Formal Attacks State of the Art
...
The LCCS laboratory (Laboratoire de Conception de Systèmes Sécurisés - Secure
Component Design Lab) is at the forefront in the field of security
characterization. Its strength lies in its joint research team between
the CEA-LETI (Electronics and Information Technology Laboratory of the
French Atomic Energy Commission) and the ENSM-SE (Ecole Nationale
Superieure des Mines de Saint-Etienne). They will present impressive
demos showing weaknesses of current secure devices and ways to counter
them, as well as the innovative approach of their mutualized labs.
Demo
session by LCCS Laboratory and ENSM- SE/CEA-LETI (France), under the
supervision of Dr. Assia Tria, Head of the LCCS Laboratory -
ENSMSE/CEA-LETI |
| |
|
|
| |
|
Keynote address by Dr. Assia Tria
ASFIP: Attack Standardization for FingerPrint systems certification
Dr. Assia Tria, Head of the LCCS Laboratory, ENSMSE-CEA-LETI, Claude Barral (Speaker), A. Yacoub and Sebastien Sanaur - ENSM-SE (France)
|
| |
|
|
Low cost fault injection method for security characterization ...
• The need of security characterization tools to rise the level of confidence at design time
• A low-cost fault injection method based on clock reshaping for IC protoypes
• Experimental validation reports on an AES prototype
Jean-Max Dutertre, Assistant Professor (Speaker), Bruno Robisson, Michel Agoyan and Assia Tria - ENSM-SE (France)
|
| |
|
|
Security characterization laboratories: an innovative mutalized approach
Anne-Lise Ribotta, Research Engineer (speaker), Loic Lauro and Assia Tria - ENSM-SE (France)
|
| |
|
|
Keynote
Extracting Unknown Keys from Unknown Algorithms Encrypting Unknown Fixed Messages and Returning no Results ...
In addition to its usual complexity assumptions, cryptography silently assumes that information can be physically protected in a single location. As we now know, real-life devices are not ideal and confidential information leaks through different physical channels. Whilst most aspects of side channel leakage are now well understood, no attacks on totally unknown algorithms are known to date. This talk will describe such an attack. By totally unknown we mean that no information on the algorithm's mathematical description (including the plaintext size), the microprocessor or the chip's power consumption model is available to the attacker.
Prof. David Naccache |
|
|
Emerging Security Technologies Opportunities
Moderator: Xavier Larduinat, EUROSMART
As
the world gets more connected through web-based technologies, in the
same move the scope of Digital Security extends to new territories.
This session review the new security requirements of embedded web
servers and services, of Machine to Machine and ubiquitous
environments. |
Web-Based Solutions Security:
|
Security and Trust for Cloud Computing
Xavier Larduinat, Convenor of the Market & Technology Working Group
- EUROSMART (Belgium)
|
New Security Issues Related to Embedded Web Servers
Eric Vetillard, Chief Technology Officer - TRUSTED LABS (France)
|
Convergence in Contactless Payment with Transit, Retailing, Access Control & Identification
Carloman Grelu, Regional Sales Engineer - INSIDE CONTACTLESS
(France)
|
Coffee & Refreshments Break - Networking - Exhibition
M to M Devices and System Security:
|
A Global View on The Requirements for M2M Devices
Daniel Borleteau, RENESAS TECHNOLOGY EUROPE (France)
|
M2M, The Vision of a Secured Microcontroller Solution Provider
Laurent Sustek, M2M Marketing Manager - ATMEL (France)
|
Trusted Track and Trace - Deploying Reliable Visibility Solutions
Gabriel Nasser (Speaker), CEO, Adrian Prezioso, CTO - TJS (UAE)
|
Closing discussion:
Secrets & Lies about Emerging Technologies Security |
|
|
|
Java Card and Java Card 3.0 Platform
Moderator: Christian Goire, President, JAVA CARD FORUM
Java
Card 3.0 specification has introduced a drastical change in the way
smart card applications are designed, developed, deployed, and
integrated. After a presentation of the new GlobalPlatform v3.0, this
session reviews the new possibilities of Java Card 3. Further Java Card
platform exploration will then be conducted through security assessment
and examples of innovative applications.
|
Migration Guidelines for GlobalPlatform v3.0 ...
• GP v3.0 Overview: Objective, Roadmap, Documents structure, Technical
content
• Migration view points: identification of the faced issues and
solution to address them regarding application provider, embedded card
management, off-card management service, application manager
Olivier Potonniee,
Senior Research Engineer, Gemalto (France) - Coordinator of the
GlobalPlatform Card Specification v3.0 Working Group
|
Java Card™ 3 Platform - New Opportunities for Standardized Cards and Security Devices
...
• Java Card 3 Platform overview
• Sample use cases in telco, NFC, finance and Smart ID
• Sample use cases beyond the Card & SIM
Brian A. Kowal, Head, Java Card Marketing and Business - SUN
MICROSYSTEMS (USA)
|
PlaySIM a Platform for Java Card™ 3 Prototypes
Sebastian Hans (Speaker), Senior Staff Engineer - SUN MICROSYSTEMS
(Germany); Eric Arsenau, Principal Investigator SUN MICROSYSTEMS (USA)
; Steinar Brede Research Manager, Fritjof Boger Engelhardtsen
Researcher, TELENOR ASA R&I
|
Coffee & Refreshments Break - Networking - Exhibition
Fault Attacks on Java Card 3.0 Virtual Machine ...
• TCP/IP and network access despite lacking terminal support
• Simulate SIM and smartcards with embedded wireless radios or sensors
• Experiment withNFC, SIM card management (GlobalPlatform), M2M, smart cards with gigabytes of memory…
Guillaume Barbu, PhD Student, OS & Platforms/VM Group, OBERTHUR
TECHNOLOGIES - SEN Group TELECOM PARISTECH (France)
|
Reverse Engineering of Java Card Applications: A Real Thread or A Challenge? ...
• How CAP files can be effectively reverse engineered
• Proposed recovery technique
• Why reverse engineering attacks should be seriously considered by
Java Card developers intending to distribute their applications to the
third parties
Dr. Vladimir Nagin Managing Director, Dr. Dmitry Shorin Project
Director (Speaker) - CELLNETRIX (Russia) - Andrey Lystsov,
post-graduate student MOSCOW INSTITUTE OF ELECTRONIC
TECHNOLOGIES, Research Engineer - CELLNETRIX (Russia)
|
Implementing Electronic Identity Cards with the Java Card Standard ...
• Introduction on the Java Card use for electronic identity card (e-ID).
• Pros and cons of using the Java Card standard to implement e-IDs
Benjamin Drisch, Senior Security Consultant (Speaker); Klaus Schmeh, Product Manager - CV CRYPTOVISION (Germany)
|
|
|
Secure Content Delivery & DRM
Moderator: Michel Koenig, Professor - UNIVERSITY OF NICE SOPHIA ANTIPOLIS
In
this session, threats of new mobile media & contents services are
addressed by new smart card generation or implementing user privacy
protection models suited to mobile devices constraints. Various SIM
based and software approach are presented for new needs such as
P2P networks, DVB-H mobile handsets. |
Content protection in the age of "DRM Free"...
• Not all content is created equally. Content protection schemes for different types of media;
• Threat model - What are we protecting (content, keys, streams and usage models);
• A teardown of the a comprehensive content protection solution.
Amit Shofar, VP Business Development, DISCRETIX INC. (Israel)
Secure DRM Scheme for p2p Network ...
• State of the art of DRM & p2p and introduction to the project;
• The system components: Sentinel™ hardware key, p2p network and VLC;
• The solution: VaDeSe DRM strategy;
• Next steps & Future work.
Stefano Carrino PhD student (Speaker), Elena Mugellini Professor, Omar
Abou Khaled Professor, Jean-Roland Schuler Professor - UNIVERSITY OF
APPLIED SCIENCE OF FRIBOURG (Switzerland)
|
|
Coffee & Refreshments Break - Networking - Exhibition
|
Secure Media SIM a Personal audio/video Decoder into a SIM Card for DVB-H Broadcasted TV ...
• What is the Secure Media SIM
• Impact on the professional people
• Status of the project
- SECURE MEDIA SIM (France)
The "Secure Media SIM" bitstream Structure for Video Encryption and Fingerprinting ...
• Syntax extension facilities provided by MPEG-2 and H.264
• How motion vectors in MPEG-2 and H.264 syntax can be replaced by scrambled, encrypted or null value
Marc Antonini Director of Research (Speaker), Marco Cagnazzo, Marie
Oger - I3S laboratory, UNIVERSITY OF NICE SOPHIA ANTIPOLIS and CNRS
(France)
|
|
|
|
End of e-Smart 2009 - no lunch
Next year edition: book your calendar for September 2010
Further
adjustments can occur. The organizers reserve the right to change the
agenda of the conference and the identity of the speaking persons.
|
|
|
|
|
