EUSTIX launches task force "Smart Infrastructure - Smart Meter"

Smart Metering is a key technology, promising more flexibility and transparency for customers and market participants. Due to efforts for liberalization of energy markets the European Commission enforces rollout of smart meters.
But beside all memberships, that will come around with this new technology, there are still major issues to be solved. Especially in the area of consumers privacy and datasecurity, there is a main gap between privacy rights for consumers and technical implementation. The University in Münster for example demonstrated, that - by using market conform smart meters - it was possible, to not only identify all electtrical equipment within a houshold, but as well the TV program or DVD movies. Therefore the link of information and identites could lead to a privacy and trustworthyness discussion.
As we think, that the EUSTIX concept of federated identity management could save this problems, we start a task force "Smart Infrastructure - Smart Meter", that should:
    - prepare concepts of powerful smart meter infrastructure, considering both, stakeholders and consumers concerns,
    - discuss the options to interface available solutions to an EUSTIX infrastructure
    - discuss necessary policies, that have to be taken into account by the EUSTIX principles
    - discuss privacy and legal requirements to establish a best practice strategy and implementation
    - prepare a proposal for a best practice pilot
    - discuss requirements from stakeholders within the energy markets point of view, including new use cases and business models,
       to be compliant with EUSTIX principles.
The task force, support of the Vienna Business Agency, will start with an initial workshop on July 19th 2012 in Vienna.
It is directed by DI Andreas Grübl from 3Berg GmbH, a long-standing veteran within the energy business and member of EUSTIX Alliance.
For further details, please contact Andreas Grübl directly:

Open eCard - new initiative to develop an open source client for German eID Card

A group of German developers from well known companies and institutions in the area of the German eID card (like G&D, Ageto, Technical University of Darmstadt, ...) has launched an open source project to develop a new client for the German eID card.
Reading the requirement specification, it seems that this initiative has learned from the past.
- it will work on all relevant platforms (including NFC enabled mobile devices),
- the terminal interfaces will be based on IFD Standard (which means, that PC/SC enabled terminals will be supported),
- it should support SAML 2.0 and therefore offer support for federated identity management
- it will be start and accessible from within a browser
- Common Criteria evaluation has to be possible
- it will support all smart cards, for which the card info files are available.
As the Open eCard App is designed to be as lightweight and usable as possible and will be distributed under a suitable open source license, it will provide an interesting open alternative to the currently available clients for the German eID card.
More details:

Austrian eGov Federation exceeds 200 applications

The Austrian Portalverbund, registered 200 eGovernment applications in the 10th year of production operation. This is number 4 in the Kantara Global Trust Framwork Survey in the Relying Party category. In addition to these applications an estimated 1500 applications are operated in the same technical infrastructure, but under bilateral agreements or in an enterprise context. This shows a clear network effect with the majority of government employees as active users in the federation.
Portalverbund is an intra-government federation of federal, state and local government agencies and social insurance bodies. 

NSTIC moves ahead establishing a governance structure

2 months ago NIST released its recommendations on establishing a governance structure. While 12 groups worked out proposals to convene and support the Identity Ecosystem Steering Group, NIST published their own draft of definitions and by-laws to foster the dicussion. This draft describes the structure, responsibility of roles, policies and procedures to support the charter that was included in the recommendations. 
With the selection of pilot projects due in August 2012 and the establishment of the governance structure the next big milestone for NSTIC is in reach.

Intel SSO: not new, but with opportunity in HW-integrated SSO

The 451 Group's whitepaper analyzes the Intel/McAfee strategy to enter the identity management-as-a-service market. Like Symantec Intel parters with, enabling Salesfore to become an IdP. 


Subscribe to RSS