Home > Pre-Program
last update: June 25, 2015
This preliminary version will be enriched continuously in the coming weeks. Keep posted and follow us on LinkedIn and Twitter!

Day 1 - Tuesday Sept. 15

Connect Security World
ID & Cybersecurity topics
@ Smart Innovation Show
Day 1
Day 1
Tackling identity theft at EU level
Exhibition Opening

DAY 1 –Tuesday Sept. 15
10.00am - 1.00pm: Opening Session Part 1 | 1.00pm -2.00pm: Lunch | 2.00pm– 6.30pm:  Opening Session Part 2
| 3.50pm – 4.30pm: Coffee & Refreshment Break – Networking – Smart Innovation Show

A cross-disciplinary day including panels to outline the next five years changes and challenges for the connected consumers, citizens, employees, cities and smart devices.
The Plenary Opening is common to the five World Smart Week conferences (Smart Contactless Word, M2M Innovation World, World e-ID & Cybersecurity, Connect Security World and Smart Cities Day): their delegates are invited to meet and exchange on common themes!
The connected security in 5 years
First keynotes announced
Donna Dodson, Chief Cybersecurity Advisor and Executive Director CCoE, US NIST
Samia Melhem, Lead Policy Officer, Global ICT Group, World Bank
Helmut Scherzer, Senior Technology Manager CTO Office, Giesecke & Devrient
Dr. Angelika Steinacker, IAM Competency Leader Europe / Global Security Practice, IBM
The Connected consumer in 5 years
First keynotes announced
François-Xavier Godron, Director Contactless Services, Orange
Michel Léger, Senior VP Innovation, Ingenico
Koichi Tagawa, Chairman, NFC Forum
Mung Ki Woo, Executive VP, Digital Platforms, MasterCard Worldwide

1.00 – 2.00pm: Lunch – Networking  - Opening of the Smart Innovation Show Exhibition
The connected city in 5 years
First keynote announced
Liora Shechter, CIO, (Smart) City of Tel Aviv
The connected objects and systems in 5 years
First keynotes announced
Dirk Slama, Director of Business Development, Bosch Software Innovations Germany
Pr. Janusz Filipiak, Founder & CEO, Comarch
Jim Morrish, Founder & Chief Research Officer, Machina Research
Dr. Mohan Reddy, Founder & Chairman, Cyient

EKSISTENZ combats the identity thief by creating a real and strong link between the citizen and its primary identity document.
The partners of this EU funded project will share their latest findings and innovative responses.

(program to be released soon)

DAY 2 – Wednesday Sept. 16

9.00am - 1.00pm: Conference | 10.50 - 11.20am: Coffee & Refreshments Break – Networking – Smart Innovation Show
Securing IoT Devices, Infrastructure and Ecosystems
The world of connected “everything” offers an exciting future, but it presents unprecedented challenges in the way we secure and manage devices, the data they produce, and entire systems themselves. This session reviews the different options to integrate security in the IoT context at device, infrastructure, standards and ecosystems levels. Multiple focuses on specific use cases will show also the evolving needs.
Threat Modelling for the Internet of Things
Eric Vetillard, Product Manager, Java Card and IoT Security, Oracle, France
• Identifying the specific threats to Internet of Things More
• Mitigation of threats around an IoT Cloud Service
• Countermeasures applied on an IoT Gateway
• Determining the appropriate level of security for a deployment
Creating a 'Fabric of Trust' for IoT
Phil Attfield, CEO, Sequitur Labs, USA
• Scalable management framework with highly flexible deployment options: data center/cloud, gateways, mobile devices, Internet of Things, or other embedded devices More
• Distributed, end-to-end device and service management of IoT and mobile devices via trusted-execution-environment (TEE) and/or secure element, backed by hardware root of trust
• Programmable policy enabling real time, event driven, context aware security & management
• Use-case scenarios that position the management & control framework in terms of enterprise, industrial & consumer applications.
Rethinking Security for the Internet of Things
Mikael Dubreucq, IoT Marketing Director, Inside Secure, France
• The IoT ecosystem will require flexible levels of protection: optimized and adapted for the object to object environment More
• Which IoT security solution (chip, HW platform, software & applications) is best depends on the use case
• The right security architecture for IoT will secure the root of trust in the value chain
Developing the Right Architecture for Secure IoT Devices
Kerry Maletsky, Senior Director, Cryptographic Products, ATMEL, USA
• IoT designers cannot ignore the accelerating rate of publicized security problems More
• IoT Systems can be re-architected to include cost effective hardware security
• Most current systems can be easily attacked in multiple ways
• Every IoT device, no matter how small, needs to include hardware security
Privacy Issues in 6LoWPAN Wireless Sensor Networks
Florian Pebay-Peyroula, Head of connected objects/systems security Laboratory, CEA, France
• Description of 6LoWPAN standard and protocols More
• Analysis of privacy information contained in the headers when no security is used
• Study of private information still disclosed when security is enabled
• Synthesis of information intercepted in a 6LoWPAN network with a proper use of the security
Connected Health and Cybersecurity
Edmond Cisse, IS Risk Manager, URAEUS Consult, France
• IoT and BYOD concepts growing implantation in healthcare industry More
• Focus on new intentional cyber-threats against healthcare organizations
• The cybersecurity threats mitigation tools (regulations, risk management, controls… )

1.00 – 2.00pm: Lunch – Networking – Smart Innovation Show  | 2.00 – 6.45pm: Conference
| 3.50 – 4.30pm: Coffee & Refreshments Break – Networking – Smart Innovation Show

Cloud Services Security
The sessions address the latest issues in security and privacy ofcloud services/data, mainly seen from a client-side security perspective. Besides virtualization risks and HSMs, "end -to-end encryption vs client-side encryption for cloud" debate is on the agenda.
Cloud Centric Data Security
Michael Osborne, Manager Cloud Solutions and Security, IBM Research Division, Zurich Research Laboratory
· Extracting business insights from big data using cloud technologies More
• The uniqueness of data
• The challenges with protecting data, approaches to desensitising data
• Insight into the future data protection technologies
How One to One Sharing Enforces Secure Collaboration
Laurent Henocque, Founder and CEO, Keeex, France
• Cloud and sharing solutions abound, but do not make our life easier More
• Collaborating over heterogeneous clouds or systems is impossible in confidentiality
• Secure One2one sharing over legacy cloud/technical solutions solves the problem
End-to-End Encryption Vs Client-Side Encryption for Cloud
Speaker TBC

Data Protection for the Perimeterless Enterprise
Speaker TBC

Strong Authentication on the move
DIY ID – Self-Service Models for Secure Mobile Credentials
Chris Edwards, Chief Technology Officer, Intercede, UK
• How can ‘bring your own ID’ work? More
• How can we derive verifiable credentials from a range of breeder documents?
• How can we protect and trust derived credentials?
• When should we use self-asserted identities?
Why we need an Offline Personal Authentication Device
Audun Josang, Professor, University of Oslo, Norway
• The OffPAD (offline personal authentication device) concept More
• Portable multilateral authentication
• Id model and device compatibility
• Immunity against malware
A Password Is Not Enough
Ing. Boudewijn Kiljan, CTO, Wave Systems EMEA, Netherlands
• Multifactor authentication is required as password does not provide sufficient security anymore More
• A couple a challenges exist
• Many of those authentication challenges are covered by using Virtual Smartcards

Authentication "Vs." Biometrics?
Advances in Biometrics for an ID Government program
Salvatore Francomacaro, Information Technology Lab, Computer Security Division, NIST
• The real experience of biometrics in government applications - Performance testing results for Face, Fingerprint, Iris, Voice and the studies of multibiometric fusion More
• Disregarding the limitations of biometrics when implemented on resource constrained and ergonomically limited mobile and IoT devices, there are still constraints fundamental to each biometry
BIOPRIV: A Systematic Approach to Privacy by Design for Biometric Access Control
Julien Bernet, Senior Security Consultant, Trusted Labs, France
• Definition of a systematic method for privacy by design More
• Integration of privacy requirements in the design of a biometric system
• Evaluation of a solution with respect to privacy requirements
• Make privacy by design achievable at reasonable costs
Identity Protection and Privacy: Is There Hope for Wearable Security?
Jerome Schang, Cyber Security & Wearable Global Business Development Manager, NXP Semiconductors, USA
• Secure payment and access for wearable More
• Biometric challenges for wearable
• Leading the way towards FDA/HIPAA/FTC Telehealth standards`

DAY 3 – Thursday Sept. 17
9.00am – 1.00pm: Conference | 10.30 – 11.15am: Coffee & Refreshments Break – Networking – Smart Innovation Show

Mobile ID: Smartphone as an Identity Token
(jointly with World e-ID & Cybersecurity)
Electronic identity is more and more the bond of trust between citizens and online public services, and in some countries banking services. As m-payment industry is looking for stronger customer authentication, Mobile ID solutions can provide a strong level of identity assurance while keeping it simple for end users. Review of the latest mobile ID projects round the world, their convergence with m-payment and the technology requirements.
Mobile Identity – The Fusion of Financial Services, Mobility and Identity in a Hyper-Connected World
Rocky Scopelliti, Global Industry Executive – Banking, Finance & Insurance, Telstra, Australia
• In a world where the smartphone has become the link between our human identity and our digital one, how do consumers now prefer to be identified? More
• How can mobile technologies shift the trust paradigm from one of having to prove who we are, to one of being recognised for whom we are?
National Mobile ID Schemes: Learning from Today's Best Practices
Coralie Mesnard, Digital Identity Solutions Marketing Manager, Gemalto, France
• Unique study on Mobile ID in 14 countries/regions More
• Give some readability on Mobile ID projects : trends are shown
• Lessons learnt: Learning from past experience and today’s best practices
• Not about Gemalto but countries
Orange & GSMA Mobile ID experience (TBA)
Speaker from Orange TBC

Where e-Payments and Mobile ID Meet
David Ruana, Product Manager, Safelayer Secure Communications, Spain
• Using National eIDs, in general, and MobileID, in particular, as a form of identification for e-payments More
• eIDAS contribution to the e-payment industry
• Compliance with SecuRe Pay and Payment Service Directive (PSD2) in the EU
Virtual Secure Element and Digital Driving License, the Future of Electronic Documents
Sébastien Bahloul, Product Manager, Morpho, France
• What are the key drivers for shifting from hardware secure and electronic documents to virtual eID? More
• What are the countries/states engaged in this route?
• What are the legal and technical challenges?
Mobile ID – Strong Authentication Tool for e-Services
Jana Krimpe, Founder “B.est Solutions” LLC,  Head of the Mobile ID project consortium in the Republic of Azerbaijan
• How to establish Mobile ID infrastructure based on private-public-partnership (PPP) model? More
• Asan İmza (Mobile ID) – a technology needed for moving from e-government to m-government
• How Asan İmza functions – the complete description of the Mobile ID ecosystem in Azerbaijan
• Cases of use of Asan İmza – from e-services to cross-border digital signature platforms
Realizing Mobile Identity Solutions with GlobalPlatform Specifications
Gil Bernabeu, Technical Director, GlobalPlatform, USA
• An overview of the mobile ID landscape, key use cases and enabling technologies More
• An insight into how GlobalPlatform Specifications can be leveraged to meet the mobile ID needs for a wide variety of markets such as government-to-government, government-to-citizen, enterprise, eHealth, financial and commercial
• An explanation of the key findings from GlobalPlatform’s mobile ID white paper
PANEL DEBATE: e-ID-services goes mobiles: lessons and perspectives

Delivering Secure Mobile Services

Mobile (smart) devices opened a new chapter for the security industry. This session will review the challenge posed to service providers and enterprises to ally security limitations within mobility with the users wish for usability.
Windows 10 Security Approach (title TBC)
Janne Uusilehto, Head of Product Security & Privacy for Smart Devices, Microsoft

Mobile Security Technologies Revolutionize Consumer and Enterprise Applications
Thierry Spanjaard, CEO & Principal, Smart Insights, France
• Mobile security: an issue More
• TEE: software vs. hardware, functionalities, threats, standardization, etc.
• TEE security applications: corporate security, content management,mobile payment, etc.
• Mobile forecast and market trends
Hookdroid –Dynamic Analysis of Android Applications on Real-World Devices
Valerio Costamagna, PhD Student, University of Turin, Italy
• Android applications dynamic instrumentation on real-world devices More
• Supporting latest Android runtime (ART)
• Android application behaviour analysis and anomaly detection at runtime

Mobile Device Security
GlobalPlatform’s Secure Component and the Root of Trust
Gil Bernabeu, Technical Director, GlobalPlatform, USA
Gil Bernabeu, Technical Director, GlobalPlatform, USA • Insight into the need for a root of trust in delivering secure mobile services. More
• Overview of the two secure components as defined by GlobalPlatform.
• Details of why a trusted certification and compliance program are needed to support the development of a scalable and interoperable ecosystem.
Trusted Execution Environment in a Virtual Machine
Mike Borza, CTO, Elliptic Technologies, Canada
Mike Borza, CTO, Elliptic Technologies, Canada • Virtualizing the SoC architecture extends the usual notion of virtualization beyond the CPU More
• Virtualization at this level has implications at the lowest levels of the IC architecture
• Hardware virtualization allows enforcement of the separation between virtual machines
TAM for TEE – Trusted Application Delivery
Chris Edwards, Chief Technology Officer, Intercede, UK
• Trusted Execution Environments offer significant security benefits" More
• TEE adoption has been held back until recently by the cost and complexity of deployment
• The Trusted Application lifecycle
• Practical experiences of deploying Trusted Applications via a cloud service
HINT’s Technologies for IC Authenticity & Integrity Checking
Thomas Hübner, Security Projects Manager, Morpho, Germany
• Final results of European research initiative HINT More
• R&D on hardware integrity checks based on PUFs and Hardware Trojan detection
• Industry-driven use case scenarios on ID cards and PMR
• Presentation and evaluation of application prototypes

1.00 – 2.00pm: Lunch – Networking – Smart Innovation Show | 2.00 – 6.45pm: Conference
| 3.50 – 4.30pm: Coffee & Refreshments Break – Networking – Smart Innovation Show

Security for m-Payment & Contactless Transactions
(jointly with Smart Contactless World)
Security is a crucial issue for the contactless services adoption especially with sensitive services such as m-payment. From standards and regulation to Secure Element integrations, this session covers the elements of the security chain required to ensure end users' trust.
Comparative Analysis of Information Security in Contactless Transactions
Matti Penttila, Senior Researcher, VTT Technical Research Centre of Finland
• Different use cases for contactless transactions give different requirements for security More
• What are the common features of different use cases and what are the differences?
• Privacy-related risks in these transactions
Mobile Transaction Security: What do you need to protect?
Robert Fargier, Senior Consultant, ISTIUM, France - Jean-Luc Garnier, Senior Consultant, Knowbile Consulting, France
• Consumers love their smartphones but do not trust it, slowing down mobile services adoption More
• How can we build this trust and which techno do we have at hand to build it?
• Overview of the components that participate the global security fence into mobile devices.
• Value of the data we want to protect: do we need techno or education?
GlobalPlatform’s Value Proposition for mPOS
Kevin Gillick, Executive Director, GlobalPlatform, USA
• Overview of the trusted execution environment (TEE) and the value of the TEE for enabling smartphones as MPOS devices. More
• Insight into the role of the trusted user interface in securing payment transactions.
• Snapshot of GlobalPlatform’s work in this area and details of upcoming developments.

End-to-End Security with NFC
Implications of HCE, SE and TEE-Based Security For Mobile Services
Christian Damour, Security Business Line Manager, FIME, France
• NFC mobile ecosystem main security risks More
• Security implications for HCE, SE and TEE-based mobile services and market status
• A view to the future in mobile payment regarding security aspects
Providing Chip to Cloud Security to Fight Against Cloning and Gray Market
Florent Renahy, Embedded Security Architect IoT, Inside Secure, France
• Provide an innovative and highly secure solution to the counterfeiting problems More
• This solution relies on cutting-edge technologies in the fields of both hardware and software
• The answer to such problems can be achieved by tight combination of relevant products
• The presentation will show different aspects of security, in chip and in mobile phone application
Using Secure Element in the Cloud From HCE-SE Open Platform
Prof. Pascal Urien, Telecom ParisTech, France
• Host Card emulation is a promising technology, does it need an open model? We believe yes. More
• An open technology based on secure elements in the cloud and secure elements hosted in the mobile.
• RACS (Remote APDU Call Secure) is a core building block for this technology
• Open mobile software platform based on these concepts

Overcoming Standards Challenges

Security Tokens are still largely dominated by proprietary or not interoperable solutions and new domains like Big Data, Cloud and IoT added to the growing attention to the Privacy aspects are challenging Security experts in the industry and government. This session explores possible convergences among standards across different area of interest but even across different standards organization.
GlobalPlatform: Supporting the Development of a Global TEE Certification Program
Gil Bernabeu, Technical Director, GlobalPlatform, USA
• The current mobile threat landscape and how it is evolving. More
• The importance of developing a stable and scalable TEE ecosystem and the benefits this brings to the industry.
• GlobalPlatform Trusted Execution Environment Protection Profile and the steps that association has undertaken to gain support from national certification bodies globally
The Path to Inter-Industry Standards for Utilizing Smart Card in Web Applications
Olivier Potonniée, Senior Research Engineer, Gemalto, France
• Web applications using smart cards More
• Review of existing and ongoing standards
• Privacy aware security policies
Privacy and Mobile ID Certification (Title TBC)
Dr. Gisela Meister, Head of Technology Consulting R&D, Standardisation Manager C-TO, Giesecke & Devrient

ID Management and Security: Standards convergence
Salvatore Francomacaro, Information Technology Lab, Computer Security Division, NIST
• ISO: a national and international standardization collaboration More
• ISO standard and Global Platform Specifications
• Overview of the standardization effort in the ID Management and Privacy space effort
PANEL DEBATE: How Can End-to-End Security Benefit From (and Influence) Regional and International Standards?
Expected panellist include ETSI, ISO representatives

End of the Conference