DOCSLIB.ORG

ICAO's MRTD Report

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

ICAOINTERNATIONAL CIVIL AVIATION ORGANIZATION MRTD REPORT Stressing Security As ePassport technology defies its critics and privacy groups begin to better understand the scope and purpose of the biometric chip, more and more States are continuing to implement the world’s most secure solution to the interoperable travel document. Also in this Issue: ePassport PKI and the ICAO PKD, Interoperability Overview, EAC Roll-out, In-House MRTD Training, CSCA Certificates Overview List, Maldives Implementation, ICAO’s role in MRTD advancement Vol. 2, No 2 Contents Editorial: Taking an Active Role . 3 Mauricio Siciliano discusses the more proactive role being taken by ICAO and industry stakeholders in communicating the facts behind MRTD and ePassport technology. ICAO MRTD REPORT VOLUME 2, NUMBER 2, 2007 Editorial Managing Editor: Mauricio Siciliano MRTD Programme—Specifications and Guidance Material Section Tel: +1 (514) 954-8219 ext. 7068 E-mail : [email protected] ePassports: The Secure Solution . 4 ISO Task Force on New Technologies Chair Barry Kefauver confronts recent media Anthony Philbin Communications and hacker claims surrounding the security and privacy of contactless chips, Senior Editor: Anthony Philbin Copy Editor: Robert Ronald detailing the unprecedented multilateral and technological achievement represented Tel: +01 (514) 886-7746 by ePassport interoperability. E-mail: [email protected] Web Site: www.philbin.ca ePassport PKI and the ICAO PKD: The Australian Perspective . 12 Production and Design Australian passport official Ross Greenwood, Chairman of the 2007 ICAO PKD Bang Marketing board, describes the reasons for supporting ePassport validation at border clearance Stéphanie Kennan and makes the business case for Member State participation in the ICAO PKD. Tel: +01 (514) 849-2264 E-mail: [email protected] Web Site: www.bang-marketing.com Achieving Interoperability . 16 Claudia Hager, MBA, Executive Director of the Austrian State Printing House Advertising (OeSD), describes in depth the series of multilateral tests that led to the development FCM Communications Inc. of a truly interoperable contactless chip for ePassport use. Mr. Yves Allard Tel: +01 (450) 677-3535 Fax: +01 (450) 677-4445 The Second Generation of ePassports . 20 E-mail: [email protected] Excerpts from the Gemalto White Paper discussing the inclusion of fingerprint biometrics for enhanced security and privacy. Submissions The MRTD Report encourages submissions from inte - MRTD eLearning Programme . rested individuals, organizations and States wishing 30 to share updates, perspectives or analysis related to When ICAO went shopping for the ideal solution to provide states with the global civil aviation. For further information on sub- background and know-how they’d need on MRTD issues, Aine ni Fhloinn and mission deadlines and planned issue topics for future editions of the MRTD Report, please contact Mauricio inHouse Training had an affordable, customized solution. Siciliano, managing editor at: [email protected] CSCA Overview List . 32 Opinions expressed in signed articles or in adverti- sements appearing in the ICAO MRTD Report repre- Sjef Broekhaar and Jan Verschuren of the Ministry of the Interior and Kingdom sent the author’s or advertiser’s opinion and do not Relations, The Netherlands, discuss the IF4TD proposal for the distribution of CSCA necessarily reflect the views of ICAO. The mention of certificates. specific companies or products in articles or adver- tisements does not imply that they are endorsed or recommended by ICAO in preference to others of a Maldives ePassport Initiative . 36 similar nature which are not mentioned or advertised. Together with partners OeSD, Iris Corporation and NXP (formerly Philips), the The publishers extend their thanks to the companies, Maldivian Travel Document Section makes its transition to new ePassport organizations and photographers who graciously specifications, getting their programme up and running a mere ten months after supplied photographs for this issue. they established their goal. MRTD Report – Number 2 – 2007 Published by International Civil Aviation Organization (ICAO) Facing the Future . 38 999 University Street An overview of ICAO’s role in providing the necessary leadership and implementation Montréal, Québec assistance relating to new MRTD specifications. Canada H3C 5H7 The objective of the ICAO MRTD Report is to provide TAG MRTD RFI . 40 a comprehensive account of new developments, Details of the ICAO Technical Advisory Group on Machine-Readable Travel trends, innovations and applications in the field of MRTDs to the Contracting States of ICAO and the Documents’ (TAG MRTD) request for information relating to new and improving international aeronautical and security communities. MRTD and ePassport technologies. Copyright © 2007 International Civil Aviation Organization MRTD Glossary of Terms . 43 EDITOR'S NOTE Taking an Active Role In a time when tremendous efforts are being made regar ding the consistent and secure standardization of travel documents, the ePassport still has many faces. The world’s aviation and security communities are continuing to finalize issuance pro - cesses that respect minimum quality standards, local regulations, citizen rights and worldwide interoperabi lity requirements, but these goals are much closer now to being realized thanks to an unprecedented multilateral effort between State and in- dustry experts. For the last 30 years, ICAO has been the leader and prima ry forum for achieving world-class standards for ePassport docu- ments. But setting the standards in this field is only one of ICAO’s functions. The ICAO Specifications and Guidance Mate- rial (SGM) Section is also committed to continue developing, improving, educating and promoting worldwide implementa- tion of MRTD and eMRTD standards and specifications. During the TAG/MRTD 17 meeting held in ICAO Headquarters last March, the Secretariat committed to prepare and put into action a communications strategy that would see the Organi- Should any of these issues be of particular concern to mem- zation playing a more active role in informing and educating bers of our readership, we would suggest that they contact the government administrations, private entities and the general MRTD Programme Office by visiting the ‘Contact Us’ section of public regarding the content of the MRTD Programme and its the MRTD web site at: http://mrtd.icao.int. Your input, concerns significant benefits for international air transport and national and requests in this field will be essential to help us build a security agencies. This role is even more significant today in comprehensive set of articles, information papers and presen- view of the present worldwide implementation of the ePassport, tations that will address these issues and reinforce the credi- not to mention the troubling misinformation that has been gene- bility and global consensus surrounding this important effort. rated by hackers and privacy groups who have made headline- grabbing but ultimately baseless claims regarding the threats Finally, you'll notice that this latest issue of the ICAO MRTD that contactless chips pose to the security and privacy of the Report has a new look and feel. This new approach is part of world’s travellers. an overall re-branding of ICAO's magazines to help stress the central role that ICAO plays in the global aviation com- In this issue of the ICAO MRTD Report we interview Mr. Barry munity, and to ensure that the Organization is clearly identi- Kefauver, formerly of the US Department of State, who cur- fied with the important work it carries out on behalf of all of rently chairs the ISO Task Force on new technologies of the aviation's stakeholders. We encourage any comments or TAG/MRTD on the security and privacy issues related to the feedback on this new design and focus and hope that these MRTD Report – Number 2 – 2007 ePassports. This is the first of a series of interviews, articles and changes have helped to make the MRTD Report more infor - reference materials that will address the specific and general mative and user-friendly. concerns that have recently been brought forward at conferen- ces and in the media. This body of reference will help to serve Enjoy your reading. States, the media and the general public in more clearly identi- fying and understanding the actual issues and concerns curren - tly being addressed regarding ePassport chip security and Mauricio Siciliano bearer privacy. Editor 3 COVER STORY: BARRY KEFAUVER INTERVIEW ePassports: The Secure Solution THE ePASSPORT HAS ENGENDERED ITS FAIR SHARE OF HEADLINES SINCE ITS IMPLEMENTATION BEGAN SEVERAL YEARS AGO, MOSTLY AS A RESULT OF HACKERS AND PRIVACY GROUPS WHO HAVE MADE FANTASTICAL CLAIMS REGARDING THE THREATS THAT CONTACTLESS CHIPS POSE TO OUR SECURITY AND PRIVACY. BARRY KEFAUVER, FORMERLY OF THE US DEPARTMENT OF STATE AND CURRENTLY A CONSULTANT WHO, AMONG OTHER RESPONSIBILITIES, CHAIRS THE ISO TASK FORCE ON NEW TECHNOLOGIES, OVERSAW SOME OF THE EARLIEST ICAO AND RELATED PROCEEDINGS LOOKING INTO PASSPORT SECURITY, BIOMETRICS AND DATA STORAGE. HE ADDRESSES THE SERIOUS FLAWS IN THE CRITICS’ APPROACHES IN THIS INTERVIEW WITH THE ICAO MRTD REPORT, AND DESCRIBES THE HUGELY SUCCESSFUL TECHNICAL AND MULTILATERAL ACHIEVEMENT REPRESENTED BY THE ePASSPORT INITIATIVE. ICAO MRTD Report: There have been a number of statements made in recent months regarding what are described as ‘privacy and security threats’ associated with the new RFID or ‘e’ Passports.
Recommended publications
  • SECURITY and PRIVACY in the AGE of UBIQUITOUS COMPUTING IFIP - the International Federation for Information Processing

    SECURITY and PRIVACY in the AGE of UBIQUITOUS COMPUTING IFIP - the International Federation for Information Processing

    SECURITY AND PRIVACY IN THE AGE OF UBIQUITOUS COMPUTING IFIP - The International Federation for Information Processing IFIP was founded in 1960 under the auspices of UNESCO, following the First World Computer Congress held in Paris the previous year. An umbrella organization for societies working in information processing, IFIP's aim is two-fold: to support information processing within its member countries and to encourage technology transfer to developing nations. As its mission statement clearly states, IFIP1s mission is to be the leading, truly international, apolitical organization which encourages and assists in the development, exploitation and application of information technology for the benefit of all people. IFIP is a non-profitmaking organization, run almost solely by 2500 volunteers. It operates through a number of technical committees, which organize events and publications. IFIP's events range from an international congress to local seminars, but the most important are: The IFIP World Computer Congress, held every second year; Open conferences; Working conferences. The flagship event is the IFIP World Computer Congress, at which both invited and contributed papers are presented. Contributed papers are rigorously refereed and the rejection rate is high. As with the Congress, participation in the open conferences is open to all and papers may be invited or submitted. Again, submitted papers are stringently refereed. The working conferences are structured differently. They are usually run by a working group and attendance is small and by invitation only. Their purpose is to create an atmosphere conducive to innovation and development. Refereeing is less rigorous and papers are subjected to extensive group discussion.
  • Europe and North America Regional GCED Network Meeting Final Report

    Europe and North America Regional GCED Network Meeting Final Report

    Europe and North America Regional GCED Network Meeting Final Report 21-22 November 2018 Lisbon, Portugal 120, Saemal-ro, Guro-gu, Seoul, Republic of Korea, 08289 Tel.02-774-3956 Fax.02-774-3957 www.unescoapceiu.org Europe and North America Regional GCED Network Meeting Final Report 21-22 November 2018, Lisbon, Portugal Table of Contents List of Acronyms 4 Universities 23 Introduction 5 Observations and General Comments 25 Opening 6 Session 3: Session 1: Addressing the Remaining Gaps on GCED Implementation GCED Global and Regional Overview 8 in Europe and North America 26 • GCED in the Global Education Agenda, and Ministries of Education and National Commissions for UNESCO 27 UNESCO’s Efforts to Realize GCED/ SDG 4.7 9 Universities and Research Institutions 27 • GCED in the Global Agenda, Global Activities of APCEIU 9 Civil Society Organizations 28 • Regional GCED Networks 10 Intergovernmental Organizations 28 GCED in Asia-Pacific 10 Development and Cooperation Agencies and Ministries of Foreign Affairs 29 GCED in Latin America and the Caribbean 11 Discussion and Summary by the Moderator 29 GCED in Sub-Saharan Africa and the Arab States 11 • Regional GCED implementation (Europe and North America) 12 Session 4: Global Education Network 12 Strengthening GCED Implementation Globally and European NGO Confederation for Relief and Development 12 Regionally through Networking 31 Canadian National Commission for UNESCO 13 Recommendations to Improve GCED Networking in UNESCO Venice Office 13 Europe and North America 32 Bridge 47 14 Discussion 33
  • Executive Summary

    Executive Summary

    6th European Conference on Rare Diseases & Orphan Products A better future for Patients: Shaping together the Agenda 2020 Executive Summary A conference organised by Co-organised by The European Conference on Rare Diseases and Orphan Products The European Conference on Rare Diseases & Orphan Products is the unique platform/forum across all rare diseases, across all European countries, bringing together all stakeholders - academics, health care professionals, industry, policy makers, patients’ representatives. It is a biennial event, providing the state-of-the-art of the rare disease environment, monitoring and benchmarking initiatives. It covers research, development of new treatments, health care, social care, information, public health and support at European, national and regional levels. It is synergistic with national and regional conferences, enhancing efforts of all stakeholders. There is no competition with them, but efforts are complementary, fully respecting initiatives of all. Speaker presentations and poster abstracts can be found in the Programme section of the official Conference website at: http://www.rare-diseases.eu/ Find out the latest news about the rare disease community on eurordis.org Sign up to EURORDIS eNews to receive weekly updates Now available in English, French, German, Spanish, Italian, Portuguese and Russian! Table of Contents Acknowledgements and credits ................................................................................................................ 1 Credits, support and legal information
  • TC-11 Factsheet WG 11.2 Pervasive Systems Security

    TC-11 Factsheet WG 11.2 Pervasive Systems Security

    International Federation for Information Processing TC-11 Security and Privacy Protection in Information Processing Systems Factsheet WG 11.2 Pervasive Systems Security Version: 28 August 2020 Website : http://wg112.ifiptc11.org/ Introduction Established in 1985 as the working group on Office Automation, known until 2009 as the working group on Small Systems Security, we have refocussed ourselves as the working group on Pervasive Systems Security. Est. 1985, revised 1992, 1995, 2009 Pervasive systems shall be defined to be large scale systems that are comprised of nodes ranging from RFID tags, through embedded systems, to personal mobile devices, interconnected by a mixture of short range wireless and wide are wired networks. The typical characteristics of a pervasive system are: resource constrained nodes, often physically unreachable or without user interface, whose interconnections often span a large number of administrative domains with conflicting interests. Security of such systems is therefore an emergent property. Aims and scope (last reconfirmed1: 08-2009) To investigate methods and issues in the area of information security related to pervasive systems; and to advance knowledge and awareness of the subject through publications, conferences and other means. The aim is to address pervasive systems security from both a functional, technical, and societal perspective. The scope of the working group shall be to: • Promote the design of the new information security techniques and methods in pervasive systems. • Investigate and report on the information security aspects of information technology products and information services for pervasive systems. • Design guidelines and promote methodologies for the implementation of information security in pervasive systems. • Investigate intelligent token and smart card applications in information security with the aim of making the user less dependent on a single fixed environment.
  • TC-11 Report to Council and TA 2006 21 February 2006 Leon Strous Chairman IFIP TC-11

    TC-11 Report to Council and TA 2006 21 February 2006 Leon Strous Chairman IFIP TC-11

    TC-11 Report to Council and TA 2006 21 February 2006 Leon Strous Chairman IFIP TC-11 PART I. General Assembly a. Meetings held and scheduled. • TC-11 held its' annual meeting on Sunday 29 May 2005 in Chiba, Japan, preceding the SEC2005 conference. Attendance: 20 members, 1 representative, 2 observers. Apologies: 21 members, 1 observer. Absent: 2 members. Resigned: 1 member. • The next annual TC meeting is scheduled for Sunday 21 May 2006 in Karlstad, Sweden, preceding the SEC2006 conference. b. Changes in membership and officers Changes in officers No changes in officers since GA 2005. At the annual meeting in May, the second term of the chairman of wg 11.4 Network & distributed systems security will end. TC membership changes since GA 2005: • Korea: Seung-Won Sohn (new member country) • Portugal: Pedro Manuel Barbosa Veiga (succeeding Luis Sousa Cardoso) Currently TC-11 is missing representatives of the following IFIP full members (list of January 2006): Andorra, Botswana, Brazil, Bulgaria, Canada, Croatia, Ethiopia, Ireland, Israel, Lithuania, Malaysia, Mauritius, Nigeria, Oman, Poland, Russia, Sri Lanka, Syria and Thailand. The representatives of Egypt, India and Singapore have not attended three consecutive meetings and the GA members of these countries will be contacted in order to get active participation. c. Working groups In previous meetings of TC-11, the membership and membership rules of working groups has been extensively discussed. Slow but steady progress is being made by the working groups in establishing sound, international and active membership lists. In order to focus the approach in this respect, the strategy questions that have been sent to all TCs, have also been sent to all TC-11 working groups.
  • Programme Structure

    Programme Structure

    Contents Welcome to WCC 2004 .............................................................................................................. 3 Congress Committees ................................................................................................................ 4 Organisers, Sponsors and Partners ......................................................................................... 6 Programme Structure ................................................................................................................ 8 Programme Overview ............................................................................................................... 9 Programme Highlights ............................................................................................................. 10 Plenary Keynote Addresses .................................................................................................... 11 Schedule of Conferences ........................................................................................................ 16 Schedule of Topical Days ........................................................................................................ 18 Schedule of Workshops ........................................................................................................... 19 Schedule of Tutorials ................................................................................................................ 20 Schedule of Student Forum ...................................................................................................
  • CARDIS'04 Will Bring Together Researchers and Practitioners in the Development and Deployment of Smart Card Technologies and Applications

    CARDIS'04 Will Bring Together Researchers and Practitioners in the Development and Deployment of Smart Card Technologies and Applications

    Sixth Smart Card Research and C A R D I S ' 0 4 Advanced Application IFIP Conference WG 8.8 — Smart Cards WG 11.2 — Small System Security Since 1994, CARDIS has been the premier international research conference dedicated to smart cards and their applications. Every two years the scientific community meets together for the conference. Ten years after, like its predecessors and back to Europe and France, CARDIS'04 will bring together researchers and practitioners in the development and deployment of smart card technologies and applications. The smart card, or, by extension, smart device with its processing power and link to its owner, is the good candidate for the person representation in the Information Society. Smart card or smart device will be the potential human representation or delegate in Ambient Intelligence (Pervasive Computing), where every appliances and computers will be connected, and where control and trust of your environment will be the next decade challenge. Smart card research is of increasing importance as the need for information security increases rapidly, especially in response to new and urgent demands. Smart card with its security features is a seed of secure system and will play a huge role in ID management. In many computer science areas, smart cards introduce new dimensions and disciplines. Disciplines like hardware design, operating system, modelling system, cryptography or distributed systems find new areas of applications or issues but also smart cards create new challenge for these domains. Unlike events devoted to commercial and application aspects of smart cards, CARDIS conferences gather researchers and technologists who are focused in all aspects of the design, development, deployment, validation and application of smart cards or smart personal devices.