Best International Practices in e-Government Security:
David W Chadwick
David Chadwick is Professor of Information Systems Security at the University of Kent and Managing Director of TrueTrust Ltd. He is the leader of the Information Systems Security Research Group (http://www.cs.kent.ac.uk/research/groups/iss/index.html) and a member of IEEE and ACM. He has published widely, with over 140 publications in international journals, conferences and workshops, including 5 books, 14 book chapters, 25 journals (see http://www.cs.kent.ac.uk/people/staff/dwc8/pubs.html) and successfully managed over 25 research projects. He has served as a PC member of over 100 international conferences and been the PC Chair for 5 and co chair for 2.
He specialises in Public Key Infrastructures, Privilege Management Infrastructures, Trust Management, Identity Management, Privacy Management, Cloud Security and Internet Security research in general. Current research topics include: attribute aggregation, policy based authorisation, cloud security, the management of trust, recognition and delegation of authority and autonomic access controls. He actively participates in standardisation activities, is the UK BSI representative to X.509 standards meetings, the chair of the Open Grid Forum OGSA Authorisation Working Group, and a member of OASIS and the Kantara Initiative. He is the author of a number of Internet Drafts, RFCs and OGF documents.
His research group are the creators of PERMIS (www.openpermis.org), an open source X.509 and SAML supported RBAC authorisation infrastructure which has been hardened by the Swiss MOD and released as Open Source Hardened PERMIS at http://www.osor.eu/projects/openpermis. PERMIS is currently integrated with Globus Toolkit, Shibboleth, Apache, the OMII-UK, SAML and XACML
TrueTrust Ltd specialises in training, education and consultancy in the topics mentioned above. It has participated in a number of EC funded projects, including the current Tempus PalGov project with Birzeit University.
Best Practices in Secure Delivery of Online Government Services
This talk will look at the steps departments should take, when they decide to make their services available over the Internet, to ensure that their services and systems remain secure. It is based on a six step process recently introduced by the UK Cabinet Office.