This is a hands-on workshop where members of the EUNIS information security special-interest group and others will be performing a privacy and security assessment of the EMREX protocol.
The outcomes of this evaluation are expected to result in future improvements that benefit the whole user community.
The workshop will be facilitated by experts from the EUNIS information security special-interest group and the ELMO/EMREX community. All Congress delegates are welcome to attend.
10:00-10:05 Welcome and introduction to session (w/Asbjørn Thorsen, CISO Sikt and Thorsten Küfer, Information security officer, FH Münster).
- Scoping the workshop, what we will deliver.
10:05-10:20 ELMO/EMREX general overview (w/Geir Magne Vangen (Technical Director at Sikt) and Tor Fridell, Head of Student Information System at Linkoping)
We split into one privacy and one security group. Øyvind Straume (PVO Sikt) will be chair for the privacy group and Thorsten and Asbjørn will chair the security group.
| Security | Privacy | |
| 10:20-10:35 | Explanation of Github issue on security by design (w/ Prof. Dr. Hermann Strack HS Harz and Mirko Stanic, CTO of EMREX) | Tor Fridell on the privacy issues of EMREX which needs assessment |
| 10:35-12:30 | Security assessment led by Asbjørn Reglund Thorsen and Thorsten Küfer | Privacy assessment led by Øyvind Straume |
Presentation in plenum of results from each group and plan for follow up
12:30-12:40 Privacy team presents their results in powerpoint presentation
12:40-12:50 Security team presents in powerpoint presentation
12:50-13:00 Mirco Stanic, Thorsten Küfer and Asbjørn Reglund Thorsen with the sum-up
- Information on a follow-up workshop?
- Maybe a second meeting within the Vigo week?
