François Chung, Ph.D.

Tag: 2021

Identity proofing

Identity proofing

Zetes project @Brussels, Belgium (2021). Identity proofing consists in verifying for a given level of assurance that a person, who is claiming an identity, is indeed the correct person. This identity proofing process can be performed manually by a human operator, either on site (through physical presence) or online (remotely through videoconference), but also automatically (e.g. fully automated online or in a controlled environment).

At the European level, the European Telecommunications Standards Institute (ETSI) is working on technical specification ETSI TS 119 46 to lay the foundations on a new identity proofing standard, whose aim is to be applicable in areas such as the issuance of electronic identity (eID) and Know Your Customer (KYC) processes, with several person types considered: natural person, legal person, and natural person representing a legal person.

One of the objectives of this specification is to provide controls against two main identity proofing threats:

  • Falsified evidence: A person claims an incorrect identity using forged evidence;
  • Identity theft: A person uses valid evidence associated with another person.

Therefore, implementing identity proofing requires a risk-based and outcome-based approach where requirements can be tuned up to a desired level of assurance (i.e. degree of certainty) of the result, depending on the context (e.g. purpose of the identity proofing, regulatory environment, acceptable risk regarding the result of the process).

In this project, my tasks are related to the analysis of technical specification ETSI TS 119 46 so as to investigate what parts of the identity proofing process are already developed and available at Zetes (and therefore could be reused), how the missing parts can be implemented in practice and what are the possible impacts of the implementation on the existing products and solutions.

References

Project

Related articles

Learn more

ETSI - European Telecommunications Standards Institute

Business process and decision modeling

Business process and decision modeling

HPI training, MOOC (2021). This online training introduces concepts of business process modeling using the Business Process Model and Notation (BPMN) industry standard. Based on a thorough understanding of BPMN, the last part of the training covers decision models using the Decision Model and Notation (DMN). Decision models complement process models by representing concrete, operational decisions, both with their structure and their decision logics.

Week 1: Introduction to business process management

Main topics:

  • Defining business processes;
  • Business process models;
  • Interacting business processes;
  • Models and instances;
  • Business process lifecycle.

Week 2: Basic business process modeling

Main topics:

  • Process activities;
  • Exclusive and parallel gateways;
  • Inclusive gateways and loops;
  • Start, intermediate and end events;
  • Concurrency.

Week 3: Analyzing the behavior of process models

Main topics:

  • Process behavior;
  • Structural soundness;
  • Simulating business processes;
  • Petri nets and process analysis;
  • Checking soundness.

Week 4: Advanced business process modeling

Main topics:

  • Sub-processes and boundary events;
  • Activity modifiers;
  • Event-based gateway;
  • Modeling organizations;
  • Resource allocation patterns.

Week 5: Data in business process models

Main topics:

  • Organizing process models;
  • Data and data flow;
  • Data execution semantics;
  • Structured data and sub-processes;
  • Object lifecycle conformance.

Week 6: Business decision modeling

Main topics:

  • Implementation of decisions;
  • Decision requirements diagrams;
  • Semantics of decision tables;
  • Analysis of decision tables;
  • Consistency of processes and decisions.

References

Related articles

ArchiMate 3 in practice (Orsys training)
UML class diagrams (edX training)

Learn more

BPMN - Business Process Model and Notation
DMN - Decision Model and Notation
openHPI - Hasso Plattner Institute

PKI for identity documents

PKI for identity documents

Zetes project @Brussels, Belgium (2021). A Public Key Infrastructure (PKI) is a set of physical components (e.g. computers and hardware), human procedures (e.g. checks and validation) and software (e.g. system and applications) intended to manage the public keys of the users of a system. The objective is the secure electronic transfer of information for a range of online activities, such as e-commerce and electronic identification (eID).

In the case of electronic identity documents, such as the identity card, a PKI makes it possible to bind public keys to the identity of citizens, whose personal information is not only printed on the identity card, but also stored in the identity card chip. This system not only allows citizens to use their card to identify themselves online (authentication), but also to sign digital documents using a Qualified Electronic Signature (QES).

A PKI can also be used in an international scheme, such as for the verification of passports at country borders. In that case, a country emits passports for its citizens and also puts in place a PKI to allow other countries to check those passports. This means that, when a citizen presents a passport at the border control, the inspection system checks the identity information both printed on the passport and stored in the passport chip.

As a Functional Analyst and Product Owner within Zetes People ID’s development team, my tasks are related to the analysis of PKI software needs, whether internal or from the customer (e.g. requirement gathering and product presentation), PKI software implementation (e.g. software releases and documentation) and project management (e.g. project coordination during change requests).

References

Related article

Identity proofing (Zetes project)

Learn more