François Chung, Ph.D.

Tag: belgium

Summer trainings 2022

Summer trainings 2022

Red Cross training, Belgium (2022). This series of summer training courses, which are divided between face-to-face and virtual sessions, is a learning opportunity offered by the Red Cross to all of its members during the summer. Although these trainings are not necessarily related to a particular activity, they are intended to be useful not only within the activities of the Red Cross, but also in the private lives of its members.

Sketchnoting

Main topics:

  • Basic shapes;
  • Typography;
  • Containers and banners;
  • Visual path;
  • Characters;
  • Pictograms;
  • Effects and colors.

Collective intelligence

Main topics:

  • Improve the effectiveness of meetings;
  • Power of the circular mode;
  • Me, in your place;
  • Participatory cycles;
  • Analysis of the levers of change;
  • Development of a mature proposal;
  • Individual decision with consultation;
  • Collective decision by consent.

Applied salutogenesis

Main topics:

  • Develop your capacity for resilience;
  • Consistency and good health;
  • Salutogenesis as a shield through life;
  • Levels of response to a crisis;
  • Get an individual or a team out of a stressful situation;
  • Nourish the 3 salutogenic dimensions;
  • Veracity vs salutogenic conditions.

Moving forward in uncertainty

Main topics:

  • Volatility, Uncertainty, Complexity, Ambiguity (VUCA);
  • Iterative cycles;
  • Kanban and backlog;
  • Lessons learned;
  • Continuous improvement applied;
  • Client-team relationship;
  • Project brief.

Reference

Learn more

Croix-Rouge de Belgique (Belgian Red Cross)

Digital identity wallet

Digital identity wallet

Zetes project @Brussels, Belgium (2022). For many years, transactional and online services have relied on end users using devices such as desktop computers and laptops. Therefore, solutions for remote identity proofing and digital signatures have been designed to the characteristics of such devices. However, these devices are more and more replaced by mobile devices such as tablets and smartphones, which raises new challenges.

For example, smart cards and tokens, which are typically connected to desktop computers and laptops using USB devices, cannot be easily connected to smartphones, or cannot at all. Furthermore, given developments in cloud computing, solutions have emerged in the last few years where the process of digital signature creation is done in a distributed way by different systems that may be controlled by different actors.

This is why recent standards have introduced the concept of mobile identity (e.g. driving licence in association with a mobile device) and electronic signature created using a remote signature creation device (i.e. electronic signature device is replaced by cloud-based services offered and managed by a trusted service provider), which can be both made available to the end user through a digital identity wallet as a smartphone app.

The related standards are:

  • ISO/IEC 18013-5:2021 - Personal identification, ISO-compliant driving licence, Part 5: Mobile driving licence (mDL) application;
  • ETSI TS 119 432 - Electronic Signatures and Infrastructures (ESI), Protocols for remote digital signature creation;
  • CSC standard - Architectures and protocols for remote signature applications.

In this project, my tasks are first related to the analysis of these standards so as to investigate how they could be implemented in practice and what is their impact on the project scope. Then, my tasks are related to the analysis of business needs (whether internal or from the customer), software implementation (e.g. software releases and documentation) and project management (e.g. project coordination with the customer).

References

ArchiMate 3 in practice

ArchiMate 3 in practice

Orsys training, Belgium (2022). This 2-day on-site training introduces ArchiMate, an open enterprise architecture modeling language to support the description, analysis and visualization of architecture within and across business domains. ArchiMate offers a common language for describing the construction and operation of business processes, organizational structures, information flows, IT systems and technical infrastructure.

Day 1

Main topics:

  • ArchiMate 3.0: Core Framework, standard and benefits;
  • The Open Group Architecture Framework (TOGAF);
  • Elements: aspects and relationships;
  • Business layer: essentials and hands-on;
  • Application layer: essentials and hands-on;
  • Information structure;
  • Cross-layer relationships.

Day 2

Main topics:

  • Technology layer: essentials and hands-on;
  • ArchiMate: layered and total views;
  • ArchiMate viewpoints;
  • Motivation view;
  • Services in ArchiMate;
  • Vertical slicing through the layers.

References

Related articles

Learn more

Identity proofing

Identity proofing

Zetes project @Brussels, Belgium (2021). Identity proofing consists in verifying for a given level of assurance that a person, who is claiming an identity, is indeed the correct person. This identity proofing process can be performed manually by a human operator, either on site (through physical presence) or online (remotely through videoconference), but also automatically (e.g. fully automated online or in a controlled environment).

At the European level, the European Telecommunications Standards Institute (ETSI) is working on technical specification ETSI TS 119 46 to lay the foundations on a new identity proofing standard, whose aim is to be applicable in areas such as the issuance of electronic identity (eID) and Know Your Customer (KYC) processes, with several person types considered: natural person, legal person, and natural person representing a legal person.

One of the objectives of this specification is to provide controls against two main identity proofing threats:

  • Falsified evidence: A person claims an incorrect identity using forged evidence;
  • Identity theft: A person uses valid evidence associated with another person.

Therefore, implementing identity proofing requires a risk-based and outcome-based approach where requirements can be tuned up to a desired level of assurance (i.e. degree of certainty) of the result, depending on the context (e.g. purpose of the identity proofing, regulatory environment, acceptable risk regarding the result of the process).

In this project, my tasks are related to the analysis of technical specification ETSI TS 119 46 so as to investigate what parts of the identity proofing process are already developed and available at Zetes (and therefore could be reused), how the missing parts can be implemented in practice and what are the possible impacts of the implementation on the existing products and solutions.

References

Project

Related articles

Learn more

ETSI - European Telecommunications Standards Institute

PKI for identity documents

PKI for identity documents

Zetes project @Brussels, Belgium (2021). A Public Key Infrastructure (PKI) is a set of physical components (e.g. computers and hardware), human procedures (e.g. checks and validation) and software (e.g. system and applications) intended to manage the public keys of the users of a system. The objective is the secure electronic transfer of information for a range of online activities, such as e-commerce and electronic identification (eID).

In the case of electronic identity documents, such as the identity card, a PKI makes it possible to bind public keys to the identity of citizens, whose personal information is not only printed on the identity card, but also stored in the identity card chip. This system not only allows citizens to use their card to identify themselves online (authentication), but also to sign digital documents using a Qualified Electronic Signature (QES).

A PKI can also be used in an international scheme, such as for the verification of passports at country borders. In that case, a country emits passports for its citizens and also puts in place a PKI to allow other countries to check those passports. This means that, when a citizen presents a passport at the border control, the inspection system checks the identity information both printed on the passport and stored in the passport chip.

As a Functional Analyst and Product Owner within Zetes People ID’s development team, my tasks are related to the analysis of PKI software needs, whether internal or from the customer (e.g. requirement gathering and product presentation), PKI software implementation (e.g. software releases and documentation) and project management (e.g. project coordination during change requests).

References

Related article

Identity proofing (Zetes project)

Learn more