=Paper=
{{Paper
|id=Vol-3863/preface
|storemode=property
|title=None
|pdfUrl=https://ceur-ws.org/Vol-3863/xpreface.pdf
|volume=Vol-3863
}}
==None==
https://ceur-ws.org/Vol-3863/xpreface.pdf
Giada Sciarretta
Marco Pernpruner
(Eds.)
Proceedings of the
2nd International Workshop on
Trends in Digital Identity
TDI 2024
Rome, Italy
April 9, 2024
�Preface
The “2nd International Workshop on Trends in Digital Identity” (TDI 2024) was held in the
historic city of Rome, Italy, on April 9, 2024. Hosted within the Auditorium Antonianum, the
workshop brought together a diverse group of experts and practitioners to explore the latest
developments and challenges in digital identity. TDI 2024 was co-located with the “9th OAuth
Security Workshop” (OSW 2024), which took place from April 10 to 12, 2024, fostering further
opportunities for collaboration.
Motivation
In an era where digital services are rapidly expanding across sectors such as e-commerce, e-
government, healthcare, and financial services, reliable identity management has become a
critical necessity. The workshop aimed to address key issues in this space, including technical
challenges like security and interoperability, as well as legal and regulatory considerations
around data protection and privacy. The growing complexity of digital identity systems re-
quires input from various disciplines, and this workshop sought to bring together diverse
perspectives to foster cross-sector collaboration.
Structure
The workshop featured a blend of invited talks by national and international experts, along-
side presentations of innovative research contributions, which were submitted in response to
an open call for papers. This format allowed for a comprehensive exploration of both theoret-
ical and practical aspects of digital identity, ensuring a rich exchange of ideas.
The program was organized into five thematic sessions that reflected the multifaceted
nature of digital identity:
• Government and Public Administration: Examined the evolving role of digital iden-
tities in the public sector, with particular attention to regulatory frameworks such as
eIDAS 2 and the European Digital Identity (EUDI) Wallet. Government representatives
shared their perspectives on the development, implementation, and future direction
of digital identity solutions, examining the intersection of policy, technology, and user
trust. The discussions highlighted the role of public institutions in driving the digital
identity agenda, ensuring security, and fostering interoperability across national and
international systems.
• Industry: Speakers from the private sector presented insights into the practical chal-
lenges and opportunities surrounding digital identity management in the industry. The
talks explored the balance between security and usability, the role of trust services, and
the technical frameworks that enable secure information exchange. The session also
examined the growing need for interoperability between different identity systems and
ecosystems, showcasing industry-driven innovations that are shaping the future of dig-
ital identity.
• Research and Innovation: Brought together researchers and innovators to discuss the
latest advances in digital identity technologies. Topics included improving the trust and
security of identity systems, automating identity processes, and exploring new models
for decentralized and user-centric identity management. The speakers also addressed
ii
� challenges related to interoperability, as well as novel cryptographic techniques that
enhance privacy and control in digital identity solutions. This session highlighted the
cutting-edge research in the digital identity field.
• Specifications and Standards: Explored the crucial role of standards in creating se-
cure, interoperable, and scalable identity solutions. The speakers discussed key stan-
dards that underpin digital credentials, the ongoing push for broader adoption of digital
identity wallets, and the importance of open standards in fostering innovation. The ses-
sion emphasized the foundational role that well-developed standards play in enabling
trusted digital identity frameworks.
• Round Table: Featured a multi-disciplinary round-table discussion on eIDAS 2. The
panel brought together key stakeholders from various sectors, including a representa-
tive from government, a voice from the industry, and an expert in standards develop-
ment. This diverse range of perspectives enriched the conversation, which focused on
the practical challenges of adapting to the new regulatory landscape and strategies for
ensuring effective cross-sector collaboration. The round table provided a comprehen-
sive forum for sharing insights and identifying the next steps in the evolving digital
identity ecosystem.
To conclude the workshop, a Welcome Reception was hosted in conjunction with OSW
2024 at Palazzo Merulana. Attendees had the opportunity to engage in meaningful conver-
sations, share experiences, and forge new connections in a relaxed atmosphere. Additionally,
participants were invited to explore a temporary art exhibition housed within the palace.
Call for Papers
To collect and evaluate innovative research contributions, we released a public call for papers
encouraging submissions on a range of topics, including but not limited to:
• Access Control in IoT and Distributed Systems
• Behavioral and Risk-based Authentication Mechanisms
• Compliance with Regulations such as eIDAS (2), PSD2, NIS2
• Decentralized Identity and Self Sovereign Identity
• Digital Wallets and Verifiable Credentials (e.g., selective disclosure and revocation)
• Identification, Onboarding and Know Your Customer (KYC) Procedures
• Identity for Web 3.0 and Metaverse
• Identity Governance and Administration
• Identity of Things and Cloud Security
• Mobile and Strong Authentication
• Passwordless Authentication (including passkeys)
• Privacy-Enhancing Technologies for Identity Management
iii
� • Securing Identities for Financial, Governmental and Health Services
• Session Management for Seamless and Continuous Authentication
• Trust Frameworks for Identity Management Solutions
• Video-based Identity Proofing (e.g., automated face comparison, impersonation attacks,
document analysis)
• Zero Trust Architectures
In response to the call for papers, we received a total of 11 submissions. Each submis-
sion underwent a single-blind peer-review process conducted by at least two members of the
Program Committee, who assessed the papers based on their technical quality, relevance,
originality, significance, and clarity. As a result, 4 papers were accepted for publication in this
volume (3 classified as regular papers and 1 as a short paper), while 2 papers were accepted
solely for oral presentation at the workshop. Additionally, this volume includes invited papers
derived from presentations given during the workshop.
Further details can be found on the official website of the event, available at the following
link: https://st.fbk.eu/events/TDI2024/.
Giada Sciarretta and Marco Pernpruner
TDI 2024 Program Co-Chairs
iv
�Committees
Program Co-Chairs
Giada Sciarretta Fondazione Bruno Kessler
Marco Pernpruner Fondazione Bruno Kessler and University of Genoa
Program Committee
Francesco Buccafurri University of Reggio Calabria
Daniel Fett Authlete
Ralf Küsters University of Stuttgart
Cecilia Pasquini Fondazione Bruno Kessler
Amir Sharif Fondazione Bruno Kessler
Luca Viganò King’s College London
Nicola Zannone Eindhoven University of Technology
Organizing Committee
Roberto Carbone Fondazione Bruno Kessler
Marco Pernpruner Fondazione Bruno Kessler and University of Genoa
Silvio Ranise Fondazione Bruno Kessler and University of Trento
Giada Sciarretta Fondazione Bruno Kessler
Amir Sharif Fondazione Bruno Kessler
v
�Program
Opening Session
• Introductory Remarks
Giada Sciarretta, Marco Pernpruner (Program Co-Chairs)
Session 1: Government and Public Administration
Session Chair: Silvio Ranise
• Demystifying the European Digital Identity Wallet: A Clear Insight
Paolo De Rosa (European Commission)
• Bridging Legal Requirements and Technical Solutions for the EUDI Wallet
Giuseppe De Marco (Dipartimento per la Trasformazione Digitale, DTD), Francesco Anto-
nio Marino (Poligrafico e Zecca dello Stato, IPZS)
• User Binding and Wallet Attestations in the context of eIDAS 2
Paul Bastian (Bundesdruckerei GmbH)
Session 2: Industry
Session Chair: Paolo Campegiani
• Healthy relationships: finding the right balance between trust and control when
sharing confidential information through APIs on a national level
Steinar Noem (Udelt AS)
• GAIN Activity Report: Exploring Technical Feasibility for Inter-Ecosystem Inter-
operability
Takahiko Kawasaki (Authlete, Inc.)
• Qualified Trust Service Providers as main Pillars of the EU Digital Economy
Andras Barsi (Aruba PEC S.p.A.)
• Wallet-like Proof Of Possession on SAML 2.0
Francesco Grauso, Pietro Stroia (PagoPA)
Session 3: Research and Innovation
Session Chair: Marco Pernpruner
• Trust and Assurance in R&E Identity Federations
Davide Vaghetti (GARR)
• A-WAYF: Automated Where Are You From in Multilateral Federations
Erwin Kupris, Tobias Hilbig, David Pierre Sugar, Thomas Schreck (Munich University of
Applied Sciences)
vi
� • Improve Wallet Interoperability and Federation in Blockchain-Based User-Centric
Authentication for Healthcare
Biagio Boi, Franco Cirillo, Marco De Santis, Christian Esposito (University of Salerno)
• Aggregating Digital Identities through Bridging: An Integration of Open Authen-
tication Protocols for Web3 Identifiers
Ben Biedermann (University of Malta and acurraent UG), Joshua Ellul (University of Malta),
Matthew Scerri (WIDE Consortium), Victoria Kozlova (acurraent UG)
• Revocable Anonymous Credentials from Attribute-Based Encryption
Giovanni Bartolomeo (CNIT)
Session 4: Specifications and Standards
Session Chair: Paul Bastian
• Securing the Foundations of Verifiable Credential Ecosystems
Daniel Fett (Authlete, Inc.)
• Crossing the Chasm: Trusted and Seamless Digital Identity Wallets Going Main-
stream
Kristina Yasuda (SPRIND – Bundesagentur für Sprunginnovationen)
• The role of standards in Open Source Software Development
Torsten Lodderstedt (OpenWallet Foundation)
• TLS 2.0 Adopting the OpenID Federation 1.0 Trust Chain: a New Paradigm for In-
ternet Security
Vladimir Dzhuvinov (Connect2id)
Session 5: Round Table
Session Chair: Silvio Ranise
• eIDAS2: now that is final, how do we deal with it?
Paolo Campegiani (Namirial SpA), Paolo De Rosa (European Commission), Daniel Fett
(Authlete, Inc.)
vii
�Sponsors
We thank our sponsors for supporting the organization of TDI and OSW 2024.
Main Sponsor
Gold Sponsors
Silver Sponsor
Bronze Sponsor
viii
�Table of Contents
Invited Paper
eIDAS Regulation: History, Key Success Factors, and Future Developments . . 1–5
Paolo Campegiani
Regular Papers
A-WAYF: Automated Where Are You From in Multilateral Federations . . . 6–17
Erwin Kupris, Tobias Hilbig, David Pierre Sugar, Thomas Schreck
Bridging eIDAS 2.0 Legal Requirements and Technical Solutions . . . . . . 18–30
Giuseppe De Marco, Francesco Antonio Marino, Andrea De Maria
Improve Wallet Interoperability and Federation in Blockchain-Based User-
Centric Authentication for Healthcare . . . . . . . . . . . . . . . . 31–42
Biagio Boi, Franco Cirillo, Marco De Santis, Christian Esposito
Short Paper
Trust and Identity Assurance in Research and Education Identity
Federations . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43–47
Davide Vaghetti
ix
�