4th ETSI SECURITY

WORKSHOP

ETSI 13 – 14 January 2009

Sophia Antipolis

SECURITY WORKSHOP

SPEAKERS’ BIOGRAPHIES

Charles Brookson, CEng FIET FRSA, BERR

Charles Brookson works in the Department of Business, Enterprise and Regulatory Reform and is a

Professional Electronic Engineer. He previously was Head of Security for one2one (now T-Mobile UK), and

worked within British Telecom for twenty years before. He has worked in many security areas over the

last 30 years, and mobile radio for over 25 years.

He has been Chairman on the GSM Association Security Group for 20 years. He has been working the

GSM and 3GPP security standards, first chairing the Algorithm Expert Group way back in 1986. He is

Chairman of the NISSG, a group that was set up to co-ordinate security standards amongst the three European Security

Standards Organisations and other bodies outside Europe. He is also Chairman of ETSI OCG Security, which is responsible

for security within ETSI He is also on the Permanent Stakeholders group of ENISA, The European Network and

Information Security Agency.

Scott Cadzow, C3L, UK

Scott plies his trade as a standards development expert, primarily for security standards, in a number of International

Standards Development Organisations including ETSI, ITU-T and ISO. In ETSI Scott is or has been the rapporteur for the

TETRA security specifications, the suite of guidance documents for effective security standards development (covering

Common Criteria, Risk analysis, and security requirements engineering), and has acted as an expert to a number of

Specialist Task Forces in TETRA, TISPAN, HF, MTS, eHEALTH and AT-D. He is chairman of the ETSI ITS WG5 (Security)

and also its counterpart in ISO TC204.16, vice-chairman of ETSI Project TETRA WG6 (Security) and the TETRA Security

and Fraud Prevention Group (SFPG), and also vice-chairman of the ETSI Lawful Interception group.

Antonio Conte, European Commission

Antonio Conte graduated in Electronic Engineering from the University "La Sapienza" in Rome (1984).

He joined the European Commission in 1990 as project officer in the telecommunication domain. He has

been involved in the last fifteen years in the development of ICT standardisation initiatives and activities

in support of EU legislation and policies. He currently advises on ICT standardisation policy matters with

a particular focus on e-business, e-government and security issues.

Salvatore D'Antonio, UNINA

Salvatore D'Antonio received the M.S. degree in computer engineering from the University of Naples

'Federico II' in 2000. The same year he joined C.I.N.I., the Italian University Consortium for Computer

Science, as a researcher in the area of multimedia systems and applications. He is currently working at

ITeM, a research laboratory founded by CINI and located in Naples. His research interests include network

monitoring and control, network security, Quality of Service (QoS) provisioning over IP networks, and Quality of

Experience (QoE) assessment. He is currently involved in the following EU funded research projects: NETQoS (Policy-

based management of heterogeneous networks for guaranteed QoS), OneLab (An open networking laboratory supporting

communication network research across heterogeneous environments), and CONTENT (Content networks and services for

home users). He is technical coordinator of INTERSECTION (INfrastructure for heTErogeneous, Resilient, SEcure,

Complex, Tightly Inter-Operating Networks), which is a Collaborative Project co-funded by the European Commission in

the context of the Seventh Framework Programme under the 'Secure, Dependable and Trusted Infrastructures'

subprogramme area. Finally, he is project coordinator of the EU co-funded project, named INSPIRE (Increasing Security

and Protection through Infrastructure REsilience), in the area of Critical Infrastructure Protection.

Charles de Couessin

Charles de COUESSIN joined SITA marketing – the world leading IT company of the Air Transport - in

1998, further to a decade successfully meeting the challenges of IT activities ranging from French

government and oil to the manufacturing industry. At SITA, he has has pioneered the most advanced

services in both eBusiness and eCommerce sectors by launching joint activities with strong market

players like Airbus, SAP and Gemplus.

After the 09/11 security context, Charles has initiated solid programs with air transport stakeholders to meet new security

requirements, based on biometrics, digital signatures and smart cards together with international organisations like IATA,

ICAO and ACI.

He is currently working as an independant consultant for various stakeholders in both government and industry sectors:

French Ministry of Interior on eID issues, aviation on security and eBusiness programs.

Charles is the author of an opportunity study on the usage of digital signature in the context of electronic ID programmes

in France, published in december 2007 by AFNOR.

Charles is graduated in physics from Imperial College, London, and arts from Paris University and Ecole du Louvre.

Paolo De Lutiis,Telecom Italia

Mr. Paolo De Lutiis, degree in Computer Science (Turin University), works in Telecom Italia and is

specialized in computer security. Currently he is working on internal projects related to the security of

the NGN and is involved as rapporteur in the ETSI TISPAN WG7 on Security activities.

Dr Stefan Fenz, Secure Business Austria

Dr. Stefan Fenz is project manager and researcher at Secure Business Austria. His research focuses

mainly on ontology engineering and applied concepts of IT-Security with a focus on threat simulation

and risk analysis, on which he specialized during his studies at the Vienna University of Technology.

He received a Master in Business Informatics and a Master in Software Engineering & Internet Computing from the Vienna

University of Technology and he recently finished his PhD thesis, which develops novel methods regarding ontology-based

risk analysis and threat simulation.

Gérard Galler, European Commission

Gérard Galler's background is Electrical Engineering. He also holds degrees in Artificial Intelligence,

Environmental Sciences and International Politics.

He started his career in the private sector, developing ICT applications for space, road transport,

metallurgy, environment, document management and electronic payment.

He joined the European Commission in 1998 to support research on smartcards through the EU Framework Programme

for Research and Development. He was also responsible of eEurope Smartcards, a policy initiative for the wide pan-

European deployment of smartcards. From 2003 till 2006 he served in the European Commission Delegation to Georgia &

Armenia as scientific counsellor and as the head of a section in charge of EU assistance to both countries. From

September 2006, he works on the European Network & Information Security policy with the Information Society & Media

Directorate-General of the Commission and since November 2008, he is in charge of the follow-up of the EU Directive on

electronic signatures.

Matthias Gerlach, Fraunhofer FOKUS

Matthias Gerlach is senior researcher in the field of secure and private vehicular communication at

Fraunhofer FOKUS. He is actively contributing to the standardization of secure ITS communications in the

'Car2Car Communication Consortium' and ETSI ITS WG5. He was responsible for the security working

group in the Network-on-Wheels project that finished 2008 and is responsible for the security

architecture in PRE-DRIVE-C2X.

SECURITY WORKSHOP

SPEAKERS’ BIOGRAPHIES

Professor Solange Ghernaouti – Hélie, Faculty of Business and Economics - University of

Lausanne

Professor Solange Ghernaouti is president of the Social Commission and president of the Equal

Opportunities Commission of the University.

She is an international expert for ICT security strategies & policies and computer related crime issues

for several governmental agencies and private organizations. She is member of numerous advisories

boards of foreign research institutions and often acts as evaluators of research projects and institutions at national and

international levels. She is a cybersecurity expert for ITU, co-leader of international working groups on 'capacity building'

and 'organizational structures' for cybersecurity the Global Cybersecurity Agenda.

She is the author of 17 books, she has written, among others, the 'Cybersecurity guide for developing countries'

translated in (China, Russian, Arabic, Spanish and French languages) presented at the World Telecommunication

Development Conference in Doha (2006). She is the author of the United Nations publication 'Information Security for

Economic and social development' - Economics and Social Commission for Asia & the Pacific – ESCAP - UNITED NATIONS

2008.

Contact: sgh@unil.ch - Web site : www.hec.unil.ch/sgh/

Slawomir Gorniak, ENISA

Slawomir Gorniak, CISSP, is a telecommunications engineer focused on network security. Currently he is

working as an expert in security tools and architecture at ENISA (European Network and Information

Security Agency) mainly in the area of resilience of public communication networks. He is also

responsible for following up European security related R&D projects and technical developments in

standardization. In the past he was involved among others in technology risk management (ABN AMRO Bank), incident

handling and systems of early recognition of network attacks (CERT Polska) and network design (Alcatel Polska). He was

also taking part in international CSIRT-related projects.

Michael Harrop, The Cottingham Group

Mike Harrop has many years experience in IT standards and international cooperative initiatives,

particularly in the areas of IT security and on-line government. He currently serves as Rapporteur for the

Communications Security Project of the International Telecommunications Union (ITU-T) Study Group 17,

which has overall security coordination responsibility across all Study Groups of the ITU-T.

During his tenure with the Government of Canada (1971-1997) he served as convenor of the ISO/ITU

Open Systems security work and led the development of the Open Systems Security Architecture and Security

Frameworks. He also helped establish the G7 Government On-line (GOL) project in 1995 and served as co-chair. Since

1997 he has worked as a consultant focusing on strategies and standards for electronic government and IT security.

He holds a degree in mathematics and physics from the University of London and is a Chartered Engineer and Certified IT

Professional.

Dipl.-Kfm. MSc Andre Hermanns (LSE), Technische Universität Berlin

Mr. Hermanns holds a Diplom-Kaufmann from University of Passau, Germany and a Master of Science in

International Relations from London School of Economics and Political Science.

He began his professional career as personal assistant to former Federal Minister of Research and

Technology, Prof. Dr. Dr. h.c. mult. Heinz Riesenhuber, MdB, in the German Parliament, working on

innovation policy in the high-tech sector.

After the Parliament's move to Berlin, he stayed in Bonn for five more years with Deutsche Telekom Consulting, before

relocating himself to Berlin, joining a research institute of Leibniz-Society.

Since July 2007, Mr. Hermanns is doing research at TU Berlin about standardisation in security technologies, focusing on

the correlation with technology acceptance, public procurement and lead market development.

He is currently working within the National German Security Research Programme of the Federal Government.

Additionally, Mr. Hermanns is expert member of ESRIF (European Security Research Innovation Forum) Working Group 9

'Innovation', ISO Technical Committee TC 223 'Societal Security', Working Group 4 'Preparedness and Continuity' and its

German mirror committee, the DIN Normenausschuss NA 031 FBR 05 'Societal Security '.

Diplom Mathematician, Klaus J. Keus, Head of Division:

Studied Mathematics, economics and computer technology at the 'Rheinisch Westfälischen Technischen

Hochschule Aachen (RWTH)' and got a degree as 'Diplom mathematician'. He has more than 26 years of

experience in information technology including around 20 years in IT-Security. After assistant lector at

the university, working for many years as project manager in international IT-companies, he was

working for more than 16 years within the German Federal Office for Information Security (Bundesamt

für Sicherheit in der Informationstechnik (BSI)) as head of different units. Based upon invitation, currently he is working

as SNE (Seconded National Expert) for the European Commission JRC IPSC (Joint Research Center, Institute for the

Protection and Security for Citizen) in Ispra (Italy).

He is author of numerous national and international publications and a well known speaker at national and international

conferences for security issues. He is member of committees in national and international security conferences and senior

member in several national, European and international security boards.

Mark Jeffrey, Microsoft

Mark Jeffrey has a background of 25 years in telecommunications and broadcast engineering. He started

work on residential broadband systems in 1989, and joined Microsoft in 1995. Currently located in

Switzerland, Mark is an active participant in IPTV, Content Protection, and Home Networking activities at

the DVB Project and the DLNA, and acted as the DVB's liaison officer to the ITU-T Focus Group on IPTV.

Mohamad Nizam Kassim, CyberSecurity Malaysia

Mr. Mohamad Nizam Kassim is a security assurance analyst of Security Assurance Department,

CyberSecurity Malaysia for WiFi and Mobile Network technologies.

Prior to that, he has involved more than six years in telecommunication industry in designing and

implementing core-switched and packet-switched network, analysing and predicting mobile network traffics

forecasts, implementing core-switched network monitoring system and subscribers provisioning system.

He is currently dedicated his time in wireless station tracking and triangulation techniques project and mobile phone

threats assessments project.

SECURITY WORKSHOP

SPEAKERS’ BIOGRAPHIES

John Ketchell, CEN

John Ketchell is the CEN Director of New Opportunities and Pre-Standards, the focal point for business

development in new areas. His Department includes responsibilities for CEN Workshops, informal

standardization activities suited to fast-moving technologies, experimental activities or new areas of

standardization, and innovation – the Workshop process is often used in information and communication

technologies (ICT) but also is increasingly linked to research projects. John joined CEN in 1997. Previously, he had been

responsible for external coordination of the activities of the European Telecommunications Standards Institute (ETSI) and

Secretary to the European ICT Standards Board (ICTSB) from its inception. An economist and linguist, John's previously

worked in the United Kingdom administration, with a bias towards European Union issues.

Marcelo Masera – ISPRA

Born 22 September 1956. He has a degree in Electronics & Electrical Engineering (1980). Since November

2000 he is a scientific officer of the European Commission at the Joint Research Centre (Ispra, Italy).

He is in charge of the "Security of Critical Networked Infrastructures" area within the Institute for the

Security and Protection of the Citizen. His interests are on the dependability and security of complex socio-

technical systems, and specifically those related to critical infrastructures, large-scale systems-of-systems, information

and communication technologies and the information society.

He has been researcher in the areas of Risk and Reliability at the National Research Council of Argentina (1981-1989),

and visiting scientist at the JRC in the 1990- 1992 and 1997-1998. During these periods he has participated in the

organization of the European Dependability Initiative, related to the Information Society Technologies R&D programme of

the European Commission, and participated in several international projects.

He has been an independent consultant in the field of dependability of information systems (1992-1997), mainly

supporting R&D activities and taking part in national and international projects.

He has published more than 60 papers in the fields of dependability, security and risk.

Reinhard Meindl, NXP Semiconductors

Reinhard Meindl graduated with an Engineering Degree in Mathematics/Informatics at the Technical

University Graz (Austria). After completing the degree he worked for an Austrian research company over

a 3-year period. In 1994 Meindl joined Mikron where for 3 years his involvement was focused primarily in

contactless smart cards. After Philips took over Mikron, he has had multiple positions in engineering and

product management disciplines, working on contact, contactless and dual-interface smart cards, on

readers on electronic passports and NFC, domains where he filed numerous patents. Meindl joined NXP Semiconductors

after the spin-off from Philips in 2006 and since then he is responsible for Technology Standards and Industry Relations of

Business Line Identification. He brings with him many years of experience in formal technology standardisation as

member of National and International Committees as well as of convener of working groups and editor of standards.

Valtteri Niemi, 3GGP SA3 Chairman, Nokia Research Center

Valtteri Niemi received a PhD degree from the University of Turku, Finland,

Mathematics Department, in 1989. After serving in various positions in Univ of Turku, he was an Associate

Professor in the Mathematics and Statistics Department of the University of Vaasa, Finland, during 1993-

97. He joined Nokia Research Center (NRC), Helsinki in 1997 and in 1999 he was nominated as a Research

Fellow. During 2004-2006, he was responsible for Nokia research in wireless security area as a Senior Research Manager.

During 2007-2008, Dr. Niemi lead the Trustworthy Communications and Identities team in the Internet laboratory of NRC,

Helsinki. He recently moved to the new NRC laboratory in Lausanne, Switzerland, where his biggest focus is on privacy-

enhancing technologies.

Dr. Niemi's work has been on security issues of future mobile networks and terminals, the main emphasis being on

cryptological aspects. He has participated 3GPP SA3 (security) standardization group from the beginning. Starting from

2003, he has been the chairman of the group. Before 3GPP, Niemi took part in ETSI SMG 10 for GSM security work. In

addition to cryptology and security, Dr. Niemi has done research on the area of formal languages. He has published more

than 40 scientific articles and he is a co-author of three books.

Françoise Petersen

Françoise Petersen is working as an independent consultant at APICA, an ETSI member company. She

has extensive experience in standardization work, and has been leading and working as expert in several

ETSI Human Factors (HF) projects. She has a deep knowledge on personalization and user profiles due to

her participation as leader and expert in an ETSI Human Factors project which developed EG 202 325 on

'Personalization and User Profile Management' (published in 2005) and she is currently leading two projects on

personalization:

• the ETSI Technical Committee work on 'Personalization and User Profile Management Standardization' which is

developing two deliverables, one on 'Architectural Framework' and one on 'User Profile Preferences and Information'

(http://portal.etsi.org/stfs/STF_HomePages/STF342/STF342.asp )

• the ETSI Human Factors and eHealth Technical Bodies have created a project, STF352 which standardizes the

personalization of eHealth systems (http://portal.etsi.org/stfs/STF_HomePages/STF352/STF352.asp).

She has also worked at the Swedish telecom operator TeliaSonera. Prior to that, she gave courses in Computer Sciences

at Lund University in Sweden.

Hans Pongratz, Technische Universität München (TUM)

Hans Pongratz, born 1978, degree in Computer Science (TUM) works as researcher at the Technische

Universität München (TUM), Germany, within different projects and positions. Currently deputy project

manager of the recentralization project IntegraTUM and subproject manager of the campus management

project CM@TUM. His PhD-research focuses on Privacy Issues, Information Leakage and Google Hacking.

Dr. Shahriar Pourazin, Sepehr S. T. Co. Ltd.

Dr. Shahriar Pourazin is a strategic network security consultant. He has designed and managed the

development of sophisticated network security systems including intelligent firewalls. He is the chairman

of the board of Sepehr S. T. Co. Ltd. and has been the manager of the pilot project on Security of Digital

Broadcasting in Asia Pacific Broadcasting Union (ABU) as the member of the technical steering committee

of ABU. He is the lecturer of courses about security and trust in different universities. He has had some

papers and lectures about the security of e-Health, digital broadcasting and networks around the world.

He received his BS in 1990 and MS in 1994 both on Software Engineering from Sharif University of Technology, Tehran

Iran; and received PhD degree in Artificial Intelligence in 2005, from AmirKabir University of Technology, Tehran, Iran.

Dr. Carmine Rizzo, CISA CISM CISSP ITIL PRINCE2

Technical Officer, ETSI Standardisation Projects, ETSI Secretariat

Carmine Rizzo has worked in the ETSI Secretariat in France since November 2007, where he is

responsible for the co-ordination of various Technical Committees and is the ETSI Secretariat point of

reference for security standardisation activities.

He obtained a Degree (Laurea) in Electronic/Telecommunication Engineering in Italy, followed by a Ph.D

in Radio Communications in the United Kingdom.

His professional background in the United Kingdom includes experience in the private sector for Nortel Networks as Data

Communications Network Engineer, and over five years' experience in the international organisation ECMWF (European

Centre for Medium-range Weather Forecasts), working in an operational environment for the management of IT projects,

services and security.

He has gained, and actively maintains, several professional certifications covering broad aspects of technical security and

security management, as well as project management, IT audit, control, and service management.

SECURITY WORKSHOP

SPEAKERS’ BIOGRAPHIES

David Rogers, OMTP Ltd

David Rogers is the Director of External Relations for OMTP, liaising with standards bodies and other

members of the mobile phone industry. He is the Chair of OMTP's Incident Handling task, Programme

Manager for the ‘Advanced Trusted Environment' and is currently working on the BONDI mobile web

initiative. In 2007 he authored the OMTP's security whitepaper, ‘Mobile Handset Security: Securing

Open Devices and Enabling Trust'. David joined OMTP in 2006 after 8 years at Panasonic Mobile. Whilst

there, he headed up Panasonic's Product Security initiatives in Europe, including investigating hacking

against mobile devices. He also managed a development team specialising in hardware, software and security solutions

for service centres worldwide. Prior to this David worked for Fujitsu Microelectronics Ltd, in their Newton Aycliffe DRAM

fab. He holds an MSc in Software Engineering from Oxford University and a HND in Mechatronics and Semiconductor

Process Engineering from the University of Teesside.

Judith E. Y. Rossebø, Telenor

Judith E. Y. Rossebø is a Senior Research Scientist at Telenor R&I. Prior to joining Telenor in

October 2000, she worked three years as a systems engineer at Alcatel Telecom Norway and one

year as an assistant professor teaching mathematics at the University of Tromsø. At Alcatel she

worked with IN, and dimensioning, performance, dependability and traffic control in

telecommunication networks. She received a cand. scient. degree in Mathematics from the

University of Oslo in 1994 and is completing a PhD at Norwegian University of Science and

Technology (NTNU), department of Telematics, in the SARDAS project. Since January 2003 she has

been the Chairman of ETSI TISPAN WG7 Security. Her research interests include security in general; security issues in

multimedia communications services, and in particular securing availability of services.

Hideo Sato, FVA Biz Development Office, Sony Corp.

Distinguished Researcher, Senior Technology Manager

Nationality: Japanese.

Born: 1956, in Akita, JAPAN.

Education: Sophia University, degree in electrical engineering

Career:

2007-Present: FVA Biz Development Office

1997-2006 : Information Technology Laboratory

1983-1996 : Research and development of optical disk

1981-1993 : Advanced Development Laboratory

Vicente Segura, Telefónica I+D

Vicente Segura is a technology specialist in information security. He has a Telecommunications Engineer

degree and holds the CISSP certification. He has been working in Telefónica I+D for 8 years in different

information security projects. During his working experience he has worked in a wide set of information

security areas in different Telefónica business units: digital certificate infrastructures, business continuity

and disaster recovery plan, intrusion detection systems, secure development, risk management and

compliance. At present, he is mainly involved in a national funded research project (SEGUR@,

https://www.cenitsegura.com/cenit/) where he is researching techniques to quantify risk model variables (probability of

occurrence, impact) by means of modelling economic incentives of attackers and using security metrics.

Jaydip Sen, Tata Consultancy Services Ltd

Jaydip Sen is working with Tata Consultancy Services Ltd in the Convergence Innovation Lab, Kolkata,

India, where he is leading the Wireless Research Group. His main areas of research are cross layer

optimization for wireless networks, security issues in next-generation communication systems, intrusion

detection systems, secure routing protocols in wireless ad hoc and sensor networks, trust and

reputation-based systems. He has more than 35 publications in international journals and proceedings of

international conferences. He is a member of IEEE and an active member of IEEE 802.16 standard committee. He

received PhD in network security from Indian Institute of Technology, Kharagpur, India in 2007.

Dr.-Ing. Stephan Spitz, Giesecke & Devrient GmbH

Stephan Spitz has more than ten years working experience with research, development and consulting in

the field of information and communication security. As Programme Manager New Technologies he is

responsible for new security solutions from Giesecke&Devrient beyond the classical smart card and SIM

technology such as new security services and secured consumer devices.

He has a doctorate degree from the Technical University of Munich where he still lectures 'Applied IT Security' and he is

co-author of the book 'Kryptographie und IT-Sicherheit' published by Vieweg+Teubner.

Dr. Ganesh Sundaram, Alcatel Lucent

Dr. Ganesh Sundaram is a Distinguished Member of Technical Staff (DMTS) at the Wireless Advanced Technology Labs in

Alcatel-Lucent, NJ. He has been with the labs since June of 1997, where his primary research interests include

cryptography and network security, as well as various mobility and resource management algorithms for wireless data

networks and standards. He has numerous research publications in multiple areas and he is a co-inventor in a number of

patent applications. He is also a co-recipient of multiple internal Bell Labs awards, including the Bell Labs President's gold

award in 2005. In addition to his work at the labs, he organized a conference, and co-edited the proceedings of the

conference on "Algebra, Arithmetic, Geometry and its Applications," published by Springer-Verlag. Prior to joining the

labs, he received a PhD in Mathematics from Purdue University in 1997 (specializing in algebra, arithmetic, and

geometry). He was also an invited research member at the Mathematical Sciences Research Institute (MSRI) in Berkeley,

California, during the fall of 1999.

Igli Tashi, Research and Teaching Assistant , University of Lausanne

Mr. Igli Tashi studied economics at the Faculty of Business and Economics (HEC) of the University of

Lausanne, (management specialization). He is a holder of the Master in Economic Sciences and of the

Master of Law in New Technologies – Legal Issues, Crime and ICT Security. He works as research and

teaching assistant at the University of Lausanne since 2005. At the same time he is completing his PhD

thesis under the direction of Prof. Solange Ghernaouti-Hélie.

His research topic is the Information Security Management, more specifically issues related to:

• IT Risk Management

• IT Security Evaluation and Assurance

• IT Security Metrics

• IT Security Insurance

• IT Security Standartization and Certification

• ICT legal aspects

His research activities are performed within the SeDgE research group framework, founded by Prof. Solange Ghernaouti-

Hélie, dealing with socio-economical, managerial, legal and technical dimensions of information infrastructure security. He

is co-author of different research papers published in several internationally well recognized conferences and specialized

journals. He is directly involved in many projects and research activities like the European Integrated Project SECOQC

(Development of a Global Network for Secure Communication based on Quantum Cryptography) or the Critical

Infrastructures Security Researchers' Network set up in collaboration of Joint Research Center (JRC – Ispra, IT) of

European Commission.

SECURITY WORKSHOP

SPEAKERS’ BIOGRAPHIES

Peter2, ETSI TC LI Chairman

Peter van der Arend is the elected chairman of ETSI/TC LI since October 2002 when TC LI was

established. In the past he has been active in the field of mobile communications. He was involved in

standardisation work in CCIR SG8 and in ETSI TC GSM/SMG. He has been a long term contributor to the

GSM system. The feeling with LI started during the LI developments in GSM in SMG10 WPD-LI.

Dr. Klaus Vedder, Giesecke & Devrient GmbH

Klaus Vedder was educated at the universities of Tübingen, Birmingham and London where he received a

Ph.D. in Pure Mathematics.

After having held teaching positions for Mathematics at the Universities of London (England) and Gießen

(Germany), he joined the central research section of Siemens AG in Munich where he led a group of

cryptographers. In 1987 he moved to his present company where he set up the GSM business. Today

Klaus is Group Senior Vice President and Head of the Telecommunications Division of Giesecke & Devrient (G&D) which is

the number two in the world of smart cards.

From 1992 to 1996 he was chairman of the ISO/IEC committee SC27 'Information technology - Security techniques'. The

scope of this committee includes the standardisation of generic methods, techniques and evaluation criteria for IT

Security.

He has been involved in the standardisation of the SIM from the very beginning in 1988. He has held the position of

chairman of SIMEG, the SIM Expert Group then responsible for the standardisation of the SIM, and the various

committees succeeding it since 1993. Today he chairs the ETSI Technical Committee 'Smart Card Platform' (TC SCP)

which was set up in the year 2000 to elaborate a generic smart card platform. Today's SIM cards for 2G and 3G mobile

communication systems are based on the specifications of this committee.

Dr. Klaus Vedder e-mail: klaus.vedder@gi-de.com

Giesecke & Devrient GmbH, PO Box 80 07 29, D-81607 Munich, Germany.

Dr. Claire Vishik, Intel Corporation UK

Dr. Claire Vishik works as Privacy & Security Policy & Technology Manager at Intel Corporation UK. Her

work focuses on hardware security, Trusted Computing, privacy enhancing technologies, some aspects of

encryption and related policy issues. Claire is a member of the Permanent Stakeholders Group of ENISA.

She is active in standards development and is on the Board of Directors of TCG (Trusted Computing

Group). She received her PhD from the University of Texas at Austin. Prior to joining Intel, Claire was at Schlumberger

Laboratory for Computer Science and AT&T (SBC) Laboratories working in the area of security and other aspects of

Internet technologies, from electronic commerce and communications protocols to software systems and services. Claire

is the author of many papers and reports and inventor on 23 pending and granted US patents.

Dr Edgar R. Weippl, Secure Business Austria

Dr. Edgar R. Weippl (CISSP, CISA, CISM) is Science Director of Secure Business Austria and university

assistant at the Vienna University of Technology. His research focuses on applied concepts of IT-

security and e-learning. Edgar has taught several tutorials on security issues in e-learning at

international conferences, including ED-MEDIA 2003-2007 and E-Learn 2005. In 2005, he published Security in E-Learning

with Springer.

After graduating with a Ph.D. from the Vienna University of Technology, Edgar worked for two years in a research startup.

He then spent one year teaching as an assistant professor at Beloit College, WI. From 2002 to 2004, while with the

software vendor ISIS Papyrus, he worked as a consultant for an HMO (Empire BlueCross BlueShield) in New York, NY and

Albany, NY, and for Deutsche Bank (PWM) in Frankfurt, Germany.

Sati Bains, CEN

Sati has over 15 years experience as an information security professional. He has been directly

involved in the successful delivery of information, communication and technology programmes. He

has have held direct responsibility for implementing and introducing new technology, managing

vendor relationships and day-to-day operational business management.

Since 2002, Sati have focused on information privacy, risk and governance within the financial service

industry and the wider impact on operational performance. This has allowed me to gain valuable

insight into mandatory regulations within the financial services market. His previous experiences includes building niche

security consulting practices at both IBM and at Andersen’s.