ISO/IEC

Available (292)

Showing 13 - 24 per page



Fernando Suárez

Country
Spain
Fellow's country
Open Call
Organisation type
Organization
General Council of Computer Engineering of Spain
Portrait Picture
Fernando
Standards Development Organisation
StandICT.eu Year
2029
Year

ISO/IEC FDIS 29128-2 Evaluation Methods and Activities for Cryptographic Protocols

ISO/IEC FDIS 29128-2 Information security, cybersecurity and privacy protection — Verification of Cryptographic Protocols Part 2: Evaluation Methods and Activities for Cryptographic Protocols

This document defines the evaluation methods and activities to assess the artefacts defined in Part 1 for the verification of the correctness and security of a cryptographic protocol specification using the framework from ISO/IEC 15408-4.

ISO/IEC 18045:2022 Evaluation criteria for IT security — Methodology for IT security evaluation

ISO/IEC 18045:2022 Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Methodology for IT security evaluation

This document defines the minimum actions to be performed by an evaluator in order to conduct an ISO/IEC 15408 series evaluation, using the criteria and evaluation evidence defined in the ISO/IEC 15408 series.

> Expected to be replaced by ISO/IEC 18045 within the coming months.

ISO/IEC 15408-5:2026 Evaluation criteria for IT security PART 5 Predefined packages of security requirements

ISO/IEC 15408-5:2026 Evaluation criteria for IT security PART 5 Predefined packages of security requirements

This document provides packages of security assurance and security functional requirements intended to be useful in supporting common usage by stakeholders.

Users of this document may include consumers, developers, and evaluators of secure IT products.

ISO/IEC 15408-4:2022 Part 4: Framework for the specification of evaluation methods and activities

ISO/IEC 15408-4:2022: Information security, cybersecurity and privacy protection — Evaluation criteria for IT security Part 4: Framework for the specification of evaluation methods and activities

 

This document provides a standardised framework for specifying objective, repeatable and reproducible evaluation methods and evaluation activities.

This document does not specify how to evaluate, adopt, or maintain evaluation methods and evaluation activities. These aspects are a matter for those originating the evaluation methods and evaluation activities in their particular area of interest.

Antonio Jara

Description of Activities

The sectors of Digital Twins, Virtual Worlds/Citiverse, IoT and Data Spaces are fragmented, especially the uneven uptake of NGSI‑LD, Smart Data Models/SAREF and governance models creates a barrier for cross‑domain interoperability in cities. Therefore, I focus on harmonising these layers within ITU‑T Citiverse and EU Local Digital Twin  (LDT) Toolbox. I also contribute to aligning LDT and Data Space governance with UNE 0087:2025 and the Gaia‑X Trust Framework to operationalise sovereignty, compliance and automated conformance. Moreover, I contribute to mapping LDT/MIM8, NGSI‑LD, SIMPL and Citiverse deliverables to speed deployment and avoid duplicate or conflicting specs. 
 

Country
Spain
Fellow's country
Impact on SMEs (9th Open Call)
Libelium is a SME and it has directly contribute to Libelium and other SMEs working on Data Spaces, Digital Twins and Citiverse by lowering entry costs via reusable NGSI‑LD/MIM8 profiles and Toolbox components; reduced lock‑in and faster integrations, and making easier the market access to Data Space Ready patterns (CT73/UNE) and Gaia‑X alignment for trustworthy exchange.
Impact on society (9th Open Call)
I see a bit different societal impact of each target project:
Interoperable public services and vendor‑neutral procurement via NGSI‑LD/MIM8 profiles.
Trustworthy data sharing for cities/SMEs through UNE 0087 an Gaia‑X trust mechanisms.
Inclusive urban innovation under the Citiverse initiative (human‑centred, open, safe).

Open Call
Organisation type
Organization
Libelium
Portrait Picture
Antonio Jara
Proposal Title (9th Open Call)
Integrating Citiverse and Local Digital Twins via Data Spaces
Role in SDO
Standards Development Organisation
StandICT.eu Year
2026
2029
Year
Topic (9th Open Call)

Kira C. Lemke

Description of Activities

In the framework of this fellowship, I worked on a Technical Report (TR) that addresses critical gaps and challenges in the international standards landscape for digital content identification and binding mechanisms.
The absence of a common terminology across standardisation communities poses a major challenge. Different communities use inconsistent language when describing how content is connected with its metadata or other associated information. Whereas the C2PA initiative uses its own distinct terminology, other standardisation communities (e.g. W3C or OAIS) have different interpretations of what bindings mean. This terminological divergence leads to interoperability and mutual understanding barriers. The TR is establishing a comprehensive taxonomy that provides a neutral reference framework for multiple standardisation efforts, facilitating clearer communication across standardisation communities.
A gap the TR is addressing, is the limited comprehension of how binding mechanisms respond to content transformations. Digital content undergoes frequent alterations through compression, format conversion, and editing. Traditional identifier systems often fail when these changes occur, particularly when embedded metadata is stripped. The Working Group systematically analyses characteristics and limitations of different binding approaches, from cryptographic hashing to robust fingerprinting to watermarking techniques. This analysis will help stakeholders to make informed architectural decisions tailored to their specific requirements.
Moreover, the fellowship further contributes to positioning the recently published ISCC standard (ISO 24138:2024) within a broader global context. The TR serves as an educational resource, helping stakeholders understand how similarity-preserving identification methods complement established identification systems and address emerging needs in content provenance and authenticity verification, particularly relevant with current growth of AI-generated content.
 

Country
Germany
Impact on SMEs (9th Open Call)
The TR will guide SMEs in understanding binding mechanisms: structural (metadata embedding), semantic (descriptive relationships), algorithmic (hashes, content-derived identifiers), and resolvable (URLs, DOIs).
In terms of applications, an Italian start-up, amlet.ai, adopted ISCC (one algorithmic binding approach examined in the TR) for their TDM registry. Also, Dutch liccium.com implements ISCC for decentralized content registration and rights management. Estonian valunode.com uses ISCC in their decentralised content management solutions. These implementations exemplify relevance across AI/TDM, rights management, and digital content workflows.
In terms of Impact, the TR clarifies how embedding, watermarking, fingerprinting, and cryptographic approaches differ in robustness and workflow requirements, helping SMEs make informed decisions and build expertise. Content-derived methods computing identifiers locally enable GDPR-compliant implementations without centralised tracking, supporting digital sovereignty.
Impact on society (9th Open Call)
I can see several societal impacts for this work, including:
Digital Trust and Information Integrity: The TR systematically documents capabilities and limitations of different content binding mechanisms and enables an informed selection of appropriate trust mechanisms, critical for democratic processes and media trust in the AI era.
Data Sovereignty and Privacy: The analysis of decentralised identification methods directly supports European digital sovereignty principles and GDPR compliance. By documenting alternatives to centralised tracking, the work enables implementations where rightsholders maintain control over digital assets while supporting privacy-by-design standards, addressing fundamental European values around data protection.
Open Call
Organisation type
Organization
Craft AG
Portrait Picture
Kira C. Lemke
Proposal Title (9th Open Call)
ISCC and other methods for binding in information identification
Role in SDO
Standards Development Organisation
StandICT.eu Year
2026

Nicolas Treves

Description of Activities

This was a short-term fellowship supporting my convernorship. During the period, I contributed to the following activities: 
Ensuring the sustainability of the standards developed within the IEC/JTC1/SC7/WG19 working group,
Identifying existing difficulties and proposing solutions to resolve them,
Raising awareness among the various members of the working group of the need to use OSD in future standards development,
Coordinating actions with the WG19 secretary and reporting to the SC7 secretariat.
 

Country
France
Impact on SMEs (9th Open Call)
The standards considered in WG19 are of great interest to the EU airspace, transportation, aviation, defence, energy and telecommunications industries, as well as for the universities that have contact with IT tools development companies in the area of systems formal verification. The use of these standards could have an impact on EU SMEs, particularly on IT tools editors, but it is not a priority.
Open Call
Organisation type
Organization
RDT Consulting
Portrait Picture
Nicolas Treves
Proposal Title (9th Open Call)
Coordinate the ISO-IEC/SC7 Standards in the area of Techniques for Specifying IT Systems
Role in SDO
Standards Development Organisation
StandICT.eu Year
2026
Topic (9th Open Call)

Jan Schallaböck

Description of Activities

This fellowship targets consumer-centric privacy by design in international standards work. Moreover, the Specific priorities, gaps and challenges identified are: 

  • Consumer trust and privacy gaps: Fragmented practice and fast-moving online services erode user trust; legal principles (e.g., privacy by design, accountability) are not consistently translated into usable, testable requirements. 
  • Stakeholder involvement: Consumer organisations and SMEs face high barriers to engage in lengthy, technical processes; national mirrors vary widely in how consumer voices are integrated. 
  • Skills & usability deficits: Lack of shared patterns (consent, transparency UX, data control) and uneven digital skills hinder meaningful participation and compliant implementations. 
  • Landscape fragmentation: Overlapping activities across SDOs make it hard for newcomers to find entry points, slowing delivery on e-privacy, safety, and transparency outcomes. 

How the fellowship addressed these

This fellowship supports my engagement as the chair of Chair of  ISO/IEC JTC 1/SC 44. The group’s Strategic Business Plan (SBP) aims to respond the the challenges identified above in the following manners: 

  • Th TC establishes an inclusive, modular work approach that supplements ISO 31700-1 with smaller, technology-/sector-specific deliverables—lowering thresholds for participation and speeding time-to-impact on safety, transparency, and e-privacy. 
  • Low-threshold stakeholder mechanisms: Communications/outreach plan and light-touch consultation formats to systematically bring in consumer groups and civil society, aligned with ISO/COPOLCO and relevant liaisons. 
  • SME: A stepwise, outcome-oriented approach envisaged in the SBP to accommodate different maturity levels and resource constraints, easing adoption by SMEs. 
  • Early scoping of verticals: Following the September 2025 SC 44 meetings in Kunming, first preliminary work is being initiated with additional verticals to follow.
Country
Germany
Impact on SMEs (9th Open Call)
European stakeholders—including consumer protection agencies, privacy NGOs, and SMEs—benefit from standards that operationalise the GDPR’s intentions while ensuring international interoperability. Yet their effective participation requires active facilitation, particularly in new structures such as SC 44, which currently lack established consumer consultation mechanisms.
The fellowship addressed this through structured moderation, bilateral liaison efforts (e.g. SC 27, SC 37, SC 42, OECD, TACD), and the development of participation tools that lower the threshold for stakeholder input. In the long term, systematic integration of consumer needs into technical standardisation will create both societal and economic value—opening opportunities for European SMEs and civil-society actors to co-shape usable, rights-based privacy-by-design standards.
Impact on society (9th Open Call)
The focused standards have several key societal impact:
Consumer trust and transparency: By developing modular, user-centric privacy standards (ISO 31700 family), the work enables individuals to better understand, control, and contest how their personal data are used across digital services.
Fairness and due process: Standardising transparency and accountability mechanisms strengthens procedural safeguards for consumers and ensures consistent respect for rights across jurisdictions.
Inclusion and accessibility: SC 44’s stakeholder model - outlined in the Strategic Business Plan - lowers participation barriers for consumer groups, NGOs, and SMEs, thus widening representation in global ICT standardisation.
Digital skills and awareness: Reusable guidance and patterns developed under SC 44 support capacity-building for both implementers and end-users, contributing to digital-skills and literacy objectives in the EU.
Socio-economic resilience: By reducing compliance costs and promoting interoperable privacy solutions, the standards ecosystem strengthens the competitiveness of European SMEs while reinforcing consumer rights and social trust online.
In sum, the fellowship advances a human-centred digital transformation, where privacy, transparency, and usability become intrinsic features of technology design—helping to operationalise European values of trust, accountability, and fairness in the global digital economy.
Open Call
Organisation type
Organization
iRights.Law RAe
Portrait Picture
Jan Schallaböck
Proposal Title (9th Open Call)
Strategic Business Plan: ISO/IEC JTC 1/SC 44 Consumer Protection in the Field of Privacy by Design
Role in SDO
Standards Development Organisation
StandICT.eu Year
2026
Topic (9th Open Call)