Cybersecurity/Network and Information security

In this fellowship the original objective is to start to prepare a NWI to address the age approriate topic and start the standard development. The aim is to improve the benefits and reduce the risks in the digital world for young users up to the age of 18. The solution is to adapt the content delivered by online products and services according to the age of users. Moreover, the process requires establishing the age/capacity of users, including age verification and age estimation. The CWA does NOT define age estimation and verification processes (Out of scope) but requires to select an appropriate age assurance tools/approach in conformity with established standards and official guidance.

The standards being developed should cover the requirements of the full range of stakeholders (including users, affected bystanders and manufacturers etc) over the complete lifetime of the product.

The gaps that this fellowship enables me to address has been to dedicate solid time first for the ECMA meetings that I convened, but also for the community background work that needs support and attention. The priorities are to users the creation of the core specifications for ECMA approval, which has been challenging because of the influx of attention on PURL for SBOM and CRA compliance. The challenge from PURL getting increased attention meant needing to cater to new contributors and supporting long debates and addressing objections, in particular on topics like character encoding.

This fellowship supports my engagement in ISO/IEC JTC 1 ‘Information technology’ is not on a working level (such as a contributor to specific standards) but on a strategic level.

My work aims to rationalise the resulting compliance efforts through a dedicated Technical Report (TR) under ETSI CYBER. This report will help reduce legal ambiguity, support standardisation across sectors, and ensure proportional and efficient compliance.

Through this fellowship, I am contributing to shape the standards around next-generation secure computing infrastructure. We are on the verge of a new paradigm where the security of the computing infrastructure is endorsed by hardware features and ensures protection of data at rest, in transit, and in use. 

The use of digital identity wallets is foreseen to be the best appropriate solution to support an age verification method, which uses the date of birth of the individual without disclosing it.

My work aims to develop robust frameworks for the verification of cryptographic protocols within the security of ICT products, services, and processes, thereby enhancing resilience against cyber threats.

Improving security is one of the most, if not the most, important priorities for the evolution and future development of the IoT.

This fellowship allows me to take part to all meetings concerning Cybersecurity, Privacy and Artificial Intelligence (even most are very early or very late in the day, as per rules for scheduling in SDO's), whilst being able to keep delivering standard based consulting especially for SMEs which need to comply for ISO 27001 certifications mostly. 

My fellowship focuses on several priorities and key gaps related to AI and cybersecurity standards applied in education.

This technical report, resulting from my fellowship’s contributions, is an equitable analysis of the relationship between Quantum Key Distribution (QKD) and Post-quantum Cryptography (PQC) technologies. It describes the two technologies' complementary nature and highlights their potential advantages and benefits.