Information

Harm and Threat Modeling for National Digital Identities
  • Past
  • Confirmed
  • Breakout Sessions

Meeting

Event details

Date:
Japan Standard Time
Status:
Confirmed
Location:
Floor 5 - 505
Participants:
Kosei Akama, Bert Bos, Alan Buxey, Tim Cappalli, Irene Chang, Denken Chen, Ari Chivukula, Giovanni Corti, Nick Doty, Zahra Ebadi Ansaroudi, Sam Goto, Yi Gu, Alexis Hancock, Jasper Hugo, Fershad Irani, Philippe Le Hegaret, Anthony Nadalin, Mark Nottingham, Simone Onofri, Nicolas Pena Moreno, Andrew Rayskiy, Gianluca Sassetti, Amir Sharif, Tzviya Siegman, Shigeya Suzuki, Martin Thomson, Nicola Tommasi, David Waite
Big meeting:
TPAC 2025 (Calendar)

In line with ongoing efforts to address the harms and threats associated with the deployment of national digital identities, W3C and FBK’s Center for Cybersecurity are collaborating to develop an innovative, high-level threat modeling framework. This model is based on a card deck (similar to the STRIDE Elevation of Privilege game) and integrates the transformative principles of the LEGO® SERIOUS PLAY® methodology to enable comprehensive and participatory threat modeling.

In this breakout session, we will explore how using LEGO® SERIOUS PLAY® for threat modeling can help uncover security, privacy, and human rights risks in digital identity systems, and share insights from the initial validation of our card game.

We will then introduce the card deck itself by showcasing a selection of example cards, built on our previous research and inspired by both the STRIDE Elevation of Privilege game and the LIDDUN-GO deck.

Finally, we will outline our future plans to advance this line of work in the name of safe, human-centric technologies and web standards.

Agenda

Chairs:
Giovanni Corti, Simone Onofri, Gianluca Sassetti

Description:
In line with ongoing efforts to address the harms and threats associated with the deployment of national digital identities, W3C and FBK’s Center for Cybersecurity are collaborating to develop an innovative, high-level threat modeling framework. This model is based on a card deck (similar to the STRIDE Elevation of Privilege game) and integrates the transformative principles of the LEGO® SERIOUS PLAY® methodology to enable comprehensive and participatory threat modeling.

In this breakout session, we will explore how using LEGO® SERIOUS PLAY® for threat modeling can help uncover security, privacy, and human rights risks in digital identity systems, and share insights from the initial validation of our card game.

We will then introduce the card deck itself by showcasing a selection of example cards, built on our previous research and inspired by both the STRIDE Elevation of Privilege game and the LIDDUN-GO deck.

Finally, we will outline our future plans to advance this line of work in the name of safe, human-centric technologies and web standards.

Goal(s):
Introduce our work on Harm and Threat Modeling using LSP in the context of Digital Identities

Materials:

Export options

Personal Links

Please log in to export this event with all the information you have access to.

Public Links

The following links do not contain any sensitive information and can be shared publicly.

Feedback

Report feedback and issues on GitHub.