Information

Harm and Threat Modeling for National Digital Identities
  • Upcoming
  • Tentative
  • Breakout Sessions

Meeting

Event details

Date:
Japan Standard Time
Status:
Tentative
Location:
R04
Participants:
Giovanni Corti, Simone Onofri, Darwin Yang
Big meeting:
TPAC 2025 (Calendar)

In line with ongoing efforts to address the harms and threats associated with the deployment of national digital identities, W3C and FBK’s Center for Cybersecurity are collaborating to develop an innovative, high-level threat modeling framework. This model is based on a card deck (similar to the STRIDE Elevation of Privilege game) and integrates the transformative principles of the LEGO® SERIOUS PLAY® methodology to enable comprehensive and participatory threat modeling.

In this breakout session, we will explore how using LEGO® SERIOUS PLAY® for threat modeling can help uncover security, privacy, and human rights risks in digital identity systems, and share insights from the initial validation of our card game.

We will then introduce the card deck itself by showcasing a selection of example cards, built on our previous research and inspired by both the STRIDE Elevation of Privilege game and the LIDDUN-GO deck.

Finally, we will outline our future plans to advance this line of work in the name of safe, human-centric technologies and web standards.

Agenda

Chairs:
Giovanni Corti, Simone Onofri

Description:
In line with ongoing efforts to address the harms and threats associated with the deployment of national digital identities, W3C and FBK’s Center for Cybersecurity are collaborating to develop an innovative, high-level threat modeling framework. This model is based on a card deck (similar to the STRIDE Elevation of Privilege game) and integrates the transformative principles of the LEGO® SERIOUS PLAY® methodology to enable comprehensive and participatory threat modeling.

In this breakout session, we will explore how using LEGO® SERIOUS PLAY® for threat modeling can help uncover security, privacy, and human rights risks in digital identity systems, and share insights from the initial validation of our card game.

We will then introduce the card deck itself by showcasing a selection of example cards, built on our previous research and inspired by both the STRIDE Elevation of Privilege game and the LIDDUN-GO deck.

Finally, we will outline our future plans to advance this line of work in the name of safe, human-centric technologies and web standards.

Goal(s):
Introduce our work on Harm and Threat Modeling using LSP in the context of Digital Identities

Materials:

Joining Instructions

Instructions are restricted to W3C users . You need to log in to see them.

Export options

Personal Links

Please log in to export this event with all the information you have access to.

Public Links

The following links do not contain any sensitive information and can be shared publicly.

Feedback

Report feedback and issues on GitHub.