Sommaire

  • Cet exposé a été présenté le 25 octobre 2019.

Description

  • Orateur

    Cédric Lauradoux (INRIA Rhône-Alpes)

The GDPR (General Data Protection Regulation) provides rights on our data: access, rectification, objection, etc. However, this regulation is not binding on how we can exercise these rights. Data controllers have therefore deployed various methods to authenticate subject requests. We have analyzed how this authentication process can fail and examined its consequences. Our study shows that a key concept is missing in the GDPR: Proof of ownership for our data.

Infos pratiques

Prochains exposés

  • Should I trust or should I go? A deep dive into the (not so reliable) web PKI trust model

    • 19 décembre 2025 (11:00 - 12:00)

    • Inria Center of the University of Rennes - Room Markov

    Orateur : Romain Laborde - University of Toulouse

    The padlock shown in the URL bar of our favorite web browser indicates that we are connected using a secure HTTPS connection and providing some sense of security. Unfortunately, the reality is slightly more complex. The trust model of the underlying Web PKI is invalid, making TLS a colossus with feet of clay. In this talk, we will dive into the trust model of the web PKI ecosystem to understand[…]

    • SoSysec

    • Protocols

    • Network

Voir les exposés passés
Haut de page