Stefan Bumerl

Vienna, Austria
CRYPTAS it-Security

Stefan is founder and managing director of CRYPTAS it-Security GmbH and is recognized as an innovator in the field of user-centric identities in high-scaling market oriented systems. For more than ten years CRYPTAS achieved to enter the European market by developing, researching and implementing eID solutions for internationally operating customers.

After finishing his education, Stefan started his career in research and development of smart card based systems in the field of payment applications, e-health services and telecommunication in general. In 2000 he got the opportunity to establish in the function as chief architect a new department dedicated to smart card solutions in the context of it-security systems. This department soon rose to a team of 30 members. During this time, he was also significantly involved in the development of the ISO standardizations ISO 7816, ISO 14443 and ISO 15693.

Stefan soon realized that the actual challenge of finding the best solutions could only be achieved by interdisciplinary engagement in technology, organization, economy and change management. With this in mind, he founded CRYPTAS in 2003. By paying attention to and combining all these aspects, CRYPTAS was able to identify the necessary key technologies early on and thus managed to develop successful identity solutions in highly complex environments.

Aside from his entrepreneurship Stefan is also an active participant in the development of eID solutions within local and European initiatives and considered to be an evangelist for marketdriven identity ecosystems. He is a member of the Trust in Digital Life organization, co-founder of EUSTIx, an organization dealing with the practical implementation of architectures on the broad level of all stakeholders involved, and chairman of the Austrian Identity Federation Authority.


IoT – Identity of Things!

by Stefan Bumerl

Dazzled from the nice things all the connected gadgets can do for us we seem to forget what we have learned in the past 20 years when computers became interconnected in a large scale. Embedding a microcontroller into a coffee machine and attaching network capabilities is not the main engineering challenge today. Getting functional interoperability is a time consuming process but tend to happen by usual demand. But who is managing the flea circus to make sure that owners interests also in regard of security and privacy are properly addressed?

Purely the management of a PC in a 50 device environment costs around 500€/year. A fact that kills most business cases in IoT and lacks on practical possibilities also when considering the expected period of use e.g. of a dish washer. The Cloud is both part of the solution and a problem of its own.

The dimensions of ownership, accessibility and management of the devices are quite complex. Too complex for an average customer.

This presentation will illustrate the need of introducing identity management as a core requirement to your personal cyber-physical environment. Without clear relations between human identities and devices identities the systems won’t scale up. Privacy enhanced federated identity management ecosystems will allow to reduce the attack surface significantly and will also help to reduce the efforts of management.