Security Analytics & Intelligence: Take Survey - Enter to Win $400 Amazon Gift Card

Secure Singapore 2013

Singapore, Singapore | Mon, Feb 25, 2013 - Sat, Mar 2, 2013

Security of National eID (smartcard-based) Web Applications

  • Raul Siles
  • Thursday, February 28th, 6:30pm - 7:30pm

National electronic identification (eID) smartcards are used by millions of European citizens, as well as worldwide, as a key element to authenticate against critical web applications in both the public and private sectors. This identification technology commonly used to access a variety of web eGovernment services, plus financial, insurance, and utility companies' websites, is considered secure. However, due to the lack of web auditing and pen-testing tools to thoroughly evaluate the smartcard-based authentication process and subsequent session management capabilities... can we really trust the security of these eID services and web applications? The eID smartcard can be secure but... is it used in a secure way? Let's take an in-depth look at the current landscape through security tools, practical demonstrations, and educational scenarios from real-world penetration tests on a worldwide leading country like Spain, with more than 25 million eIDs.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
Wednesday, February 27
Session Speaker Time Type
APT: It is Time to Act Dr. Eric Cole Wednesday, February 27th, 6:30pm - 8:00pm SANS@Night
Thursday, February 28
Session Speaker Time Type
Security of National eID (smartcard-based) Web Applications Raul Siles Thursday, February 28th, 6:30pm - 7:30pm SANS@Night