Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Make onsite appointment

Forums it-sa Expo Knowledge Forum D

Freedom of Forking: Digital sovereignty with customised open source solutions

Open Source ist ein Ökosystem mit eigenen Spielregeln, die digitale Souveränität fördern. Ein Beispiel hierfür ist das Projekt eduMFA.

Buy trade fair ticket

You can register for this action soon.

You can register for the digital action soon.

Please come back at the scheduled date and time.

The action is currently live. Please scroll down to watch.

This action is only available onsite: Forums it-sa Expo

Add action to bookmarks and download as iCal

Join now

Note: If you continue, the contact data you provided during registration may be transmitted to the respective provider in accordance with our General Terms and Conditions.

Please log in or register in advance so that you can take part in actions or watch the action videos!

This action has already taken place. This action will soon be available as a video.

This action has already taken place. Please scroll down to watch the video.

This action has already taken place. Please login or register to watch the video.

This action has already taken place. It's not available any more.

You are in!

Your ticket / access to the action was sent to you by email.

There is a problem with the action at the moment. Please come back later or contact support.

calendar_today Tue, 22.10.2024, 11:30 - 11:45

event_available On site

place Forum, Booth 7A-106

Action description

south_east

Speaker

south_east

Themes

Data protection / GDPR Identity and access management

Key Facts

Open Source ist ein wichtiger Enabler Digitaler Souveränität
IT Security erfordert Flexibilität, Open Source bringt sie
Der Fork eduMFA macht eine Interessensgemeinschaft souverän

Organizer

DAASI International GmbH

Event

This action is part of the event Forums it-sa Expo

Action description

Digital sovereignty is a key topic today, also in the context of digitalisation in business and administration, which is only progressing slowly in Germany. Open source software is a key driver in making users and organisations more digitally sovereign. With Open source urgently needed features do not depend on the goodwill of the manufacturer, but can be actively incorporated into the code through in-house development or by commissioning external service providers. In addition, open source software can be self-operated on resources that do not raise data protection concerns.

Open source not only means that software can be used free of licence fees, but also makes it possible to develop new features and incorporate them into the distribution. If the maintainer of the software is not willing to include new features in the distribution, it is possible to create a fork of the software and then develop it further independently. This ends any dependence on the previous developers. However, such a step should be carefully considered, as software maintenance is an ongoing task: with new operating system versions or new versions of the libraries on which the software is based, the software must at least be tested and often adapted accordingly. A responsible maintainer (which you have automatically become through the fork) must also ensure that any security issues discovered are fixed. Lastly, there will always be a need to integrate new functionalities into the software. Ideally, a fork should therefore be supported by a strong group of users.

One example of a successful fork is eduMFA. The software was created by a group of universities and research-related institutions. Due to increasing numbers of attacks, such as ransomware, universities feel obliged to introduce multi-factor authentication (MFA) comprehensively (including for students). When implemented correctly, MFA significantly increases the security of sensitive IT environments. As several academic institutions in Germany have focussed on different integration scenarios, a fork of the open source software privacyIDEA was created on the initiative of the Freie Universität Berlin and Munich University of Applied Sciences. The group supporting this fork also includes three research-related service providers who offer commercial support for this fork. The decision in favour of open source was also made because of the associated high quality in terms of security and data protection, as anyone can view the source code and ‘security through obscurity’ is therefore not possible.

It is planned that the interested research institutions will organise as an association or a cooperative in order to finance software maintenance through respective membership fees. Future releases will be planned and developed in an open project group. A first important feature, a standard-compliant implementation of passkeys, which enables among other things usernameless authentication, has already been developed to production readiness.

The presentation shows how interestgroups can successfully become digitally sovereign. What applies to university consortia also applies to many other communities with same requirements, especially in the public sector. Due to legislation, there is increased pressure to digitalise here, which is why an open source solution that guarantees digital sovereignty offers the best prerequisite. ... read more

Language: German

Questions and Answers: No