Security gap analysis for passports and breeder documents

Burçin Bozkurt Günay
Chief Researcher, Tubitak Bilgem Uekae, Turkey

Synopsis
This speech is about the security analysis that has been done for all analysed e-passport and breeder document issuance processes in order to determine the security threats and the associated risks for fraud. ORIGINS project aims to identify the security gaps, potential vulnerabilities and the most common attack scenarios for passport breeder document control across the EU/Schengen and non-Schengen/Associated countries.

The speech will analyse the current state of passport breeder document security mechanisms, security leakages of e-passport issuance through breeder documents across EU/Schengen countries and non-Schengen/Associated countries that have been investigated. Also, the current state of passport breeder document security mechanisms - logical and physical security mechanisms (i.e., printing materials, watermarking, security layers, etc.) – that have been analysed. The analysis results will be presented in this speech with the identification of the security gaps for passport breeder document control.





Biography
Burçin Bozkurt Günay is a chief researcher at the Turkish National Research Institute of Electronics and Cryptology (UEKAE) under Turkish Informatics and Information Security Research Center (BILGEM), TUBITAK. She graduated from the Computer Engineering Department of METU University in 2000 and obtained her MSc. Degree on Bioinformatics from the Computer Engineering Department at METU University in 2003.

She has been participating in the development of Turkish national crypto device management projects for more than 5 years. She has taken active roles including systems engineering processes (requirement analysis, systems architecture development) and software engineering processes (software development with J2EE Applications). She has been involved in software development lifecycle and software process management activities and took an active role in CMMI. UEKAE has taken CMMI Level 3 Assurance in November, 2010. She is currently working in the eID Technologies Unit where she has been for more than 5 years. She has been in the core team that developed the Turkish National Identity Card project. The project includes development of Electronic Authentication Systems. The Turkish eID card has already been started to be distributed to citizens.