portrait

 

Dr. Gerrit Bleumer
   



position


  

Francotyp-Postalia GmbH
Research and Development
Head of Innovations Management
Chief Security and Cryptography Architect


address
  

Triftweg 21-26, Room 334
16547 Birkenwerder (near Berlin)
Germany
e-mail
g.bleumer@francotyp.com
phone
   +49 (0)3303 525-683
mobile
   +49 (0)170 912-4031
fax
   +49 (0)3303 53707-683
url
   http://www.francotyp.com/research/bleumer
handle
   http://www.francotyp.com/~bleumer
pgp
   http://keyserver-beta.pgp.com

cv

  curriculum vitae

  getAcrobat
colorsep

Current Activities

paw

Workshop on Secure Data Management , Aug 24, 2008, in combination with VLDB 2008, Auckland, New Zealand.

paw

International Network Conference, Jul 08-10, 2008, Plymouth, UK. The call for papers is now online.

paw Revenector, a FIPS 140-2 L3+ certified hardware security module developed by Francotyp-Postalia. It is listed by the National Institute of Standards and Technology (NIST) under their cryptographic module validation program (CMVP). Revenector is an embedded security device that can enhance the security of various kinds of appliances and computerized devices. The hardware of Revenector is designed to protect critical security parameters as well as application specific revenues. Its firmware enables hosting systems to load or update signed application specific firmware.
paw Links related to information security, cryptology, e-commerce, cyber-crime, and much more

 
colorsep

Industrial Experience

Jun 2004
to date

Dept. head of Innovation Management of
Francotyp-Postalia R&D.

Jan 2002
to Sep 2004

Project manager of Francotyp-Postalia R&D:
Aug 1999
to date

Chief cryptography architect at Francotyp-Postalia R&D.

  • Designer of the cryptographic multi-national three layer public key infrastructure of FP and of the public key and certificate management in respective countries. The public key infrastructure supports the distribution and operation of postal security devices embedded in FP postage meters.

Jun 1997
to Jul 1999

Technical Staff Member at AT&T Labs Research in Florham Park, NJ.
My work in the secure systems group involved:

Jan 1992
to May 1997

Research Associate for the University of Hildesheim and University of Dortmund in European Research Projects SEISMED and ISHTAR under the program Advanced Informatics in Medicine (AIM) funded by the Commission of the European Union.

 

Books

paw

Encyclopedia of Cryptography and Security

Springer, September 2005

Editor-in-Chief Henk C. A. van Tilborg

As a member of the Advisory Board, I welcome comments and suggestions to the entries that I have hosted.
 

 

Electronic Postage - Technology, Security, Economics

Springer, December 2006

by Gerrit Bleumer
colorsep

Research Interests and Selected Papers

paw Electronic Postage

paw Personal yet Privacy Protecting Credentials

paw Digital Patient Assistants

paw Basic Cryptography

paw Security in Health Care Networks

 

 

 

 
colorsep

In one way or another I support

SIRENE, a network of researchers in cryptology and IT security,

ACM, the Association of the Computing Machinery,

IACR, the International Association of Cryptologic Research

GI, Gesellschaft für Informatik (German Chapter of the International Federation of Information Proc. (IFIP)

 
colorsep

Electronic Postage

The US Postal Authority is pushing aggressively away from mechanical postage meters towards electronic meters.The cornerstones of their Indicia Based Information Program ( IBIP ) is an individual embedded security device driving each postage meter and cryptographically enhanced postage indicia. Both and much more is addressed by the next generation server infrastructure of Francotyp-Postalia Inc.

paw Gerrit Bleumer: Secure Electronic Postage Stamping (White Paper), EuroWired Issue 2, 2001 (ISSN: 1470-2126).
   
paw Gerrit Bleumer, Heinrich Krüger-Gebhard: Sicherheit moderner Frankiersysteme, Tagungsband Verlässliche Informationssysteme VIS 2001, Vieweg, Braunschweig-Wiesbaden 2001, 135-146 (ISBN 3528057823).
(Also available: slides).
   
paw Gerrit Bleumer, Heinrich Krüger-Gebhard: Missbrauchs-Schutz von Frankiermaschinen durch Public-Key Kryptografie; 2001 - Odyssee im Cyberspace? Sicherheit im Internet, Tagungsband 7. Deutscher IT-Sicherheitskongress des BSI, 2001, SecuMedia Verlag, Ingelheim 2001, 457-470 (ISBN 3922746365).
(Also available: poster)

It is cryptographically feasible to make efficient, secure and anonymous postage indicia. Apparently, only few people are concerned about being automatically traceable by the mail they send, but this may change when identifying postage indicia become more common and ubiquitous.

paw Gerrit Bleumer: Secure PC-Franking for Everyone ; Kurt Bauknecht, Sanjay Kumar Madria, Günther Pernul (Eds.): Electronic Commerce and Web Technologies (EC-Web 2000), LNCS 1875, Springer-Verlag, Berlin 2000, 94-109 (ISBN 3540679812).

 
colorsep

Personal yet Privacy Protecting Credentials

Biometric person authentication is becoming more and more popular. In order to get enrolled, users typicall have to submit a biometric template to some central server repository. The obvious risk of such an approach is that gradually everyone becomes screenable by certain biometric characteristics. Using advanced cryptographic mechanisms, it is in fact feasible and efficient to store biometric templates in a decentralized fashion and to also verify actual biometric samples in an equally decentralized fashion.

paw Gerrit Bleumer: Secure Offline Legitimation Systems; Dissertation am Lehrstuhl VI (Information Systems, Computer Security) des Fachbereichs Informatik der Universität Dortmund, 2001.
Thesis Advisors: Prof. Dr. Joachim Biskup, Prof. Dr. Birgit Pfitzmann
   
paw Gerrit Bleumer: Biometric Authentication and Multilateral Security ; in Günther Müller, Kai Rannenberg (eds.): Multilaterial Security in Communications, Addison-Wesley, München 1999, 157-172 (ISBN 3827313600).
   
paw Gerrit Bleumer: Biometrische Ausweise ; Datenschutz und Datensicherheit DuD 23/1 (1999) 155-158 (ISSN 07244371).
   
paw Gerrit Bleumer: Biometric yet Privacy Protecting Person Authentication ; Information Hiding Workshop '98, LNCS 1525, Springer-Verlag, Berlin 1998, 99-110 (ISBN 3540653864).

 
colorsep

Digital Patient Assistants

The widespread introduction of health care insurance cards in Germany has motivated us to design a cryptographic system architecture for invoicing for medical treatment and medical prescriptions as well as handling letters of transferral in such a way that the trust relationship between doctor and patient is strongly protected against third party interests. We have shown how compulsory health insurances can be charged while preserving unlinkability of any transactions between patients and doctors given the distributed responsibilities and competences of 'shared care'.The result was a sophisticated cryptographic architecture employing blind signatures, group signatures and various sorts of credentials and electronic coins.

paw Gerrit Bleumer, Matthias Schunter: Digital Patient Assistants ; Health Informatics Journal 4/3-4 (1998), Sheffield Academic Press 1998, 138-156 (ISSN 14604582).
   
paw Gerrit Bleumer, Matthias Schunter: Datenschutzorientierte Abrechnung medizinischer Leistungen ; Datenschutz und Datensicherheit DuD 21/2 (1997) 88-97 (ISSN 07244371).
   
paw Gerrit Bleumer, Matthias Schunter: Privacy Oriented Clearing for the German Health Care System ; in Ross Anderson (ed.): Personal Information Security, Engineering and Ethics, Springer-Verlag 1997, 175-194 (ISBN 3540632441).

 
colorsep

Basic Cryptography

paw Matt Blaze, Gerrit Bleumer, Martin Strauss: Divertible Protocols and Atomic Proxy Cryptography ; Eurocrypt '98, LNCS 1403, Springer-Verlag, Berlin 1998, 127-144 (ISBN 3540645187).
   
paw Gerrit Bleumer: On Protocol Divertibility ( pdf ) ( ps ); AT&T Labs Technical Report 97.34.3, Mar 6, 1998.
   
paw Gerrit Bleumer, Birgit Pfitzmann, Michael Waidner: A remark on a signature scheme where forgery can be proved ; Eurocrypt '90, LNCS 473, Springer-Verlag, Berlin 1991, 441-445 (ISBN 354053587).

 
colorsep

Security in Health Care Networks

SEISMED

From Jan 1992 to Dec 1996, I have worked as a research associate in two projects funded by the European Commission on security in health information systems. The first project was SEISMED (SEcure Information Systems in MEDicine) 1992-1995. The results of SEISMED have been published in 3 volumes, which address the management, IT professionals and users of health care environments, respectively.

paw Gerrit Bleumer: Introduction to the SEISMED Guidelines ; The SEISMED Consortium (eds.), SHTI Vol 31-33, Data Security for Health Care, Volume I, II, III: IOS Press, Amsterdam, 1996, 1-10 (ISBN 9051992637).
   
paw Gerrit Bleumer: Guideline for Cryptographic Mechanisms for Health Care Management ; The SEISMED Consortium (eds.), SHTI Vol 31, Data Security for Health Care, Volume I: Management Guidelines, IOS Press, Amsterdam 1996, 227-234 (ISBN 9051992645).
   
paw Gerrit Bleumer: Guideline for Cryptographic Mechanisms for Health Care IT and Security Personnel ; The SEISMED Consortium (eds.), SHTI Vol 32, Data Security for Health Care, Volume II: Technical Guidelines, IOS Press, Amsterdam 1996, 450-521 (ISBN 9051992653).
   
paw Gerrit Bleumer: Guideline for Cryptographic Mechanisms for Health Care Systems Users ; The SEISMED Consortium (eds.), SHTI Vol 33, Data Security for Health Care, Volume III: Users Guidelines, IOS Press, Amsterdam 1996, 115-165 (ISBN 9051992661).

The work of SEISMED has been presented at a number of conferences:

paw Gerrit Bleumer: Cryptographic Mechanisms for Health Care IT-Systems ; in Barry Barber, Kees Louwerse, Alison Treacher (eds.): Towards Security in Medical Telematics: Legal and Technical Aspects, SHTI Vol 27, IOS-Press, Amsterdam 1996, 233-237 (ISBN 9051992467).
   
paw Barry Barber, Gerrit Bleumer, John Davey, Kees Louwerse: How to Achieve Secure Environments for Information Systems in Medicine ; MEDINFO 95, Proceedings, Part 1, International Medical Informatics Association (IMIA), Edmond, Canada, 1995, 635-639 (ISBN 0969741413).
   
paw Joachim Biskup, Gerrit Bleumer: Reflections on Security of Database and Datatransfer Systems in Health Care ; in Klaus Brunnstein, Eckart Raubold (eds.): Technology and Foundations; IFIP 13th World Computer Congress 94, Volume 2, Elsevier Science B.V., Amsterdam 1994, 549-556 (ISBN 0444819878).
   
paw Gerrit Bleumer: Security for Decentralised Health Information Systems ; International Journal of Bio-Medical Computing 35/1 (1994), 139-145 (presented at IMIA WG4 Working Conference '93, Heemskerk/The Netherlands).

The work of SEISMED was finally recognized in the final report of the AIM Program (Advanced Informatics in Medicine).

ISHTAR

The results of SEISMED were validated and put on trial in the successor project ISHTAR (Implementing Secure Health Telematics Applications in Europe) 1996-1998).

paw Joachim Biskup, Gerrit Bleumer: Cryptographic Protection of Health Information: Cost and Benefit ; International Journal of Biomedical Computing 43 (1996) 61-68 (presented at IMIA WG4 Working Conference '95, Helsinki/Finland).
   
paw The ISHTAR Consortium: Implementing Secure Healthcare Telematics Applications in Europe; SHTI Vol 66, IOS-Press, Amsterdam 2001 (ISBN 9051994893).

 
 
colorsep

Home | Current Activities | Research Interests

Valid HTML 4.01!

Last updated on May 20, 2008