Jean-Marie Tirbois, Almerys:
How can we return the internet user to the heart of the exchange of information?  Ebee repositions the debate

Internet users are nothing but information seekers.  We must reposition the individual as the central element of information exchanges.  Ebee returns the individual to their rightful place and redistributes the relationships.  After having explained this argument's principles, the presentation will treat this issue with a solution-based approach.


Ok so we're going to move on to the next part of today's presentations - which is somewhere in between an application of everything which Pascal presented to us

So we are going to see this during the presentation

So to get started we are going to speak largely about 'digital trust', often enough a large word, and which can be difficult to define

So we'll discussed that briefly, and then more importantly we will discuss what type of application, what can we put into place, what kind of tool can we apply to instill 'digital trust' today for individuals?

So there you have my part of the discussion during this debate

So for the first part, what does it mean, 'digital trust', if we don't have it?

Something important to note, today digital trust it doesn't exist or it is very rare

This primarily limits, in a fundamental way, the ways in which people can use the Internet; I mean that we are limited in terms of Internet services, because we do not have the necessary criteria related to digital trust

I don't know, as an individual, what is done with my personal information, where is it stored, who uses it, who can copy it and use it again?

So what do companies do generally? Normally they outsource the risk - the outsourcing of risk is usually done with their costs of course, involving their services

But also certain contracts that companies put forth in order to protect themselves

And so today necessarily, one of the great things about the Internet is the fact that it's free; so here we have a real paradox -

the company which puts forth an outsourcing of costs, which the company will in part recuperate at the expense of the user; and so here we have a real paradox in the usage of the Internet

And the presence of digital trust while using the Internet

So today it is basically what's happening, I've given you to principal examples, how have we gotten to this point today? Because they is no digital trust

Basically what we have today, we have this enormous world online, full of information, full of client sign-on areas, and each company proposes a client area, and in order to access such an area

You enter in a password, a login and a password, and you've got a different login and password; but at the end of the day, you end up using the same login and password

And so you have access to all of your websites, sometimes websites for security, somewhere there is personal information that will represent you throughout the Internet

So basically what will happen; Pascal was thinking about this, in just a matter of minutes, the people present here in this presentation, we could know who is involved in swimming, who's on a diet, etc.

Just by a couple of keystrokes on the Internet

And then, necessarily, this information which is transmitted by email, this is something which, even if it is ever present today, will eventually die out,

My son who is 17 years old, is no longer at all interested in email, he is rather concerned with immediate communication, and direct messaging, which passes over the Internet

As always up to today, when considering the moment you need some informaiton, generally you log on to your client area, the website tells you, 'the information that you have, I can send them to you over the Internet', and you receive them over the Internet

So typically you'll go to your Gmail, or by platforms located in North America, and you find yourself under the purview of the Patriot Act, and now the information is stored and interpreted 

So the second example, it's typically dealing with a bank account; what I do today if I want to get a bank loan? While what I do is I log on to my client area, I fill out a form

'I want to take out a loan', and then after that the banking institutions send you by the post the completed document, you make some photocopies, you didn't touch with your banker over email,

And then your banker can get touchy by phone, today that's how it works

And why? You weren't able to apply for a loan using this client area because he didn't trust the process

So all of the things that we talked about before were elements that contributed to the evolution of the Internet

So what we say today is that in order to achieve digital trust, an overall trust, is that trust establishes itself over time, that's clear

The problem that we have also is that it has to be sustainable and long-lasting, because as Pascal mentioned earlier, as soon as there is a doubt, it all comes apart

Digital trust, which we will see in a moment, is linked to security elements which are physical and logical, which represent heavy investment on the part of industry actors

And as soon as there is the smallest the doubt, these investments are lost, and then the company itself is in danger

So the solutions today for establishing digital trust, this overall trust, require the establishment of a massive physical security

So here for example, when speaking about Almerys, Almerys has installed a tier 4-type bunker, with a high level of bandwidth and security, which is very expensive

We've got a logical security, which uses advanced techniques to protect access; a logical security, so called 'access security' - so we're going to have elaborate security measures

Elaborate security measures here in France, as soon as we are speaking about physical security and access, 

These heavy/elaborate measures, we can weigh them, and notably I weighed them abroad, in Poland for example, when you get into one of these spaces here, this is what will happen with Almerys for example,

you will pass through several levels of security, with several access controls, notably biometric information, including blood information, and then you are measured, and filmed to have all of the information

So this is very cumbersome in terms of logical security, and also the security processes are very cumbersome

Why? Because the security process must absolutely respect these two elements, the physical elements and the logical elements

And so there's the whole area of access security linked to security processes; and then there's the interesting part in the background

Users need special tools in order to plug-in to these different physical and logical elements of digital trust

So my objective is to present to you one of these tools which we have developed at Almerys, and which allows for the use of digital trust primitives, which allows for the use of security primitives, 

So everything a Pascal presented to us moments ago, is at play when considering EBEEOFFICE, this tool

So with EBEEOFFICE, it is a consequence of digital trust; so to the academics I say 'keep working, we need you' to help establish this idea of digital trust, and to work on establishing new tools 

EBEEOFFICE answers questions relating to trust, because us as users, and I consider myself a user, I need these questions answered, 

EBEEOFFICE responds to the concerns of individuals, the concerns of businesses; typically when I am involved in business, all I want is, all the information that I am given is done in confidence,

and is durable over time, in terms of content and by means of transimission

And so it creates a lot of business; digital trust, what does that mean? It means that I'm going to be able to create tools, these tools will manage my own information, my digital life, and my digital life is something that I don't want to be spread all over the place

So beyond that, we said a moment ago, the trusted third-party outsources the risk, the fact that they outsource the risk shows us that they don't believe in the overall global trustability of their systems

If not, they wouldn't outsource their risks. Typically, and Pascal mentioned it earlier, banks outsource their risk, meaning the moment someone uses a bank card on the Internet, that's not a big deal,

Because the moment you pay for your card, you are paying for the risk that your card could be copied or stolen

And so in fact it's you who pays, you who are taking the risk for the bank

But more importantly, this brings individuals together with their data by way of the Internet.  Who would put their medical information on the Internet today? Nobody, nobody here would do that today.

So what should be said, this tool which is called EBEEOFFICE, is a tool which operates on a large scale - it's going to change the relationship which we have with the Internet

I'm going to try to explain his diagram quickly here, where we can see all of the components involved in EBEEOFFICE

Typically, in the center you've got the individual, which can be represented by a private individual, but also could be represented by a professional individual, someone who works with the company and has various functions within the company

So what do we have here? We have a 'circle of trust'. The information which is found within this circle is private information on which digital trust will play a crucial role

All of my digital 'DNA' is found here (within the circle)

And beyond that, I've got a ring of infrastructures that will engage with me as trusted third parties

Around that, a number of services, governmental services, voting for example, such as Pascal spoke about a moment ago, the Ministry of services, services provided by local government, service provided by businesses, with different communities or associations, etc...

And then I classified all of that by four main areas which govern the digital life of an individual - starting with participative democracy, I vote, and I want that to be completely anonymous, that my vote is secret

My life as a citizen, my life on the Internet (vie citoyenne)
my social life, my public life, my everyday life (vie civile)
And then my well-being in my health, sports, well-being and health

So these for main areas govern my digital life

And how does this work? This all works thanks to a large circle of digital trust; within this circle will find areas of academic research of which are speaking today, and this is why we established these elements related to research

Notably this very industrial chair

Barometers which will allow us to measure overall digital trust

And of course innovation, and the physical aspects, the bunkers of which I spoke few moments ago

And all of this is going to work under the sole condition, well it has worked, and it will generate economic development

It must be said that today if we don't have digital trust tomorrow, we won't have economic development in the digital sector, it will stagnate

So we are obligated to go from the Internet of voyeurism to the Internet of built, measured, and controlled exchange

So this part here, we will necessarily have to consider the nature of interactions; I'm talking about here an individual alone, but each individual is a part of a whole, and this 'whole' will generate interactions among each of the levels

It's these interactions which are interesting, because these interactions must remain completely secret to either individual

These individuals are employees, this could be a situation where an employee is discussing something with a private individual; this could also be a situation where two private individuals who exchange information over the Internet

And in a completely secure way

So what are the fundamentals of security? We are to consider once again the primitives, which Pascal told us about earlier, I'll go over them one after the other

The first is strong authentication, know that by strong authentication I mean that it is an authentication by two levels, a very strong authentication is one at three levels or more

And then we've got order known as 'weak' authentications, which simply require a login and a password

So a strong authentication today takes the form of an electronic chip in which we will put certificates and double keys (bi-keys), as many certificates as double keys,

We are ready to have in this electronic chip strong authentication certificates, signature certificates, and cyphered certificates, in order to leave the use of ciphering to the user, to the individual

And of course this chip here is found within one of these devices, which are tokens or electronic chip cards, all of the different media which support electric chips, USB keys with or without contact, and with the biometric aspect added in

A major piece of information, but a principal piece of information nonetheless today

This chip can be integrated into mobile phone, in different technology, the kind which we want more and more today

Next going to talk about a high level of notarization, that is to say I want to know at any given moment what is going on with my information how is it being communicated and how it is being manipulated

So I've given you a brief little diagram, so basically you got three parts

So the first is a private individual, the second is a partner, this could also be an individual, so there is some sort of exchange between a private individual and a partner, and here you got a trusted third-party

This third-party is very important because it is they who will guarantee the digital trust in an exchange

You've got an area here which is piloted by the third-party, and you got two doors which will never be open at the same time,

So how does this work? Essentially, the private individual will remove a signed document from their safe,

Did private individual will take the signed document, will open the door into the secure area, and he will place his document in the secure area

Once the document has been placed in the secure area, the trusted third-party will trace and note the proof of the traceability of this document being submitted,

So we're going to have a time-stamp, a hash function of the document, (hashing the document means to take imprint of the document),

and as the trusted third-party, we are going to attest to the fact that these elements here are indicative of this document

And then what we're going to do, we are going to make this document available to the recipient

Globally, and in terms of the user, we are then going to put these documents in a safe, and we're going to alert the user - the door is then closed, the sender has exited,

So here we send the alert either by email or by text message, or by telephone, we are totally flexible on this point

And here the user is going to enter into the space, and then he's going to get back his document, they are going to sign for the fact that they have received their document, 

And once again, we are going to hash, time-stamp, and sign the document - we have a proof of data entry and a proof of data exit

The user then takes back their document, and then will once again store their document in their safe

And here we have a comprehensive system of proof notarization from start to finish

So all of the pieces that we have just seen make up the proof, and each authorization that we have seen will highlight the fact that each step of authorization will be applicable in the eyes of the law,

Something which is not true today, will in fact be true with EBEEOFFICE

So the third, I mean the fourth major component is the electronic signature, every document that you have seen is indeed signed, our signature keys today carry relatively high levels, as we are at 2046 bits, and we know how to go even farther

And finally we highlight the notion of 'security on-demand', with the security on-demand, I'll go into details of that in a moment, we've got a space which is our own, security is an important element, 

However, we know how to stratify this security, so that one can have access to certain types of documents in the EBEEOFFICE space

We have a completely user-centric; it's a little bit the opposite today when dealing with the Internet, it's the Internet which is in the center, and you who has to go to the Internet

Here, what I'm going to show you in just a moment, it's you who's at the center, and you are going to receive all the confidential information that you need, at the moment that you need it

So it's a trusted space, the individual can be professional, according to the state of the individual; for instance if I consider myself an employee, I am an employee, so I have a specific status; if not, then I'm a private individual

My space, if I wish, is completely shareable, it can also be shared partially; and this totally electronic space of digital trust, I'm going to be able to share only a few photos, for example, and not all of them

And then, I have the ability to manage my alerts, this is not a completely static space, is a space which is going to alert you, 'hey, you've received your latest payslip', 'hey be careful your bank account is negative', 'hey, you've just received some information from your insurance company',

'Your insurance policy will expire in eight days'

So you're going to have a completely interactive aspect with your client space

So the principal concept, is the idea of a house.  Often in the literature we hear talk of a 'safe' - the safes, we've got many of them

Which means that EBEEOFFICE has a huge number of safes

You can see them here and red, each of them are safes

So you are going to enter here, I put three red bars because you're going to enter in by way of strong authentication, so via a microchipped token

And here you enter here, like in a house in a front hall, and here you'll have an update of the situation, a dashboard, information updates, services, etc... and a store for new services if you like

And here you've got all of your service providers; what we know about Internet users, or a typical Internet user, is that they have 23 service providers a year, and these 23 service providers include insurance companies, banks, associations, sports clubs, etc...

So all of these people here will be able to connect directly and send you information, and make their services available to you in a space that is yours, that belongs to you, that you can shut down when you like

If for example there something that you don't want at all to share; if I'm store here one of my documents, my birth certificate for example, nobody will go to look for that, nobody will be able to access it

And I'll show you why that is in a few moments,

And then I've got two other spaces here, one which is public, which isn't a space for being totally visible on the Internet, not at all, it is a space which will allow me to have information that I can share, with any type of Internet user

However these documents here, this access here (Private Universe), will be a completely private access, and I will be able to share any of the documents within

So we can say about this is that it is a space completely divided into different universes, we saw the universes here, each universe has its own safe, and each universe has its own services

And principally what is important is that each universe has its own usage, that each universe has a different usage, and that each universe has data, which could be videos, audio files, or .pdfs, whatever you like

So we are going to do a quick flashback, we spoke about this a few moments ago, we were horrified by the fact that we had so many different client areas,

All of these spaces which don't allow us to move completely online - so we're going to get rid of all of this, and we're going to move to something completely stable, with a young lady who is smiling,

So all of the relationships that we saw, and with all of the relationships which are established in this way, very simple and completely secure, with a trusted third-party, 

And which will finally trace all of your exchanges

And that through EBEEOFFICE, which will be directly in line with your mobile device, because today without mobility we are nothing; so the important point here is that you are able to access no matter where, no matter when

So necessarily you will have access to the website of your bank, but all of your exchanges with pass by here; what is interesting here is that here are going to be able to apply for a loan, no matter where you are at the time

For example you're on vacation in Hawai'i, you have exhausted your financial resources; don't worry, you're going to be able to apply for a loan from your bank directly  from the beach, and in complete security

Which today is not possible

So we're still based in this important component, the establishment of a digital 'DNA' of an individual, this 'DNA' is accessible by the Internet, under certain conditions, so the Internet is going to filter this information into the different spaces,

But what we can also say is that if I am an employee, then it will be another net that will filter my information into my employee universe, my information which is globally related to my job; my contracts, my vacation, my interview, etc...

Everything is going to be able to be stored not only here, and not only that, but from my home, from no matter where; going to be able to, for example, make a request for extra vacation days, because I like where I'm staying, and all of this of course in a legally valid and stable way


So security on-demand is relatively simple; we saw a few moments ago that necessarily by way of micro-chip cards, dongles, and biometric tokens, we've got strong authenitications, very strong authenticaions even, and here we have access to documents which are highly sensitive,

But, you can have access to this space with the use of a login and password, if you like; the difference here is that when you have a login and a password, you're going to have access to the main page and certain documents, but not all,

However, once you login with a one-time password, you are going to be able to sign, other spaces' access will open up, you are going to be able to sign, but you're not going to be able to use a certified signature

When you're going to have one of these three elements here, now you are working with a certified signature, and here even a lawyer can remotely sign contracts through this tool

So what we know we login, is that we have information that is not sensitive, I can put family photos here, for others, but on a one-time password I can have sensitive information, and also on a microchip card

So this is to show you that basically that on a basic login and password access, that I will have access to information which is public

Mobility is an important component here, because today we don't really respond when mobility is not possible, so this tool EBEEOFFICE functions with all types of devices, whether it's a portable device or desktop computer or laptop,


It can be used on a 4G network, and of course Wi-Fi, and in terms of types of exchanges, we can transfer voice data, etc; that is to say, in this space I will be able to perform electronic voting, e-exams, respond to polls, etc...So it is indeed a space completely open to such possibilities.

So in terms of mobility, we are going to use all sorts of devices; we are going to be able to propose virtual offices, typically such as with a Board of Directors, they are going to need to exchange sensitive documents, which we will see him in a moment, 

The goal of course being to have access to and work with private and professional property data under constant security, from start to finish

So the major points are the following; of course we have eliminated any notion of distance, you can be anywhere, I can hold my Board of Directors meeting from Paris, but the Chairman is in London; no matter.  Imagine I have a lawyer here and a lawyer in Halifax, it's okay both lawyers available to sign for documents in a totally legal way


So we're going to maintain a seamless security for start finish, and will also be able to manage the level of security


So here you have an example; I'm here and a colleague is somewhere else, the first aspect, in terms of mobility, what I'm going to do is, I'm going to open a secured communication session, once this secured the communication session is open,

I will be able to exchange, and I can make my exchanges relatively simply, here what we see is iPad user 1 sends a document to iPad user 2, stores it on his workspace on his desktop, and inversely iPad user 2 sends a document to the first iPad user

And then he decides to put it in his safe, and then we're going to open and perform some demonstrations, it's relatively impressive, basically using an iPad we're going to be able to create white boards, and communicate through a white board, when can put video in the same way, 

And of course all of this is traced by the trusted third-party, so there is no communication that passes by the Internet without being checked, and you will see in a few moments that everything happens with us in our backplane.


So after that I'm going to do the oppositte, I'm going to interrupt the communication and close out my session; so it's very simple, it's usable as you like, and lawyers are incredibly fond of such a thing, because today if for example we speak about a country like Canada,

When you are in Halifax, and Vancouver, there's a six-hour time difference between the two places, and went to lawyers have to work on a case together, they can work on it in an immediate way


So how does this work? So in order to operate this, we have a front office; it's what you see here, 'ebee Office', it's the tool that each Internet user sees

And then, the tool puts forward services, search services which don't have probative value, so ones that don't need signature, or the tool can put forward services that do have a probative value

We have developed an infrastructure that can be accessed with the public key, here, and then we've got our architecture of trust, the bunker which we spoke about moments ago,

So the exchanges will be done on a backplane, so we will do representation of the exchanges in the front office, but the actual data exchange will occur in a backplane,

So hastily what should be noted is that this ebeeOffice space is operated by a trusted third-party, Almerys, the services used today are indeed developed and operated by Almerys, but tomorrow can be services developed by students perhaps, or professionals

And then, this whole space of the trusted third-party, is a space completely secure, and which is put forward and operated by the trusted third-party


So, what does this give us? If I go back to all of the components of the digital 'DNA' of individuals, this is going to resemble a mesh network, but are we going to do with this mesh network?

What were going to activate it, and when it is activated it becomes very interesting because when I know this person here I can share information with them, but I don't know them like I would know somebody today on the Internet, that is to say, 

I decide that my name is Jean-Marie, or I can choose my name to be Murielle... that doesn't bother anybody, right?  I put a photo of Murielle, and everything is okay...

But here I can't do that, and why, because I have entered into this space my strong authentication, I have a digital identification card, and this digital identification card cannot be corrupted with fake name

That is to say that, when Jean-Marie speaks to Pascal, is in fact Jean-Marie speaking to Pascal, and not Jean-Marie speaking with the image of Pascal, 

So this means that I can demonstrate a network on demand, as I like, I want to work with Pascal and Olivier, it means that I'm going to work with Pascal and Olivier, and that's it

And I will act as the moderator, I have decided as the moderator to be connected with Pascal and we exchange information together,

And I have put in this trusted space a data room, which is not a sharing space, a data room is a place, still in our backplane, and from this secured network, and specific to the demand, where I can put all of the documents specific to our exchange

A Board of directors for example, is going to be able to place all the documents relative to a board meeting in such a data room; when I'm working on a corporate merger and/or aquisition, here I have a lawyer, there's moderator I'm the lawyer,

Here there's a company, and there, there's another company, and then I'll be able to exchange information by way of this data room

This is going to help to avoid what we experience often in these types of situations, couriers on scooters transporting documents under pressure between two companies and to have documents signed as quickly as possible

All this type of thing can be done in the space



So we see a number of different possibilities with ebeeOffice

Here what we have is a possibility completely around the Ebeenaute (ebee user), this will be an individual as a citizen, 

So the citizen is completely protected by a ring of trust, electronic signature for example

And so I've got all of my partners around, and one of my partners is my city,

But this paradigm here I could change it, for instance I was a typical citizen, but then I become a 'citizen, employee of the city', and I make available services of the city, for example I grant a building permit,

A moment ago I was an everyday citizen, but I can become a private citizen-employee of the city, responsible for the building permit request process, and say I could send such a permit to one of my neighbours


So the space here, really doesn't have any limit; because once we have demonstrated this ring of trust, really there is no limit, neither in terms of services, nor in terms of networks, nor in terms of application, we really are open to any possibility

So these networks on demand, what will that look like? Well we will see new private networks; because today we've got a plethora of social networks, but once again in these networks we can hide ourselves, 

Here you'll have a social network that is completely private; for example a child of 14 years old will be able to use one of the social networks without any risk

There are people who will not want to dissipate in such networks, well that's okay, it's a free country, if you don't want to participate, we can have networks of business owners, networks of businesses, networks of Boards of Directors, etc. etc. etc. 

There's no limit here either concerning networks on-demand


The services that go along with this, there isn't any limit either; we weren't able to find a limit really, it really is applicable to everything, all in all the services make up the various universes, each universe has services related to it,

Which can all be developed by any type of company, once these services have been developed, at the University by students for example, that's great, students develop services, 

And we, as a trusted third-party, are going to approve them, we are going to test them, we are going to give them a level of security, am going to integrate them into a universe

We are going to put them into the online store, and then each ebeenaute (ebee user) can buy them as they like, or use the proposed service

So the ebeestore, I've just talked about it, finally it's almost exactly the same thing as the AppStore,

And then, something else which is interesting, and I touched on this briefly earlier, is the fact that we are able to bring the user closer to the information which belongs to them

Typically, we were speaking of loans moment ago, if we move the process closer to the individual, that means he doesn't have to go to the bank, that's sure, but also the bank is making economies of scale, 

Because basically the bank is going to eliminate their back office, the back office which receives documents, which verifies the validity of the documents, etc...

And there you have it; basically we are dealing with a complete return to the internet, based on digital trust

What we saw is that 'my space, my possessions', I can share all of it or some of it, as I wish, I've got integrated services in my space, and from this space, which manages all of my digital property, and I can therefore manage all of my exchanges, of probative value, with my service providers,

So there you have a look at ebeeOffice

Thank you