This website contains supplementary material related to the paper "Protecting Digital Identity Wallet: A Threat Model in the Age of eIDAS 2.0".
Supplementary Table S1. This table reports for each identified threat: threat sources, affected entity/asset, the phase, threat category, vulnerability, attack technique, controls, and if it is a security or privacy threat;
Supplementary Table S2. This table reports for each asset: the asset code, label/category and the relevant sub-assets;
Supplementary Table S3. This table reports the definition of the threat category based on STRIDE and LINDDUN;
Supplementary Table S4. This table reports the definition of identified vulnerabilities;
Supplementary Table S5. This table reports the definition of identified attack techniques;
Supplementary Table S6. This table reports the definition of identified controls;
Supplementary Table S7. This table reports the preliminary analysis of OpenID4VC threats and for each identified threat: threat sources, affected entity/asset, the phase, threat category, vulnerability, attack technique, controls, and if it is a security or privacy threat.