Title: Diapositive 1
1 French (Network) Security Research Activities
Serge Fdida University Paris 6
CNRS Contributions from Michel Riguidel
(ENST) French/Japanese Joint Symposium on
Computer Security Tokyo September 2005
2Background
- Research activity on Security in France was quite
fragmented - Some strong communities
- Cryptography (Research Action ACI)
- Proof Formal methods
- Dependability, Reliability
- Industrial / Gov interests
- Limited public funding
- Security (at large) not recognized as a noble
area and found to be limited in scope! - Lack of programs in Education
3Background (2)
- Security is multidisciplinary,
- Incentives to bring researchers into this area
- Expose this area as a priority
- Initiatives launched in 2003
- ACI (Joint Incitative Research Action) Ministry
of Research/INRIA/CNRS - Head by Claude Kirchner
- RNRT (National Research Network in
Telecommunications) special focus - Monitored by Michel Riguidel (ENST)
- Strong link with Europe IST FPs
- STIC/Asia Program
- Expert Committee on Security at CNRS
4Security Targets
- Homeland (Defense)
- Critical Infrastructures (semi public, semi
private) - Trust to fight against cyber terrorism, strong
cybercriminality - Safety, Security, Dependability
- Crisis management, public awareness
- Resilience
- Cybersecurity (public, private)
- Trust to fight against hackers, cybercriminality,
espionage, etc - Security, Dependability
- Privacy
- Resilience
5Emergence of new security challenges
- Critical infrastructure protection
- Large scale complex systems (ICT physical
infrastructure) with interdependencies
Electricity power, water supply, networks, etc - We need robust and resilient infrastructures to
reduce vulnerabilities - Security of Smart spaces or Ambient Intelligence
- Pervasive and ubiquitous computing
- Electronic devices, sensors disseminated, not
supervised - We need to introduce ambient security
- Global Localization Information, Global
Identification
6Emergence of new security challenges (2)
- Networked communication systems (self-x
architectures) - Self organizing networks, architectures of
Internet caches mirrors, DNS-Sec, - Self healing architecture, privacy in mobile
networks - Grid security
- Reconfigurable distributed organization to
provide a service - Spontaneous real time organization
- We need
- To secure the grid (components infrastructure)
- To be protected from malicious grids (ethical
computations) - Content protection
- Video distribution, DRM,
- Require
- Fundamental research
- Application Test-Beds (measurement, honeyspots,
)
7RNRT Security Call For Projects in 2005
http//www.telecom.gouv.fr/rnrt/index.htm
8RNRT
- Created in 1998
- Fund 212 projects, 200 M, Cost 440 M
- Funding to launch calls in the area of
Telecommunications and Networking - Joint projects Industry, Academia, SMEs
- Budget of about 30Me for 2005
- Peer with RNTL (Software), RIAM (Multimedia)
- Linked with ARA SIASE (C. Kirchner)
9Security (1)
- The 2005 Call for Projects addresses the new
practices modern approaches in Security - Security of software Content Distribution
- Digital Rights Management, Intellectual Property
Rights, - Security of New Architectures Paradigms
- Grids, P2P, Ad-hoc,
- Just-in-Time Security
- Downloading patches, weekly or daily Software
upgrades, reconfigurability - Security Crisis Management
10Security (2)
- The Call for Projects is focused on security of
Complex Systems or Infrastructures - With heterogeneous technologies
- Taking into account non functional properties
(mobility, interoperability, flexibility, ) - Infrastructures, Networks, Very Large Information
Systems - Networks Information Systems (enterprise,
personal) - Multimedia Content
11Security (3)
- IT networks
- Internet, WiFi, Enterprise LANs, Bluetooth, RFId,
Sensors, - Telecom Infrastructures
- Satellites constellations, telecom networks,
mobile networks (GSM, GPRS, UMTS, WiMax) - Broadcast networks (TV, Radio)
- Content protection, digital movies (trust
digital chain) - Information Systems
- Government, Enterprise, Home Personal Networks
12Security (4)
- Security Functions point of view
- Identity of a physical person
- biometry, with trusted personal entity smart
cards, etc - Authentication
- with digital signature, labeling or watermarking
- Audit
- facts accountability, personal accountability,
traceability - Management of rights, privilege, etc
- Authorizations
- with security policy
- Security Management
- tools administration, overall assessment of the
security assurance level
13ARA SIASE
- Follow-on of the ACI Security
- Presentation by Claude Kirchner
14Europe
- National / European projects
- French academic Industry are largely involved
- Integrated Projects
- Networks of Excellence
- STREPs
- Security in FP6
- Security in FP7
15Security in FP6with France participation
16Europe FP6 some examples
- NoE FP6 - ECRYPT Cryptography, J Stern (LIENS).
INRIA. - IP FP6 - SEINIT Network Security. M Riguidel
(LTCI) head of the project - IP FP6 - SECOQC Quanta cryptography. Philippe
Grangier (CNRS, Laboratoire C Fabry de lInstitut
dOptique) and M Riguidel involved - IP FP6 - PRIME Privacy (Privacy) and Identity
management. Y Deswarte (CNRS) and R Molva (GET)
involved. - IP FP6 - e-JUSTICE Common secured exchange
platform for administrative information's. R
Molva (GET). - IP FP6 INSPIRED Personal data authentication.
INRIA involved. - NoE FP6 Biosecure Biometry (GET).
17e-JUSTICE Towards a global security and
visibility framework for Justice in Europe
- To define, develop, teach, test and prepare the
deployment of a complete and innovative system to
improve security of the communities and the
privacy of the bearers, and to provide
interoperable keys to digital information. - Research on security will focus on smart
identity cards, on-chip combined biometrics,
cryptography and PKI interoperability, and rights
management. - Eurecom, Thales, Greffe Tribunal Paris
18INSPIRED Integrated Secure Platform for
Interactive Personal Devices
- To specify and develop a new generation of secure
portable devices called Trusted Personal Device
(TPD), addressing the main requirements for trust
and security of the information society - The TPD technology can provide devices that will
combine a fully integrated security architecture
(HW, SW, OS, communications) with
ultra-portability, low-cost, and advanced
networking and mobile communication features. - INRIA, Gemplus, Schlumberger,
19PRIME Privacy and Identity Management for Europe
- To research and develop approaches and solutions
for privacy-enhancing identity management, - The project will address foundational
technologies (human-computer interface,
ontologies, authorisation, cryptology), assurance
and trust, and architectures. - Application scenarios, including on-line
healthcare systems, location based services,
privacy preserving customer databases, anonymous
access to infrastructure for mobile workers,
privacy enhancing ambient intelligence. - IBM fr, LAAS-CNRS, Eurecom
20s-BORDER Privacy respectful and threat tuneable
traveller smart monitoring system
- To promote the early adoption of Automated Travel
Document Control and Risk Assessment systems
during the various phases of the travel,
including the border control, - Technologies such as advanced biometrics,
contactless chip circuits, digital certificates
and scoring systems to both automate the flow of
no-risk passengers and allow detecting potential
risky ones, - France Telecom, Gemplus, Sagem
21SECOQC Development of a Global Network for
Secure Communication based on Quantum Cryptography
- To specify, design and validate the feasibility
of an open Quantum Key Distribution (QKD)
infrastructure dedicated to secure communication
as well as to fully develop the basic enabling
technology. - The ST objectives are to design physical
devices ready to allow applicable Quantum Key
Distribution - University Nice, Thales, Laboratoire dOptique,
ENST
22SEINIT Security Expert INITiative
- To ensure a trusted and dependable security
framework, ubiquitous, working across multiple
devices, heterogeneous networks, being
organization independent (interoperable) and
centered on the ambient intelligence around an
end-user. - The project will explore new security models and
build the architecture and components to address
the nomadic, pervasive, multi-players
communicating world (IPv6) - Thales, ENST, 6Wind
23ECRYPT European Network of Excellence in
Cryptology
- To ensure a durable integration of European
research in both academia and industry and to
maintain and strengthen the European excellence
in these areas. - 35 leading players will integrate their research
capabilities within 5 virtual labs focused on
symmetric key algorithms, public key algorithms,
protocols, implementation, watermarking. These
labs will advance the state of the art in their
domains and develop common tools, - ENS, Gemplus, Cryptolog, CNRS
24Security in FP7
- A proposal for Strategic Objectives of the FP7
embracing all the security paradigms of the past
30 yrs and the next 10 years - Security, Trust Dependability of
- the new pervasive digital landscape ambient
intelligence - Infrastructures of the digital urbanization
- Interdependencies, survivability, robustness,
resilience, maintenance of trust - Massive passive and low-energy wireless
autonomous computers (RFIds, etc) - Peer to peer and new spontaneous architectures
(grids) - Security of distributed virtual operating systems
- embedded systems end-user terminals
- Security of hardware (smart cards, low energy, )
- Security of new nanokernels operating systems
25Security in FP7 (cont)
- Privacy of European citizens
- with a set of profiles of virtual identities
- Biometry, personal attributes
- History elements (Tracing activities to be
checked, that can be deactivated) - And with trusted personal entities
- Security of complex and/or massive computing
services data knowledge - Large databases, web services, semantic web
- Grids of computations
- Distribution of content, mobile code
- Virtual communities
26Thanks
Babel Tower Security Management
How to secure to manage the security
infrastructure ?
27CNRS STIC
28(No Transcript)
29Key elements
- Around 26 000 employees of whom
- 11 600 are researchers
- 14 400 are engineers and administrative staff
- 1 170 research units
- (85 are associated with universities)
- An annual budget of 2,6 billion euros
30(for 2006)
Board of Trustees
President
National council on scientific research
Strategic Planning Mission
Scientific department - MIPPU - 1
General Director
Regional Director IDF
Scientific department C - 2
General Scientific Director
Regional Director NE
Scientific department V - 3
General Secretary And DRH
Scientific department - HS - 4
Regional Director NW
Deputy General Secretary
Regional European International Director
Transversal Department EDD 1
Regional Director SE
Transversal Department I 2
Regional Director SW
Director of industrial and technology transfer
Institute IN2P3 - 1
Communication director
Institute - INSU - 2
31The STIC Department
http//www.cnrs.fr/STIC/
32Our partners
- Universities
- INRIA (The French national institute for research
in computer science and control - CEA (Atomic Energy Commission)
- GET (Education et Research in Information and
Communication Technologies) - etc.
33Staff in the STIC Labs May 2005
- CNRS researchers 813
- Researchers from other organizations 326
5334 - Permanent university staff 4195
- Ph.Ds. 4778
- Post-docs 321 5099
- CNRS engineering and
- administrative support staff
809 - from organizations 353 1746
- from universities 584
- TOTAL 12 179
34Regional centers
Lille
Lens
Valenciennes
Amiens
Compiègne
Rouen
Metz
Strasbourg
Ile de France
Nancy
Lannion
Brest
Troyes
Brest
Main centers
Le Mans
Orléans
Belfort
Vannes
Dijon
Angers
Tours
Besançon
Nantes
Secondary centers
Poitiers
Lyon
Saint-Etienne
Grenoble
Bordeaux
Nice
Avignon
Montpellier
Toulouse
Marseille
35Resources
- 23 M total budget (excluding salaries)
- 30 to 35 new permanent research positions per
year - 40 new engineering and administrative positions
per year - 16 short-term positions (typically 3 years)
- 40 post-doc positions (1 year)
- 40 Ph.D. grants
- 60 research positions for university staff
36Research units
- 114 laboratories
- 9 federations
-
- 14 joint laboratories with industry
- 10 international laboratories
37International priorities of STIC department
- Europe
- Asia
- China
- India
- Japan
- North America
38Main International Institutional Cooperation
Russia 1 common lab 1 twinning program 1
scientist exchange program
North America International common lab Georgia
Tech (Atlanta) Scientist exchange program
European communauty 2 european associated
laboratories Switzeland and Belgium
Japan LIMMS/CIRMM 2 Common labs JRL (project) 1
Scientist exchange program
Asia Outside Japan 3 commons labs IPAL
Singapore LIAMA China MICA Vietnam 1
Scientist exchange program
Central America 2 Associated Laboratoratories LAF
MI LAFMAA 3 years term
Australia 1 scientist exchange program
Information and Communication Sciences and
Technologies
39Partnerships in Japan
- ? JRL Joint Robotic Laboratory
- AIST National Institute of Advanced Industrial
Science and Technology with CNRS - ISRI Intelligent Systems Research Institute
with STIC - ? LIMMS Laboratory for Integrated
Micro-Mechatronic Systems - IIS Institute of Industrial Science, The
University of Tokyo - CNRS
- ? CIRMM Center for International Research on
Micro-Mechatronics - IIS Institute of Industrial Science