ISSS LORIS 2004 Conference

1
ISSS / LORIS 2004 Conference
Gerald.Santucci_at_cec.eu.int
ISSS / LORIS 2004 eSecurity How is Europe
Facing the New Challenges?
2
Agenda

• ICT in the Future
• Two Alternate Futures
• e-Security Vision 2015
• e-Security 2015 Four Big Challenges
• Elimination of Epidemic-style Attacks
• Trustworthy Societal Applications
• Quantitative Risk Management
• Security and Privacy
• Trust and Security in FP6 IST - Call 1 Year 2003
• MEDSI
• FIDIS
• SECOQC
• Conclusions

3
ICT in the Future

• Smaller, cheaper, embedded computing
• Ubiquitous computing, ubiquitous communication,
  intelligent interfaces (Ambient Intelligence)
• Global reach and global participation
• Growing volumes of data
• Growing population of user-centric services
• Internet commerce
• eGovernment
• On-demand services
• Telework
• Individualised entertainment

4
Two Alternate Futures

• Overwhelming unsolicited, junk emails
• Rampant ID theft
• Frequent network outages
• Frequent manual intervention
• Largely unchecked abuses of laws and rights

• No spam or viruses
• User-controlled privacy
• Uninterrupted communications
• Hassle-Free computing
• Balanced regulation and law-enforcement

5
e-Security Vision 2015

• Intuitive, controllable computing
• Reliable and predictable
• Supports a range of reasonable policies
• Adapts to changing environment
• Enables rather than constrains
• Supports personal privacy choices
• Security not as an afterthought, but as an
  integral property

6
e-Security 2015 Four Big Challenges

• Eliminate epidemic-style attacks within the next
  decade
• Develop tools and principles that enable
  development of large-scale systems for highly
  trustworthy societal applications
• Quantitative risk management of
  information-systems
• An Ambient Intelligence Space that gives
  end-users security they can understand and
  privacy they can control

7
Elimination of Epidemic-style Attacks (1)

• Viruses and worms
• SPAM
• Denial of Service attacks (DOS)

8
Elimination of Epidemic-style Attacks (2)

• Epidemic-style attacks can be fast
• Price of entry is low for adversaries
• Unpredictable attack techniques and sources
• Polymorphic worms and viruses
• Anonymous attackers
• No organised active defence
• Poor visibility into global Internet operations
• No emergency global control

9
Elimination of Epidemic-style Attacks (3)

• Cost of attacks are tremendous
• Costs to enterprise operations
• Decreased productivity
• Loss of confidence in information infrastructure
• Internet is being used today for critical
  infrastructure
• Hospitals, ATM networks, utilities, Air Traffic
  Control
• Eliminating malicious software will
• Support emerging applications in areas of general
  interest (e.g. telemedicine)
• Increase trust and confidence

10
Elimination of Epidemic-style Attacks (4)

• Nobody owns the problem
• Finger-pointing among developers, network
  operators, system administrators, and users
• Lack of Internet-scale data
• Lack of Internet-sized testbeds
• Lack of legislative support
• Conflicting economic interests

11
Elimination of Epidemic-style Attacks (5)

• No more
• Internet worms
• Internet-wide service interruptions
• Massive spam attacks against ISPs, email
  providers, and businesses
• Internet protection
• Supplied standard on all new computers, routers,
  large small appliances
• A mitigation strategy is available for existing
  infrastructure

12
Trustworthy Societal Applications (1)

• Patient medical record databases
• Fully supported electronic elections
• Law enforcement databases, ...

13
Trustworthy Societal Applications (2)

• Ambient intelligence pervades all aspects of
  society
• Systems are being built and deployed now that may
  not be fully trustworthy
• Critical applications must be trustworthy

14
Trustworthy Societal Applications (3)

• Reconciling various legal regimes with
  technological capabilities
• Provision with acceptable cost
• Achieving balance of privacy with security in
  record-keeping
• Integration/replacement of legacy applications
  having lesser (or no) protections

15
Trustworthy Societal Applications (4)

• e.g., create online medical databases that
  survive severe disasters and attacks without
  human intervention
• Confidentiality no authorised disclosure of
  records
• Integrity no unauthorised alteration of records
• Auditability record all attempts to access
  online info
• Availability maximum downtime less that 2
  minutes per day, and an average of less that 5
  minutes per month
• Accessible globally

16
Quantitative Risk Management (1)

• There is no sound and efficient management
  without measure if you dont have a measure,
  either you under-protect or you over-spend
• What you measure is what you get
• Measuring the wrong thing is as bad or worse as
  not measuring anything at all
• The measures ultimately need to be consistent,
  unbiased, and unambiguous

17
Quantitative Risk Management (2)

• Getting the model right, picking the right
  measures, gathering the right data
• No one wants to be first to disclose information
• Data sharing and common terminology are required
• Legal, cultural, business, and scientific issues
• The I dont want to know mentality

18
Quantitative Risk Management (3)

• Ability to predict outcomes
• Ability to titrate choosing our point on the
  cost vs. risk curve
• Businesses and governments can take more risk and
  gain more reward
• Ability to communicate across the boundaries of
  shareholders, suppliers, regulators, the market
• Risk transfer for information security can
  achieve liquidity

19
Security and Privacy (1)

• Technology can easily outrun comprehensibility
• Security implementation must not make this worse
• End-user should not lose control of his/her
  information, privacy, location

20
Security and Privacy (2)

• The looming future
• Instant access to information
• Exploiting the benefits of ICT everywhere
• Convenience, safety, empowerment
• Why a challenge for this community?
• Avoid the high pain of leaving these concerns for
  later
• Product-makers should not be the only
  stakeholders in the design process
• Threats to privacy are a critical concern
• Multicultural issues

21
Security and Privacy (3)

• Its important to get in at the beginning
• The Internet experience informs us
• Its also a social system, not simply a
  technology
• Once we give up privacy or security, we may not
  be able to regain it
• Important to assert a leadership role while we can

22
Security and Privacy (4)

• User needs are much broader than traditional
  security models
• Dynamic environments and device heterogeneity are
  challenging
• Multiple competing stakeholders
• Difficulty to make things usable
• Real-life user security requirements and policies
  are hard to express in terms of current mechanisms

23
Security and Privacy (5)

• Societal acceptance
• Does the user feel in control of this world she
  now lives in?
• Has the user in fact lost control of his
  information, his privacy?
• Emergence of a ubiquitous cyber space that is
• Simple and easy to use
• Dependable, reliable
• Trustworthy
• Not overly intrusive

24
IST in FP6 - Call 1 Year 2003

• CZ Participation in Proposals
• 12 participations (out of 1127, i.e. 1.06)
• No co-ordination (PL 2, BG HU 1)
• CZ Participation in Projects
• MEDSI (STREP) 2
• FIDIS (NoE) 1
• SECOQC (IP) 1

25
MEDSI

• Management Decision Support for Critical
  Infrastructures
• 18 months - 11 participants
• Rationale
• Asymmetric threats gt it is necessary to provide
  a new open framework for data sources fusion and
  interpretation
• Objectives
• An innovative system providing an integrated set
  of services to crisis managers and planners in
  order to protect critical infrastructures
• Main innovations
• A tool to define and manage crisis scenarios for
  CIP
• A scalable system inter-operating with other
  existing or under development systems gt huge
  quantities of information accessible
• A new concept of GIS and simulation integration
• Czech Contractors
• T-SOFT spol. s.r.o. (crisis management)
• GISAT s.r.o. (remote sensing and geoinformation
  service)

26
FIDIS

• The Future of Identity in the Information
  Society
• 60 months - 24 participants
• Rationale
• New concepts of identity emerge with the
  development of e-Society, e.g. multiple identity,
  pseudonymity, anonymity
• At the same time, needs for identification and
  authentication are growing, in particular for
  official activities
• Objectives
• Shaping the requirements for the future
  management of identity
• contributing to the technologies and
  infrastructures needed
• Main innovations
• overcome the fragmentation of research into the
  future of identity
• durable integration of the implementation of
  research efforts
• Czech Contractor
• Masaryk University Brno (cryptography, privacy,
  biometrics)

27
SECOQC

• Development of a Global Network for Secure
  Communication based on Quantum Crytography
• 48 months - 42 participants
• Rationale
• Currently used encryption systems are vulnerable
  (e.g., increasing power of computing technology,
  emergence of new code-breaking algorithms,
  imperfections of PKIs) gt quantum cryptography
• Objectives
• To specify, design and validate the feasibility
  of an open Quantum Key Distribution
  infrastructure dedicated to secure communication
• Main innovations
• Novel and reliable methods for secure long-range
  communication
• Increased trust in applications (e.g., e-vote,
  e-commerce)
• Czech Contractor
• Palacky University (Department of Optics), Olomouc

28
Conclusions

• Europe is confronted with major challenges in the
  field of Security
• Immediacy of threat has led so far to excessive
  focus on short-term RD
• Lack of a culture of security across Europe
• Enlargement represents both another challenge and
  an opportunity to devise European solutions
• Policy lags innovation
• Problems include yet go beyond national defence

29
More Information

• http//europa.eu.int/index-en.htm
• http//europa.eu.int/information_society
• http//eeurope-smartcards.org
• http//www.cordis.lu/ist/
• http//www.cordis.lu/ist/ka2/smartcards.html
• Jacques.Bus_at_cec.eu.int (new Head of Security
  Research Unit)

30

• Dekuji!