Title: eSecurity
1eSecurity
Gerald.Santucci_at_cec.eu.int
ISSS/LORIS 2003 Conference Hradec Králové, 23-25
March 2003 eSecurity in the IST Priority of the
6th Framework Programme
2All along the chain of Internet services,
there is an essential need for security
featuresErkki Liikanen, EC Commissioner,
ISSE1999We are in the middle of a change in
how security is doneRoss Anderson, Cambridge
Univ.Are we capable of remembering and solving
all our economic, political and other questions
in harmony with the claims of human being and
national existence?Karel Kosik (1926-2003),
philosopher, Our Current Crisis
3Why Dependability and Security in FP6/IST ?
4Trust and Security in FP5
5A first assessment of work in FP5
6Overview of EU activities
7Changing the paradigm for security
Security in AmI Space (in the open)
Security in ICT (obscure)
8From the ICT to the AmI Space paradigm (1)
- Empowerment of people through a digital
environment which is sensitive, adaptive and
responsive to their needs, habits, gestures - Ubiquity
- Network/object/service awareness
- Intelligence
- Natural interaction
9From the ICT to the AmI Space paradigm (2)
- Unprecedented requirements for Cyber Security
- sharing computing resources
- ensuring the dependability of the IC
infrastructure - managing digital assets
- engendering trust within the user community
- carefully assessing social and economic
implications (seamless integration and
interdependence between technological and human
systems) - Need to find a balance between the use of
advanced ICT, social processes, personal
accountability, and ethics
10From the ICT to the AmI Space paradigm (3)
- What will do the IST Priority of FP6?
- Stimulate and support the development of
knowledge and technologies - Handle the open questions by fostering
multidisciplinary and ambitious research on
dependability and security - cryptography, biometrics, trusted smart devices,
etc. - novel scenarios of mobile networks, environments
and codes - digital identity management
- survivability and interdependencies of
infrastructures
11Building on the past to shape the future
NEXT 10 years (2003-2014) ...to Security in
Ambient Intelligent Space
PAST 10 years (1992-2002) From Security of
Information Systems...
RACE / ACTS ESPRIT/IT TAP INFOSEC / ETS ISIS
_at_
Budget35M
Budget88M
Projects50
Projects67
ResultsStrategic security frameworks User
service requirements PKI trials Specifications,
standardisation, certification
ResultsICT Security community high-risk
technologies, applications processes
12Clusters for Dependability and Security in FP6
- Securing the Individual
- identity management
- privacy and PETs
- mobility
- Securing Communities - B2E, B2B, B2C, as well as
agents, devices... - legacy digital
- mediation of security policies
- timed security and mobility
- Securing Critical Infrastructures
- dependability
- interdependencies
131/ Securing the Individual
- Short term Multi-platform access to eServices
- Digital assets and identities become raw
material for a digital economy - Management of multiple identities for different
contexts and for interdependent processes
(eBusiness, eHealth, eGovernment) - Industry initiatives (Web Services, Liberty
Alliance, W3C/P3P, SSO, MS-Passport, PKI, etc.) - Complexity of the intermediate infrastructure
and services - Medium-long term Ambient Intelligence, seamless
interactions with services - Electronic environments that are sensitive and
responsive to the presence of people - New models of privacy management
142/ Securing the Communities
- Society increasingly dependent on communication
networks and information systems - Open, interconnected, interoperable,
plug-and-play, wireless in everything - Traceability of the bits Data now is living
and active objects - Enterprises in multiple dynamic networks mobile
worker needing access to corporate data (B2E) - Communities should be able to choose their own
security policies - Mobility challenges seamless service provision
(multichannel, multi-device, multi-context-at
home, on the move) - Security to consider type of communication
(wired, wireless) and semantics of the
applications (health, voting, banking, auction,
B2B)
153/ Critical Infrastructures (1)
- Long term goals
- Build robust foundations for IS through novel
multidisciplinary and innovative system-model
approaches, architectures and technologies to
realise dependable, survivable and evolvable
systems, platforms and information
infrastructures. - Understand, model and control interdependencies
between large-scale systems and infrastructures
resulting from the pervasiveness and
interconnectedness of IS technologies.
163/ Critical Infrastructures (2)
- Focus
- Technologies, architectures systems robust
open source software advanced ubiquitous and
wireless technologies new architectures and
computing paradigms (covering autonomy,
self-adaptability, self-healing, real-time,
etc.) distributed attack detection systems
modelling and synthetic environment for real-time
dependability and continuity analysis
extensively deployed networked embedded system
etc. - Metrics assurance including plasticity and
human aspects of systems tools for real-time
patterns and analysis of open network traffic
data complexity issues verification testing
certification etc.
173/ Critical Infrastructures (3)
- Focus
- Interdependencies micro macro dimensions
large-scale modelling and simulation
capabilities network awareness technologies
emergent systems properties time dimension
social and cultural dimension risk perception,
communication and awareness risk management in
open environments... - International co-operation focussing on
technical domain of common interest and mutual
benefit (e.g. modelling interdependent utilities
dependability certification, reliability and
security of computational GRIDs, trustworthy and
dynamic information sharing, etc.)
18