Embed Size (px)
Citation preview
Security and dependability in FP6
Andrea SERVIDAHead of Sector
European CommissionDG Information Society - Unit D/4
Trust and [email protected]
2
Changing the paradigm for security
3
Security and dependability in FP6
• Security and dependability are key requirements for AmI - they embrace all the attributes and properties of “critical systems”
• There is a growing policy interest on security and dependability of information infrastructures and related interdependencies (economic security, protection of assets and IT investments, etc.)
• The IST Advisory Group has identified dependability as an important topic for AmI - further reinforced after 9/11
• Focussing on dependability implies stimulating an holistic reflection on our dependency on technology
• On-line privacy is a key requirement for mobile Information Society
• There is a growing policy interest on technical developments on virtual identity, virtual persona, anonymity, etc. with related tensions and open questions
• in IS the personal sphere of individuals would be more and more a technically open environment (AmI, instant networking, smart dust, etc.)
• Privacy is a human right that we need to preserve and technology should work to avoid a privacy crisis
4
The need for a more integratedapproached in IST
• The ISTAG report on Trust and security– To promote/support the migration to the AmI
Space paradigm through ensuring rapid and effective communication within the Security community of latest understanding of requirements and options.
• High-level advisory group• shaping the relevant programme and its content• being an enabler for the development of new markets• synergy from communication and cross-fertilisation
among researchers• ERA dimension + international co-operation dimension
5
Why an integrated approach to security in Information Society
• ICT and applications are more and more pervasive to Society, leading to new types of and larger scale vulnerabilities
• Economic and Societal interests go beyond technical security, as they relate to – business opportunities and growth: new business models, virtual
enterprising, delocalised workforces, tailored services, digital asset management, economic value of knowledge, etc.
– individual: privacy, confidentiality, intimacy, cyber-crime, protection of minors, ethics, etc.
– society: new dependencies on volatile technologies, long lasting preservation of knowledge and culture, digital divide, etc.
– governments’ recognition and power: interdependencies, critical infrastructures, national defence, social order, international governance, etc.
6
Why an integrated approach to security in Information Society (2)
• More and more intelligence and autonomy go in components/systems at lower and lower scale – large scale systems of casually networked and evolving
embedded devices,
– mobile codes in heterogeneous and mobile environments,
– volatility of networks and service infrastructures
• Security issues in the digital environment are global– geographical and jurisdictional boundaries disappeared
– the ultimate basis for “trust” and the recognition of “powers” in the digital environments are changing - recognition of states is blurring, new and local “trusted third parties” emerge, etc.
– easy, uncontrolled and unlimited access to potentially harmful technologies.
– the scale of potential disruptions is global
7
Example of potential co-ordinated
actions in security
Privacy
Basic technologies e.g. crypto, biometrics,...
Dependableinfra-
structures
SecuringContent
NoE’s to generateknowledge andtechnologies
IP’s to generate breakthroughs
Nationalprogrammes & industrialinvestments
Specific targetedresearch projects
Securingmobileservices
Personaltrusteddevices
8
Building on Call 1 - S.O. 2.3.1.5
• 89 proposals - 21 IP, 9 NoE, 51 STREP, 8 Other.• Provisional results
– 7 IPs on secure IPv6, secure personal devices, identity management, quantum crypto, biometrics, secure justice and secure travel documents;
– 2 NoEs on advanced crypto and identity management;– 7 STREPs on secure justice, policy-based network
protections, digital passport, smart cards, trust relations, biometrics and CIP.
• Overall budget of ~76M€
9
Building on the Roadmap Projects
DDSI
AMSD : Overall Dependabilitye-business
embedded
CIP privacy
PAMPAS
mobile privacy & security
AMSDdependa
ble embedd
ed systems
ACIPcritical
infrastruct.
protection
RAPID
Privacy /
Identity
Mgmt
BVNBiometr
ics
RESET
Smart Cards
STORKCrypto
Dependability policy support
Building
Constituency
Derive
Research
Roadmaps
WG-ALPINEActive LossPrevention
10
WEB sites
IST helpdeskIST helpdeskFax : +32 2 296 83 88Fax : +32 2 296 83 88E-Mail : [email protected] : [email protected]
www.cordis.luwww.cordis.lu/istwww.cordis.lu/rtd2002
Instruments: http://www.cordis.lu/rtd2002/fp-activities/instruments.htmEoI: http://www.cordis.lu/fp6/eoi-instruments/
IRG Workshop on T&S http://www.cordis.lu/ist/events/workshops.htmISTAG papers: ftp://ftp.cordis.lu/pub/ist/docs/istag_kk4402464encfull.pdfRoadmap projects: http://www.cordis.lu/ist/ka2/rmapsecurity.htmlT&S Workshops: http://www.cordis.lu/ist/ka2/rptspolicyconf.htm
