Commission Funded Research for Security and Trust in ICT - - PDF document

commission funded research for security and trust in ict
SMART_READER_LITE
LIVE PREVIEW

Commission Funded Research for Security and Trust in ICT - - PDF document

Oct 25, 2023 299 likes •417 views

Commission Funded Research for Security and Trust in ICT ------------- At: ECRYPT: Perspectives and Challenges for Academia and Industry ---------- 27 May, 2008 Antwerp Jacques Bus, Head of Unit DG Information Society and Media

slide-1
SLIDE 1

1 Jacques Bus, Head of Unit

DG Information Society and Media

Commission Funded Research for Security and Trust in ICT

  • At: “ECRYPT: Perspectives and Challenges

for Academia and Industry”

  • 27 May, 2008 – Antwerp

Strengthening Competitiveness through Co-operation FP7 Cooperation Programme: 32,413 M€ The 10 Themes

ICT; 9050; 28% Energy; 2350; 7% Transport; 4160; 13% Health; 6100; 19% NMT; 3475; 11% Environment; 1890; 6% Socio-economics; 623; 2% Security; 1400; 4% Space; 1430; 4% Food, …; 1935; 6%

Total 50,521 M€ Total 50,521 M€

7th EU Research Framework Programme 7th EU Research Framework Programme (FP7: 2007 (FP7: 2007-

  • 2013)

2013)

ICT Security & Trust ICT Security & Trust

slide-2
SLIDE 2

2 I CT Work Programme 2007 I CT Work Programme 2007-

  • 08

08

Security & Trust in other I CT Security & Trust in other I CT-

  • FP7 Objectives

FP7 Objectives

Future and Emerging Technologies

Digital libraries & Content Sustainable & personalised healthcare ICT for Mobility, Environment, Energy ICT for Independent Living and Inclusion

End-to-end systems for Socio-economic goals Technology roadblocks

Pervasive & Trusted Network & service infrastructures Cognitive systems, Interaction, Robotics Components, Systems, Engineering

Research in Security & Trust

Embedded Systems Design Computing Systems Networked Embedded & Control Systems ICT for Cooperative Systems Virtual Physiological Human ICT & Ageing

Security and Trust in FP7 Security and Trust in FP7 -

  • I CT WP 2007

I CT WP 2007-

  • 08

08

Coordination Actions

Research roadmaps, metrics and benchmarks, international cooperation, coordination activities 4 Projects: 3.3 m€

Netw ork infrastructures

4 Projects 11 m€

Dynam ic, reconfigurable service architectures

4 Projects 18 m€

I dentity m anagem ent, privacy, trust policies

3 Projects 20.5 m€ 6 Projects: 22 m€

Enabling technologies for trustw orthy infrastructures

Biometrics, trusted computing, cryptography, secure SW 2 Projects 5.8 m€ 1 Project 9.4 m€ 9 Projects: 20 m€

Critical I nfrastructure Protection 110 M€

slide-3
SLIDE 3

3 Security in Network Infrastructures Security in Network Infrastructures Resilience of and across heterogeneous networks Data gathering and analysis for understanding

and preventing cyber threats

Project content Project content – – some details some details

Security in service infrastructures Security in service infrastructures

  • Assuring security level and regulatory compliance
  • Specification and validation of trust and security of SOAs

User User-

  • centric identity and privacy management

centric identity and privacy management

In Future Networks and Services (Future Internet) Trusted SOA enabling user-centric data mgt policies Privacy-preserving network monitoring

Security Enabling technologies Security Enabling technologies

Crypto; Trusted Computing; Biometrics Secure software and software assurance

Critical I nfrastructure Protection Critical I nfrastructure Protection Joint Call with Security Joint Call with Security Programme Programme -

  • I CT focus

I CT focus

  • understanding and managing the interactions and

complexity in ICT infrastructures underpinning CI’s

  • designing and developing secure and resilient information

and process control systems

  • metrics and benchmarks for comparative evaluation
slide-4
SLIDE 4

4

CRYPTO : Some history CRYPTO : Some history

Commission interest in ICT Security takes its roots in the early 90’s. First INFOSEC decision (march 1992) set up SOG-IS and foresaw an R&D programme (12 Meuros for 1992-1994). In practice, significant activity started only after 1997 Some projects were also funded under the ESPRIT, RACE and the ACTS programmes. CRYPTO in FP5 CRYPTO in FP5

FP5 (DG INFSO) NESSIE http://www.cryptonessie.org (KUL)

  • 01/01/2000 - 40 months, 2.65 Meuros (EC contribution)
  • a portfolio of strong cryptographic primitives.

STORK http://www.stork.eu.org (KUL)

  • 01/07/2002 – 12 months, 200 Keuros (EC contribution)
  • a coherent research roadmap and a shared agenda for crypto-

research and development within FP6. AREHCC http://www.arehcc.com (Philips Semiconductors GmbH)

  • 01/12/2001 – 27 months, 3 Meuros (EC contribution)
  • Implementing advanced elliptic-curve and hyper-elliptic curve

cryptographic technologies for improved performance in software and embedded systems Other related projects: various PKI projects (PKI challenge, OPEN-PKI, etc.)

slide-5
SLIDE 5

5

CRYPTO in FP6 and in PASR CRYPTO in FP6 and in PASR

FP6 (DG INFSO ) ECRYPT (NoE) http://www.ecrypt.eu.org/ (Katholieke Universiteit Leuven)

  • 01/02/2004 – 54 months , 5.5 Meuros (EC contribution)
  • to maintain and strengthen the excellence of European research and

industry, strengthen and integrate research, Improve the state of the art in practice and theory in the areas of cryptology and watermarking and develop a joint infrastructure for testing and benchmarking. SECOQC (IP) http://www.secoqc.net/ (ARC Seibersdorf research GmbH)

  • 01/04/2004 – 48 months, 11.3 Meuros (EC contribution)
  • to specify, design, and validate the feasibility of an open, Quantum Key

Distribution infrastructure dedicated to secure communication as well as to fully develop the basic enabling technology. PASR (DG ENTR ) SUPHICE http://www.suphice.com (Thales e-Security)

  • 01/02/2005 – 18 months, 1.3 Meuros (EC contribution)
  • to address interoperable security standards, demonstration of secure

ad-hoc network provision and definition of tangible EU security policy by extending the current state-of-the-art.

SECOQC: QUANTUM KEY DI STRI BUTI ON SECOQC: QUANTUM KEY DI STRI BUTI ON

QKD is the first Quantum Information Processing and Communication technology to be transferred into an applicable and marketable product. QKD provides randomly generated keys to two parties in a perfectly secure manner, even against adversaries with arbitrary computing power. This task is impossible with classical communication and local processing alone. Asymmetric cryptographic methods, as used today for key distribution, are likely to be rendered insecure, at the latest with the advent of quantum computers.

slide-6
SLIDE 6

6

The Role of ECRYPT The Role of ECRYPT ECRYPT at the core of European research efforts: Successful in avoiding fragmentation and in integrating the communities Needed for cryptology as a fundamental enabler for trust and security in all domains

As society and the economy evolve, so do their assets and their vulnerabilities; with technology progressing, so do the threats to the integrity, confidentiality and availability of those assets. There is a continuing need for European excellence in cryptology to protect EU’s strategic assets

Drivers for Research in I CT Security & Trust Drivers for Research in I CT Security & Trust

Networks, Data & Services

– Technology Complexity – Cyber-threats, cyber-crime – The future of the Internet – Critical (Information) Infrastructures

Users and Society

– Privacy, Human Values – Trust, Empowerment

slide-7
SLIDE 7

7

Complexity and Complexity and globality globality

End End-

  • to

to-

  • End security and trust

End security and trust in highly complex networks and services in highly complex networks and services

N e w P r

  • p

e r t i e s

Billions of components and transactions

  • Scalability
  • Dependability
  • Resilience
  • Real-time control

“The Internet is broken”

Data Collection and its dangers Data Collection and its dangers

for governm ents to service citizens and business ( e- governm ent, e-education or e-health) for business, to provide personalized innovative applications and services for citizens, to better com m unicate and interact, im prove the quality of their life for governm ents again, to provide public security ( protection against crim e or terrorism , border-control, protection of critical infrastructures, etc.)

What about: privacy, proportionality, role and control of user

slide-8
SLIDE 8

8

Trusting The Future I nternet Trusting The Future I nternet

Securing the architecture

– – Secure, trusted and privacy respecting

Secure, trusted and privacy respecting architecture architecture

– – Secure network management & control

Secure network management & control

– – Virtualisation and overlays, introducing

Virtualisation and overlays, introducing location and time location and time

  • Protection against Threats

– – Threat prediction and prevention

Threat prediction and prevention

– – Self

Self-

  • protection and resilience

protection and resilience

  • Privacy, IDM and Trust

– – Identity in the Future Internet (persons,

Identity in the Future Internet (persons, things, virtual things, virtual entitties entitties) )

– – Trust instantiation in the Future Internet

Trust instantiation in the Future Internet

  • Trust in the digital economy; properties & models?

Trust in the digital economy; properties & models?

  • Identity in the emerging Information Society

Identity in the emerging Information Society

  • How to protect our personal sphere (user centricity,

How to protect our personal sphere (user centricity, usability) usability)

  • Cost of Security: (money, loss of democratic values)

Cost of Security: (money, loss of democratic values)

Privacy, I DM for Trust Privacy, I DM for Trust

slide-9
SLIDE 9

9 FP7 I CT Work Programme 2009 FP7 I CT Work Programme 2009-

  • 2010

2010 New Challenges for RTD in I CT Security and Trust New Challenges for RTD in I CT Security and Trust

  • Two overarching challenges

A trustworthy Future Internet (FI) with built-in security, dependability and trust

User centricity: Enabling users to understand security, privacy and trust in the FI and provide credible support to protect their privacy and personal data

  • … and three inter-related research perspectives

– Securing the architecture of FI – Protection against emerging threats – Privacy, IDM and Trust in the FI Society

D R A F T

Trustworthy I CT in WP09 Trustworthy I CT in WP09-

  • 10

10

Trustw orthy Netw ork I nfrastructures Trustw orthy Service I nfrastructures Netw orking, Coordination and Support Technology and Tools for Trustw orthy I CT

D R A F T

Trustworthy ICT Secure, reliable, resilient, surviving attacks, guarantee a desired level of service, protects user data and privacy, providing usable and trusted tools to support the user

Future Internet Privacy & Trust

slide-10
SLIDE 10

10

Timetable Timetable

24 April To ICT-Committee May – Oct Discussion in ICT-C, other consultations finalisation 25-27 Nov Presentation in ICT Conference in Lyon (FR) ~ Apr 09 Closure Call 4 ~ Oct 09 Closure Call 5 ~ Febr 10 Closure Call 6

D R A F T