120 likes | 274 Views
SMAU - Convegno “ICT Security: panorama internazionale” Milano, 28 Ottobre 2002. Costruire una Società della Informazione sicura: la prospettiva Europea Andrea Servida, Head of Sector DG Information Society - C4 European Commission, Brussels. Lisbon Strategy. “EU: Largest
E N D
SMAU - Convegno “ICT Security: panorama internazionale”Milano, 28 Ottobre 2002 Costruire una Società della Informazione sicura: la prospettiva Europea Andrea Servida, Head of Sector DG Information Society - C4 European Commission, Brussels
Lisbon Strategy “EU: Largest knowledge-basedeconomy by 2010” The policy context ERA: EuropeanResearch Area FP6, Eureka, COST, National RTD Programmes Enlargement … towards a Single Market for Research The then candidate countries are full partners in FP5. Other policies Single Market, Single Currency, Security of Europeans, Sustainable Development, ... Broadband access, e-business, e-government, security, skills, e-health, ...
Regulatory Framework Policy • eEurope 2005 • Cybersecurity Task Force • ‘Culture of security’ • JAI initiative on secure VISA • use of biometrics • smart travel documents • International Fora • OECD • GBDe, • CoE, • G8 • ... • Electronic Signature Directive • Data protection in electronic communications • Council Resolution on Information & network security • coordination CERTs • CSTF • Int. Co-operation on dependency on electronic networks • Framework Decision on attacks against information systems • Framework Decision on combating terrorism R&DActivities • Trust & Security:75 R&D projects(~80 M€) • Dependability: • 16 R&D projects(~28 M€) • Joint EU-US task force onR&D for CIP • R&D in information security key in FP6 Overview of EU Activitiesin Information Security
Three angles for actions on security Policy PROSECUTE PREVENT NETWORK & INFO SECURITY CYBERCRIME & TERRORISM Hacking ID theft Intrusion Data retention PRIVACY AND DATA PROTECTION PROTECT NETWORK & INFO SECURITY
eEurope 2005 • Policy initiative for Information Society for All • Builds on the progress made in eEurope 2002 • Internet penetration in houses doubled; legal framework for eCommerce; Telecom framework in place; fastest research backbone network; etc. • Sets ambitious targets • modern online public services (eGovernment, eHealth, eLearning • a dynamic business environment enabled by • widespread availability of broadband at competitive prices • a secure information infrastructure
eEurope 2005: Secure Information InfrastructureProposed Actions • Establish a Cyber Security Task Force (CSTF) - by mid 2003 • supported by Member States and Industry • centre of competence on security issues • Develop a ‘culture of security’ - end of 2005 • develop best practice and standards • report on progress issued end 2003 • Secure communication between public servers
the “INDIVIDUAL” • the “Communities” (B2E, B2B, B2C) but also agents, devices, etc. • the “Critical Infrastructures” privacy Content Identity mangtConfidentialityIPR Infrastructure Dependabilityinterdependencies IST Research on Trust & Security
The European Commission’s R&D Programme IST • 75 projects on Information Security (funding: ~80 M€) • biometrics, advanced cryptographic primitives, protocols, privacy enhancing technologies, tamper proof devices, authentication technologies, access control, smart cards, etc. • 16 projects on Dependability (funding: 28.4 M€) • attack tolerance for largely distributed systems • interdependencies between electric and telecom grids • stability of cellular networks • intelligent agents to enhance survivability of large critical infrastructures • EU-USA Joint Task Force on R&D for CIP (since 1998) • a number of workshops involving OSTP, DARPA, NSF, DoE, DoC etc.
Critical infrastructure dependability -What’s at stake Military C4I Telecommunications Mass Media Power grid Finance This is a global economic and societal challenge Information Infrastructures Civil Defense Transport Industry Water pumps& sewage HackersCyber terrorists Foreign IW agents Vital humanservices
The way forward: moving towards FP6 • Security policy interests should not put at risk personal and social rights to privacy, intimacy and confidentiality • In absence of geographic and jurisdictional boundaries over the network, securing ourselves would mean securing our Economy and Society • In a global and seamless world, a balanced regulatory approach should be developed leveraging co-operation and social and economic responsibility • More knowledge and technical capability should be gained on systemic issues pertaining dependability of critical infrastructures … more research is needed ---> FP6
Constituency Building Derive Research Roadmaps Identify stakeholders & derive Research Roadmap April 2002Closure Call 1-FP6 1 June 2002 1 Jan. 2003 OPEN discussion Dissemination Road mapping on security and dependability DDSI WG-ALPINE Dependability policy support Active LossPrevention AMSD : Overall Dependability e-business embedded CIP privacy BVN Biometrics PAMPAS mobile privacy & security AMSD dependable embedded systems ACIP critical infrastruct. protection RAPID Privacy / Identity Mgmt RESET Smart Cards STORK Crypto
For More Information • IST PROGRAMME • http://www.cordis.lu/ist/ • DEPPY Forum • http://deppy.jrc.it • EWIS Forum • http://ewis.jrc.it • eEUROPE • http://europa.eu.int/comm/information_society/eeurope/news/index_en.htm andrea.servida@cec.eu.int