300 likes | 323 Views
Explore how Europe is tackling new eSecurity challenges in a changing digital landscape. This conference discusses vision, challenges, and solutions for eliminating attacks, ensuring trustworthy societal applications, and implementing quantitative risk management.
E N D
ISSS / LORIS 2004 Conference Gerald.Santucci@cec.eu.int ISSS / LORIS 2004 eSecurity: How is Europe Facing the New Challenges?
Agenda • ICT in the Future • Two Alternate Futures • e-Security: Vision 2015 • e-Security 2015: Four Big Challenges • Elimination of Epidemic-style Attacks • Trustworthy Societal Applications • Quantitative Risk Management • Security and Privacy • Trust and Security in FP6 IST - Call 1 Year 2003 • MEDSI • FIDIS • SECOQC • Conclusions
ICT in the Future • Smaller, cheaper, embedded computing • Ubiquitous computing, ubiquitous communication, intelligent interfaces (Ambient Intelligence) • Global reach and global participation • Growing volumes of data • Growing population of user-centric services • Internet commerce • eGovernment • On-demand services • Telework • Individualised entertainment
Overwhelming unsolicited, junk emails Rampant ID theft Frequent network outages Frequent manual intervention Largely unchecked abuses of laws and rights No ‘spam’ or viruses User-controlled privacy Uninterrupted communications Hassle-Free computing Balanced regulation and law-enforcement Two Alternate Futures
e-Security: Vision 2015 • Intuitive, controllable computing • Reliable and predictable • Supports a range of reasonable policies • Adapts to changing environment • Enables rather than constrains • Supports personal privacy choices • Security not as an afterthought, but as an integral property
e-Security 2015: Four Big Challenges • Eliminate epidemic-style attacks within the next decade • Develop tools and principles that enable development of large-scale systems for highly trustworthy societal applications • Quantitative risk management of information-systems • An Ambient Intelligence Space that gives end-users security they can understand and privacy they can control
Elimination of Epidemic-style Attacks (1) • Viruses and worms • ‘SPAM’ • Denial of Service attacks (DOS)
Elimination of Epidemic-style Attacks (2) • Epidemic-style attacks can be fast • Price of entry is low for adversaries • Unpredictable attack techniques and sources • Polymorphic worms and viruses • Anonymous attackers • No organised active defence • Poor visibility into global Internet operations • No emergency global control
Elimination of Epidemic-style Attacks (3) • Cost of attacks are tremendous • Costs to enterprise operations • Decreased productivity • Loss of confidence in information infrastructure • Internet is being used today for critical infrastructure • Hospitals, ATM networks, utilities, Air Traffic Control • Eliminating malicious software will: • Support emerging applications in areas of general interest (e.g. telemedicine) • Increase trust and confidence
Elimination of Epidemic-style Attacks (4) • Nobody ‘owns’ the problem • Finger-pointing among developers, network operators, system administrators, and users • Lack of Internet-scale data • Lack of Internet-sized testbeds • Lack of legislative support • Conflicting economic interests
Elimination of Epidemic-style Attacks (5) No more: • Internet worms • Internet-wide service interruptions • Massive spam attacks against ISPs, email providers, and businesses Internet protection: • Supplied standard on all new computers, routers, large & small appliances • A mitigation strategy is available for existing infrastructure
Trustworthy Societal Applications (1) • Patient medical record databases • Fully supported electronic elections • Law enforcement databases, ...
Trustworthy Societal Applications (2) • Ambient intelligence pervades all aspects of society • Systems are being built and deployed now that may not be fully trustworthy • Critical applications must be trustworthy
Trustworthy Societal Applications (3) • Reconciling various legal regimes with technological capabilities • Provision with acceptable cost • Achieving balance of privacy with security in record-keeping • Integration/replacement of legacy applications having lesser (or no) protections
Trustworthy Societal Applications (4) • e.g., create online medical databases that survive severe disasters and attacks without human intervention • Confidentiality: no authorised disclosure of records • Integrity: no unauthorised alteration of records • Auditability: record all attempts to access online info • Availability: maximum downtime less that 2 minutes per day, and an average of less that 5 minutes per month • Accessible globally
Quantitative Risk Management (1) • There is no sound and efficient management without measure: if you don’t have a measure, either you under-protect or you over-spend • What you measure is what you get • Measuring the wrong thing is as bad or worse as not measuring anything at all • The measures ultimately need to be consistent, unbiased, and unambiguous
Quantitative Risk Management (2) • Getting the model right, picking the right measures, gathering the right data • No one wants to be first to disclose information • Data sharing and common terminology are required • Legal, cultural, business, and scientific issues • The “I don’t want to know” mentality
Quantitative Risk Management (3) • Ability to predict outcomes • Ability to ‘titrate’ – choosing our point on the cost vs. risk curve • Businesses and governments can take more risk and gain more reward • Ability to communicate across the boundaries of shareholders, suppliers, regulators, the market… • Risk transfer for information security can achieve liquidity
Security and Privacy (1) • Technology can easily outrun comprehensibility • Security implementation must not make this worse • End-user should not lose control of his/her information, privacy, location
Security and Privacy (2) • The looming future • Instant access to information • Exploiting the benefits of ICT everywhere • Convenience, safety, empowerment • Why a challenge for this community? • Avoid the high pain of leaving these concerns for later • Product-makers should not be the only stakeholders in the design process • Threats to privacy are a critical concern • Multicultural issues
Security and Privacy (3) • It’s important to get in at the beginning • The Internet experience informs us: • It’s also a social system, not simply a technology • Once we give up privacy or security, we may not be able to regain it • Important to assert a leadership role while we can
Security and Privacy (4) • User needs are much broader than traditional security models • Dynamic environments and device heterogeneity are challenging • Multiple competing stakeholders • Difficulty to make things usable • Real-life user security requirements and policies are hard to express in terms of current mechanisms
Security and Privacy (5) • Societal acceptance • Does the user feel in control of this world she now lives in? • Has the user in fact lost control of his information, his privacy? • Emergence of a ubiquitous cyber space that is: • Simple and easy to use • Dependable, reliable • Trustworthy • Not overly intrusive
IST in FP6 - Call 1 Year 2003 • CZ Participation in Proposals • 12 participations (out of 1127, i.e. 1.06%) • No co-ordination (PL 2, BG & HU 1) • CZ Participation in Projects • MEDSI (STREP) 2 • FIDIS (NoE) 1 • SECOQC (IP) 1
MEDSI “Management Decision Support for Critical Infrastructures” 18 months - 11 participants • Rationale • Asymmetric threats ==> it is necessary to provide a new open framework for data sources fusion and interpretation • Objectives • An innovative system providing an integrated set of services to crisis managers and planners in order to protect critical infrastructures • Main innovations • A tool to define and manage crisis scenarios for CIP • A scalable system inter-operating with other existing or under development systems ==> huge quantities of information accessible • A new concept of GIS and simulation integration • Czech Contractors • T-SOFT spol. s.r.o. (crisis management) • GISAT s.r.o. (remote sensing and geoinformation service)
FIDIS “The Future of Identity in the Information Society” 60 months - 24 participants • Rationale • New concepts of identity emerge with the development of e-Society, e.g. multiple identity, pseudonymity, anonymity • At the same time, needs for identification and authentication are growing, in particular for official activities • Objectives • Shaping the requirements for the future management of identity • contributing to the technologies and infrastructures needed • Main innovations • overcome the fragmentation of research into the future of identity • durable integration of the implementation of research efforts • Czech Contractor • Masaryk University Brno (cryptography, privacy, biometrics)
SECOQC “Development of a Global Network for Secure Communication based on Quantum Crytography” 48 months - 42 participants • Rationale • Currently used encryption systems are vulnerable (e.g., increasing power of computing technology, emergence of new code-breaking algorithms, imperfections of PKI’s) ==> quantum cryptography • Objectives • To specify, design and validate the feasibility of an open Quantum Key Distribution infrastructure dedicated to secure communication • Main innovations • Novel and reliable methods for secure long-range communication • Increased trust in applications (e.g., e-vote, e-commerce) • Czech Contractor • Palacky University (Department of Optics), Olomouc
Conclusions • Europe is confronted with major challenges in the field of Security • Immediacy of threat has led so far to excessive focus on short-term R&D • Lack of a culture of security across Europe • Enlargement represents both another challenge and an opportunity to devise European solutions • Policy lags innovation • Problems include yet go beyond national defence
More Information • http://europa.eu.int/index-en.htm • http://europa.eu.int/information_society • http://eeurope-smartcards.org • http://www.cordis.lu/ist/ • http://www.cordis.lu/ist/ka2/smartcards.html Jacques.Bus@cec.eu.int (new Head of ‘Security Research’ Unit)