1 ISSS / LORIS 2004 Conference ISSS / LORIS 2004 eSecurity: How is Europe Facing the New Challenges? [email protected].

1

ISSS / LORIS 2004 ConferenceISSS / LORIS 2004 Conference

ISSS / LORIS 2004

eSecurity:

How is Europe Facing the New Challenges?

[email protected]@cec.eu.int

2

• ICT in the Future• Two Alternate Futures• e-Security: Vision 2015• e-Security 2015: Four Big Challenges

– Elimination of Epidemic-style Attacks

– Trustworthy Societal Applications

– Quantitative Risk Management

– Security and Privacy

• Trust and Security in FP6 IST - Call 1 Year 2003– MEDSI

– FIDIS

– SECOQC

• Conclusions

AgendaAgenda

3

• Smaller, cheaper, embedded computing• Ubiquitous computing, ubiquitous communication,

intelligent interfaces (Ambient Intelligence)• Global reach and global participation• Growing volumes of data• Growing population of user-centric services

– Internet commerce– eGovernment– On-demand services– Telework– Individualised entertainment

ICT in the FutureICT in the Future

4

TwoTwo Alternate Futures Alternate Futures

• Overwhelming unsolicited, junk emails

• Rampant ID theft• Frequent network

outages• Frequent manual

intervention• Largely unchecked

abuses of laws and rights

• No ‘spam’ or viruses• User-controlled

privacy• Uninterrupted

communications• Hassle-Free

computing• Balanced regulation

and law-enforcement

5

• Intuitive, controllable computing• Reliable and predictable• Supports a range of reasonable policies• Adapts to changing environment• Enables rather than constrains• Supports personal privacy choices• Security not as an afterthought, but as an

integral property

e-Security: Vision 2015e-Security: Vision 2015

6

e-Security 2015: Four Big Challengese-Security 2015: Four Big Challenges

1) Eliminate epidemic-style attacks within the next decade

• Develop tools and principles that enable development of large-scale systems for highly trustworthy societal applications

• Quantitative risk management of information-systems

• An Ambient Intelligence Space that gives end-users security they can understand and privacy they can control

7

Elimination of Epidemic-style Attacks (1)Elimination of Epidemic-style Attacks (1)

• Viruses and worms

• ‘SPAM’

• Denial of Service attacks (DOS)

8

Elimination of Epidemic-style Attacks (2)Elimination of Epidemic-style Attacks (2)

• Epidemic-style attacks can be fast

• Price of entry is low for adversaries

• Unpredictable attack techniques and sources– Polymorphic worms and viruses

– Anonymous attackers

• No organised active defence– Poor visibility into global Internet operations

– No emergency global control

9

Elimination of Epidemic-style Attacks Elimination of Epidemic-style Attacks (3)(3)

• Cost of attacks are tremendous– Costs to enterprise operations– Decreased productivity– Loss of confidence in information infrastructure

• Internet is being used today for critical infrastructure– Hospitals, ATM networks, utilities, Air Traffic Control

• Eliminating malicious software will:– Support emerging applications in areas of general interest

(e.g. telemedicine)– Increase trust and confidence

10

Elimination of Epidemic-style Attacks (4)Elimination of Epidemic-style Attacks (4)

• Nobody ‘owns’ the problem– Finger-pointing among developers, network operators, system

administrators, and users

• Lack of Internet-scale data

• Lack of Internet-sized testbeds

• Lack of legislative support

• Conflicting economic interests

11

Elimination of Epidemic-style Attacks (5)Elimination of Epidemic-style Attacks (5)

No more:– Internet worms– Internet-wide service interruptions– Massive spam attacks against ISPs, email providers,

and businesses

Internet protection:– Supplied standard on all new computers, routers, large

& small appliances– A mitigation strategy is available for existing

infrastructure

12

Trustworthy Societal Applications (1)Trustworthy Societal Applications (1)

• Patient medical record databases

• Fully supported electronic elections

• Law enforcement databases, ...

13

Trustworthy Societal Applications (2)Trustworthy Societal Applications (2)

• Ambient intelligence pervades all aspects of society

• Systems are being built and deployed now that may not be fully trustworthy

• Critical applications must be trustworthy

14

Trustworthy Societal Applications (3)Trustworthy Societal Applications (3)

• Reconciling various legal regimes with technological capabilities

• Provision with acceptable cost

• Achieving balance of privacy with security in record-keeping

• Integration/replacement of legacy applications having lesser (or no) protections

15

Trustworthy Societal Applications (4)Trustworthy Societal Applications (4)

• e.g., create online medical databases that survive severe disasters and attacks without human intervention– Confidentiality: no authorised disclosure of records

– Integrity: no unauthorised alteration of records

– Auditability: record all attempts to access online info

– Availability: maximum downtime less that 2 minutes per day, and an average of less that 5 minutes per month

– Accessible globally

16

Quantitative Risk Management (1)Quantitative Risk Management (1)

• There is no sound and efficient management without measure: if you don’t have a measure, either you under-protect or you over-spend

• What you measure is what you get– Measuring the wrong thing is as bad or worse as not

measuring anything at all

– The measures ultimately need to be consistent, unbiased, and unambiguous

17

Quantitative Risk Management (2)Quantitative Risk Management (2)

• Getting the model right, picking the right measures, gathering the right data

• No one wants to be first to disclose information

• Data sharing and common terminology are required

• Legal, cultural, business, and scientific issues

• The “I don’t want to know” mentality

18

Quantitative Risk Management (3)Quantitative Risk Management (3)

• Ability to predict outcomes• Ability to ‘titrate’ – choosing our point on the cost

vs. risk curve• Businesses and governments can take more risk

and gain more reward• Ability to communicate across the boundaries of

shareholders, suppliers, regulators, the market… • Risk transfer for information security can achieve

liquidity

19

Security and Privacy (1)Security and Privacy (1)

• Technology can easily outrun comprehensibility– Security implementation must not make this

worse

• End-user should not lose control of his/her information, privacy, location

20

Security and Privacy (2)Security and Privacy (2)

• The looming future– Instant access to information

– Exploiting the benefits of ICT everywhere

– Convenience, safety, empowerment

• Why a challenge for this community?– Avoid the high pain of leaving these concerns for later

• Product-makers should not be the only stakeholders in the design process– Threats to privacy are a critical concern

• Multicultural issues

21

Security and Privacy (3)Security and Privacy (3)

• It’s important to get in at the beginning

• The Internet experience informs us:– It’s also a social system, not simply a technology

• Once we give up privacy or security, we may not be able to regain it

• Important to assert a leadership role while we can

22

Security and Privacy (4)Security and Privacy (4)

• User needs are much broader than traditional security models

• Dynamic environments and device heterogeneity are challenging

• Multiple competing stakeholders

• Difficulty to make things usable

• Real-life user security requirements and policies are hard to express in terms of current mechanisms

23

Security and Privacy (5)Security and Privacy (5)

• Societal acceptance– Does the user feel in control of this world she now lives

in?– Has the user in fact lost control of his information, his

privacy?

• Emergence of a ubiquitous cyber space that is:– Simple and easy to use– Dependable, reliable– Trustworthy– Not overly intrusive

24

IST in FP6 - Call 1 Year 2003IST in FP6 - Call 1 Year 2003

• CZ Participation in Proposals– 12 participations (out of 1127, i.e. 1.06%)

– No co-ordination (PL 2, BG & HU 1)

• CZ Participation in Projects– MEDSI (STREP) 2

– FIDIS (NoE) 1

– SECOQC (IP) 1

25

“Management Decision Support for Critical Infrastructures”

18 months - 11 participants• Rationale

– Asymmetric threats ==> it is necessary to provide a new open framework for data sources fusion and interpretation

• Objectives– An innovative system providing an integrated set of services

to crisis managers and planners in order to protect critical infrastructures

• Main innovations– A tool to define and manage crisis scenarios for CIP– A scalable system inter-operating with other existing or

under development systems ==> huge quantities of information accessible

– A new concept of GIS and simulation integration

• Czech Contractors– T-SOFT spol. s.r.o. (crisis management) – GISAT s.r.o. (remote sensing and geoinformation service)

MEDSIMEDSI

26

“The Future of Identity in the Information Society”

60 months - 24 participants• Rationale

– New concepts of identity emerge with the development of e-Society, e.g. multiple identity, pseudonymity, anonymity

– At the same time, needs for identification and authentication are growing, in particular for official activities

• Objectives– Shaping the requirements for the future management of

identity– contributing to the technologies and infrastructures needed

• Main innovations– overcome the fragmentation of research into the future of

identity– durable integration of the implementation of research efforts

• Czech Contractor– Masaryk University Brno (cryptography, privacy, biometrics)

FIDISFIDIS

27

“Development of a Global Network for Secure Communication based on Quantum Crytography”

48 months - 42 participants• Rationale

– Currently used encryption systems are vulnerable (e.g., increasing power of computing technology, emergence of new code-breaking algorithms, imperfections of PKI’s) ==> quantum cryptography

• Objectives– To specify, design and validate the feasibility of an open

Quantum Key Distribution infrastructure dedicated to secure communication

• Main innovations– Novel and reliable methods for secure long-range

communication– Increased trust in applications (e.g., e-vote, e-commerce)

• Czech Contractor– Palacky University (Department of Optics), Olomouc

SECOQCSECOQC

28

• Europe is confronted with major challenges in the field of Security

• Immediacy of threat has led so far to excessive focus on short-term R&D

• Lack of a culture of security across Europe• Enlargement represents both another challenge and an

opportunity to devise European solutions• Policy lags innovation• Problems include yet go beyond national defence

ConclusionsConclusions

29

• http://europa.eu.int/index-en.htm

• http://europa.eu.int/information_society

• http://eeurope-smartcards.org

• http://www.cordis.lu/ist/

• http://www.cordis.lu/ist/ka2/smartcards.html

[email protected] (new Head of ‘Security Research’ Unit)

More InformationMore Information

30

DěkujiDěkuji!!