1 / 28

Dirk van Rooy, Ph.D. DG Information Society and Media European Commission

Perspectives for Trust and Security in the future Digital Society Scope for actions eGov Workshop Brussels – Public Finances: ICT Solutions using SOA & Web Services 19 February 2009 - Brussels. Dirk van Rooy, Ph.D. DG Information Society and Media European Commission.

orsin
Download Presentation

Dirk van Rooy, Ph.D. DG Information Society and Media European Commission

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Perspectives for Trust and Security in the future Digital Society Scope for actions eGov Workshop Brussels – Public Finances: ICT Solutions using SOA & Web Services 19 February 2009 - Brussels Dirk van Rooy, Ph.D. DG Information Society and MediaEuropean Commission The views expressed in this presentation are purely those of the speaker and may not in any circumstances be regarded as stating an official position of the European Commission.

  2. CONTENT • Context • Policy basis • Ongoing Research • Opportunities: • ICT Programme • ICT Policy Support Programme

  3. Information Society Agricultural Revolution Industrial Revolution Information Revolution 21st 19th 3000 B.C. 15th Writing Printing Press Photography Internet

  4. Digital Wave

  5. The Cloud

  6. The Knowledge Society Ubiquitous Knowledge Networked TRUSTTechnical framework for Identity, Transparency and Accountability in the age of ambient intelligence ? Information Local Data PETs Privacy Enhancing Technologies First generation data protection and legislation

  7. The Five Freedoms Free movement of 1. Goods 2. Persons 3. Services 4. Capital1 5. Knowledge2 • 1986 - Single European Act • 2007 - Green Paper COM(2007) 161 http://ec.europa.eu/research/era/pdf/era_gp_final_en.pdf

  8. Future Internet: Complexity! Trillions of components and transactions and zetta bytes of data • Scalability • Dependability • Resilience Collaborative Security! End-to-End security and trust in highly complex networks and services! Non-functional requirements (trustworthiness) part of the design and construction

  9. Phishing attacks soar in the UK Internet security Code red Cyberwar and real war collide in Georgia Grosse faille du web, et solution en chemin Revealed: 8 million victims in the world's biggest cyber heist The Evolution of Cyber Espionage Web giants spark privacy concerns YouTube case opens can of worms on online privacy La colère associative monte contre Edvige, le fichier policier de données personnelles Cloud computing lets Feds read your email Phorm to use BT customers to test precision advertising system on net UK's Revenue and Customs loses 25 million customer records Big Brother Spying on Americans' Internet Data? Defenseless on the Net Big Brother tightens his grip on the web Six more data discs'are missing' Lessons from SocGen: Internal Threats need to become a security priority Identity theft, pornography, corporate blackmail in the web's underworld, business is booming Internet wiretapping Bugging the cloud Security, Privacy, Trustin the Information Society? Security Privacy Trust

  10. Democratic Societal Values Endangered Species in the Digital Age ? Possible erosion of democratic values. It took generations to build our democratic values – Europe must foster them and carry them into the digital age.

  11. Service oriented architectureService oriented infrastructure • Complex collaborations • Users – systems – services • Heterogeneous: access control, dynamic, dispersed, dependencies, security policies… • Security is paramount – Identity management, confidentiality, data protection, privacy, QoS, traceability, integrity, policy enforcement…

  12. The Crisis: Data collection and usein the interest of the citizen for business, to provide personalized innovative applications and services for citizens, to better communicate and interact, improve the quality of their life (Web 2.0) for governments to service citizens and business (e-government, e-education or e-health) for governments again, to provide public security (protection against crime or terrorism, border-control, protection of critical infrastructures, etc.) trust, user-control, privacy, security proportionality of data storage/use ??

  13. Trust, privacy and security in digital society role of technology The Commission in its First Report on the implementation of the Data Protection Directive: "…the use of appropriate technological measures is an essential complement to legal means and should be an integral part in any efforts to achieve a sufficient level of privacy protection…".

  14. ICT Security & Trust 7th EU Research Framework Programme(FP7: 2007-2013) Total 50,521 M€ StrengtheningCompetitivenessthrough Co-operation

  15. Technology roadblocks Research inSecurity & Trust ICT FP7 - Security & Trust in perspective End-to-end systems for Socio-economic goals Digital libraries & Content Sustainable & personalised healthcare ICT for Mobility, Environment, Energy ICT for Independent Living and Inclusion Pervasive & Trusted Network & service infrastructures ICT for Cooperative Systems Virtual Physiological Human ICT & Ageing Cognitive systems, Interaction, Robotics Future and Emerging Technologies Components, Systems, Engineering Embedded Systems Design Computing Systems Networked Embedded & Control Systems

  16. Trustworthy ICTFuture RTD and policy areas • Trusted Global IdentityFramework: providing global interoperability and enabling informed trust decisions on organisations, people, and digital entities in the Future Internet. Enabling privacy protection in accordance to EU culture • Transparency and Accountabilityof data use in processes, services and policies in ICT systems • Sound risk management for enterprises and consumers (there is no 100% security) • Governancebased on these principlesfor law enforcement and citizen/infrastructure security

  17. Networkinfrastructures Identity management,privacy, trust policies Dynamic, reconfigurableservice architectures 1 Project 9.4 m€ 4 Projects 18 m€ 4 Projects 11 m€ Critical Infrastructure Protection Enabling technologies for trustworthy infrastructures Biometrics, trusted computing, cryptography, secure SW 4 Projects: 3.3 m€ 4 Projects 22.5 m€ 3 Projects 9.8 m€ 4 Projects: 16 m€ 9 Projects: 20 m€ ICT Work Programme 2007-0833 new FP7 projects in Security & Trust 110 M€ Coordination Actions Research roadmaps, metrics and benchmarks, international cooperation, coordination activities

  18. Personalised Services Security in service infrastructures: 4 projects, 18 m€ EC funding Main R&D project priorities • Assuring the security level and regulatory compliance of SOAs handling business processes (IPMASTER) • Platform for formal specification and automated validation of trust and security of SOAs (AVANTSSAR) • Data-centric information protection framework based on data-sharing agreements (Consequence) • Crypto techniques in the computing of optimised multi-party supply chains without revealing individual confidential private data to the other parties (SECURE-SCM)

  19. User-centric Privacy and ID-Management 6 projects, 35.7 m€ EC funding Main R&D project priorities • Sustainable Privacy and Identity Management in Networks and Services; Privacy-enhancing identity management ‘for life’ (PRIMELIFE, PICOS, SWIFT) • Revocable, user-controlled, fingerprint-based biometric identities (TURBINE) • Trusted dynamic and secure services managing and processing personal information based on user-centric data management policies (IP-TAS3) • Privacy-preserving network monitoring system with data protection (PRISM)

  20. The FP7 ICT work programme for 2009-10 Objective ICT-2009.1.4: Trustworthy ICT ICT Call 5: 31 July 2009 – 3 November 2009

  21. Trustworthy Service Infrastructures Trustworthy NetworkInfrastructures Technology and Tools for Trustworthy ICT Networking, Coordination and Support Priority areas for Trustworthy ICT in WP09-10 90 M€ Call 5 (OCT ’09) IPs, STREPs: 80 m€ min 50% to IPs NoEs, CAs10m€

  22. Trustworthy Network Infrastructures • Building and managing the Future Internet • Monitoring and managing threats • Trustworthy communication, computing and storage (real-time management, virtualisation) • Experiments and demonstration • Attention to usability, social acceptance, economic and legal viability

  23. Trustworthy Service Infrastructures • Privacy protecting interoperable services on the FI • User-centric, privacy respecting ID for persons, things and virtual entities • Adaptive frameworks for managing trust throughout life-cycle • Experiments and demonstration • Attention to usability, social acceptance, human self-determination and privacy, economic and legal viability

  24. Technology and Tools for Trustworthy ICT • Focused technology development • in the network (control, things, malware) • for services (ID and privacy mgt tools, risk mgt, verification, certification) • for data management (assurance, integrity, availability, risks, long term storage) • Software assurance, secure software • enabling technologies (biometrics, crypto, trustworthy communication, virtualisation, metrics, certification)

  25. Networking, Coordination and Support • Threats and vulnerabilities • Security and resilience in software and services • Economics of security • Interoperable standards, certification • Legal and societal aspects of technology • International cooperation

  26. ICT Policy Support Programme – WP2009 - Objective 7.1A European infrastructure for secure information management Focus and outcomes • Integration of available technologies for secure information management systems • Piloting deployment in public administrations and private organisations Rationale • Many technologies for data & privacy protection exist • Insufficient deployment, leading to data leakage, loss & theft • International standards exist Main expected outcomes • functional pilot, possibly with applications in different areas • under typical real-life conditions; transferable deployment principles; best practices • contributing to convergence across European organisations

  27. ICT PSP – WP2009 - Objective 7.1A European infrastructure for secure information management Conditions and characteristics • Integration of available security technologies, techniques, tools, policies and procedures into a functional pilot • Technologies such as encryption, single sign-on, strong authentication, role definition, distributed data storage • Combine best available technologies and practices, European convergence • Economic viability for real-life deployment • Public-private partnerships, solution and service providers in ICT security, public admin, private data controllers

  28. ICT PSP – WP2009 - Objective 7.1A European infrastructure for secure information management Expected impact • Towards operational and comprehensive secure information management in daily work environments • Limit information loss; limit unintended use of information; promote accountability • Increase trust in eServices Instrument & funding: • One pilot project, type B, up to 3 M€ funding • minimum 4 eligible legal entities (Member States or associated) • typical duration 24-36 months, with 12 months pilot operating service • Open: 29 Jan. 2009 – close 2 June 2009 • http://ec.europa.eu/information_society/activities/ict_psp/index_en.htm

More Related