Presentation is loading. Please wait.

Presentation is loading. Please wait.

Developments in cooperation between research and standardization related to security and secure communications Presentation at eMayor clustering event,

Published byJosephine Jenkins Modified over 9 years ago

Similar presentations

Presentation on theme: "Developments in cooperation between research and standardization related to security and secure communications Presentation at eMayor clustering event,"— Presentation transcript:

1 Developments in cooperation between research and standardization related to security and secure communications Presentation at eMayor clustering event, 4 March 2005 “Secure Information Processing in the Public Sector” Bart Brusse, COPRAS Project Manager

2 COPRAS aims to improve the IST research/standards interface….. FP6 Specific Support Action (SSA) addressing projects in 18 Strategic Objectives in calls 1 & 2 Improve interfacing between FP6 IST projects and standards bodies: –Act as a facilitator to FP6 IST projects wishing to upgrade their deliverables through standardisation –Prepare generic information on RTD/standards interfacing guiding those proposing or evaluating future projects Project lifespan: 01/02/2004 – 31/01/2007 Methodology: –Survey projects and analyse their standards related output –Develop Standardization Action Plans with selected projects

3 …..and addresses shortcomings currently experienced on both sides Interfacing with standardisation is required but the ‘right’ body may not always be easy to find Cooperation has to be initiated at an earlier stage, making tangible results available sooner IST projects’ standardization targets have to be better matched with ongoing activity Structuring cooperation will reduce overlap and save resources on the side of research projects Start Half way EndRequirements analysisTests & pilots ‘Standardisation gap’ Standardisation processes IST project duration Technical developments

4 Security related activities are underway within CEN/ISSS and ETSI Biometrics, standards related issues with particular emphasis on ISO/IEC/JTC1/SC37; preparation of a report on European specific requirements in Biometrics ETSI TC ESI, addressing the lack of standards supporting electronic signatures and public key certificates, in line with, and endorsed by the initiative of the European Commission to establish a harmonized infrastructure for electronic signatures CEN/ISSS Workshop on Data Protection & Privacy, aiming to help business in Europe comply with the Data Protection Directive and relevant national legislation by facilitating harmonization of practice and developing the understanding of current practices CEN/TC224/WG15 on a European Citizen card, defining the concept of a smart card issued under the authority of a national or local government institution

5 A new focus group within CEN/ISSS on eGovernment standardization Lack of a coherent overview of eGovernment standards issues, lack of persistence, lack of maintenance & lack of visibility Identify issues & themes, agencies & authorities, standardized solutions & mechanisms currently existing in the field of eGovernment in Europe Identify and map out initiatives and services including frameworks, design rules, clearing houses, existing standards & specifications, etc. Involve public administrators, identify recurring policy issues & obstacles, contribute to IDABC proposals, analyze standardization requirements BackgroundObjectives

6 Security related activities underway within OASIS Application Vulnerability Description Language (AVDL), creating a uniform way of describing application security vulnerabilities eXtensible Access Control Markup Language (XACML), for the expression of authorization policies in XML Provisioning Services, an XML-based framework for information exchange between Provisioning Service Points XML Common Biometric Format (XCBF), a common set of secure XML encodings for the patron formats specified in CBEFF Public Key Infrastructure (PKI), meeting business and security requirements Rights Language, defining an industry standard for a digital rights language Security Services, advancing the Security Assertion Markup Language (SAML) as a standard Web Application Security (WAS) providing guidance for initial threat, impact, risk rating Web Services Security (WSS), on Web Services security foundations Digital Signature Services (DSS), supporting the processing of digital signatures

7 Security related activities underway within W3C XML Encryption, developing a process for encrypting/ decrypting digital content and an XML syntax used to represent the encrypted content, as well as information that enables an intended recipient to decrypt it XML signature, developing an XML compliant syntax used for representing the signature of Web resources and portions of protocol messages and procedures for computing and verifying such signatures XML Key management, development of a specification for an XML application/protocol allowing a client to obtain key information from a web service Deployment of further activities, on higher level security applications, possibly in combination with ETSI, are being discussed Additional information on XML security may be found at: http://www.nue.et-inf.uni- siegen.de/~geuer- pollmann/xml_security.html

8 ICTSB Network and Information Security Steering Group (NISSG) Aim - To act as an overall focal point for the European standardization community on network and information security issues Output – To ensure the implementation of the NIS report produced by the CEN/ETSI NIS Group Next steps –Meetings 9 March 2005, 1 June 2005 –Any issues regarding new activities (as distinct from issues concerning existing ones, wherever they may be) should be addressed to NISSG as the focal point Membership - open to any ICTSB member organization and their relevant technical groups and invited stakeholder interests

9 COPRAS maps standardization with IST projects activities & output 164 projects addressed across 10 Strategic Objectives FP6 Call 1 92 responses received (56%) 40 projects approached for participation in the COPRAS Programme 51 projects targeted in 2.3.1.5, 2.3.1.9 & 2.3.1.11 Strategic Objectives with projects addressing security 31 responses received (61%) 7 projects invited with output relevant to security related standardization Kick-off meeting 14 th October 2004: jump-start development of ‘Standardization Action Plans’

10 5 “Security” projects participated in the kick-off meeting ProjectStandardization objectives addressed eMayorSecure municipal government applications: X-forms digital signature & smartcard integration; eGovernment XML exchange standards; government digital identification tokens (smartcard) standardization and related CA architecture. TrustComInteroperability profiles covering: model driven security, collaborative business processes, policies & security, contracts & service level agreements, trust PMI and PKI, web & GRID technologies, semantic technologies. SECOQCQuantum cryptography: standardization of ‘internal’ interfaces to achieve interoperability of QKD components from different manufacturers; standardization of ‘external’ interfaces and network infrastructure to make applications compatible with different QKD systems and to provide applications standardized access to QKD based infrastructures. BioSecBiometrics: standardized multi-modal measurements of acceptance and trust (privacy, data security, reliability, invasiveness); development of standards to promote acceptance and trust of biometrics (standards for data & privacy protection, for user-friendly design, handling & interfacing). Digital Passport Next generation European digital passport with biometric data for secure and convenient border passage: security concept & system architecture, minimum security requirements for cards & personal identification; standards & guidelines for a security framework, network security; use of electronic signatures in passports; privacy & data protection.

11 Concrete cooperation on further standardization steps with SECOQC Standardization Action Plan defining –Specific technical issues –Relevance towards the eEurope programme Possible standardization action steps –COPRAS participation in SECOCQ Interface standardization workshop –Business plan for a dedicated CEN/ISSS workshop on quantum cryptography –Installation dedicated workshop and drafting CEN Workshop Agreement (CWA) Definition of required dissemination and consensus building support to be provided by COPRAS

12 COPRAS remains open to cooperate with and support other security & eGovernment oriented projects Thank you for your attention & feedback Bart Brusse, COPRAS Project Manager bart@contestconsultancy.com Tel: +31-653-225260

Download ppt "Developments in cooperation between research and standardization related to security and secure communications Presentation at eMayor clustering event,"

Similar presentations

State University – Higher School of Economics

State University – Higher School of Economics
Mike Fisher, ETSI TC CLOUD Chairman ETSI TC GRID / CLOUD.

Mike Fisher, ETSI TC CLOUD Chairman ETSI TC GRID / CLOUD.
Research/standards collaboration The standardizers view ETSI ETP Conference, 23-24 October 2006 John Ketchell, CEN Director of Pre-Standards as Chair,

Research/standards collaboration The standardizers view ETSI ETP Conference, October 2006 John Ketchell, CEN Director of Pre-Standards as Chair,
DG INFSO- Grid Research & Infrastructures: W. Boch, M. Campolargo 1 Delivery of Industrial-strength Grid Middleware: establishing an effective European.

DG INFSO- Grid Research & Infrastructures: W. Boch, M. Campolargo 1 Delivery of Industrial-strength Grid Middleware: establishing an effective European.
Practical Digital Signature Issues. Paving the way and new opportunities. www.oasis-open.org Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.

Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
The Cooperation Platform for Research and Standards: improving the interface between ICT research and standardization Presentation at EASST2006, 24 August.

The Cooperation Platform for Research and Standards: improving the interface between ICT research and standardization Presentation at EASST2006, 24 August.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Identification of critical success factors for implementing NLLS, through collaboration and exchange of expertise IDENTIFY 147742-LLP-2008-RO-KA1-KA1NLLS.

Identification of critical success factors for implementing NLLS, through collaboration and exchange of expertise IDENTIFY LLP-2008-RO-KA1-KA1NLLS.
Summary of ETSI/ESI activities Andrea Caccia ETSI/ESI TB member Note: This document expresses only the views of its author.

Summary of ETSI/ESI activities Andrea Caccia ETSI/ESI TB member Note: This document expresses only the views of its author.
Jaroslav Pinkava May 2001 Certification Authority in Praxis. Security Aspects. Conference Security and Protection of Information Ing. Jaroslav Pinkava,

Jaroslav Pinkava May 2001 Certification Authority in Praxis. Security Aspects. Conference Security and Protection of Information Ing. Jaroslav Pinkava,
Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.

Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.
European Signatures versus Global SignaturesRome, 7 April, 2003 EESSI open specifications and interoperability The state of the art in Italy Giovanni Manca.

European Signatures versus Global SignaturesRome, 7 April, 2003 EESSI open specifications and interoperability The state of the art in Italy Giovanni Manca.
The HITCH project: Cooperation between EuroRec and IHE Pascal Coorevits EuroRec 2010 Annual Conference June 18 th 2010.

The HITCH project: Cooperation between EuroRec and IHE Pascal Coorevits EuroRec 2010 Annual Conference June 18 th 2010.
Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.

Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.
EMayor Confidential ProprietaryIST Priority - No 507217 Venue:Bolzano Author(s): Nineta Polemi ( ) Organisations: University of Pireus.

EMayor Confidential ProprietaryIST Priority - No Venue:Bolzano Author(s): Nineta Polemi ( ) Organisations: University of Pireus.
Emerging Research Dimensions in IT Security Dr. Salar H. Naqvi Senior Member IEEE Research Fellow, CoreGRID Network of Excellence European.

Emerging Research Dimensions in IT Security Dr. Salar H. Naqvi Senior Member IEEE Research Fellow, CoreGRID Network of Excellence European.
Www.enisa.europa.eu European Union Agency for Network and Information Security Follow ENISA: ENISA and standards Sławomir Górniak European Union Agency.

European Union Agency for Network and Information Security Follow ENISA: ENISA and standards Sławomir Górniak European Union Agency.
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.

Similar presentations

Ads by Google