Download presentation
Presentation is loading. Please wait.
Published byEmmeline Henderson Modified over 9 years ago
1
Dirk van Rooy, Ph.D. DG Information Society and Media European Commission Perspectives for Trust and Security in the future Digital Society Scope for actions eGov Workshop Brussels – Public Finances: ICT Solutions using SOA & Web Services 19 February 2009 - Brussels The views expressed in this presentation are purely those of the speaker and may not in any circumstances be regarded as stating an official position of the European Commission.
2
CONTENT Context Policy basis Ongoing Research Opportunities: –ICT Programme –ICT Policy Support Programme
3
Information Society 21st Industrial Revolution 19th 15th Printing Press Agricultural Revolution Writing 3000 B.C. Photography Information Revolution Internet
4
Digital Wave
5
The Cloud
6
The Knowledge Society Data Local Networked Information Ubiquitous Knowledge First generation data protection and legislation PETs Privacy Enhancing Technologies TRUST Technical framework for Identity, Transparency and Accountability in the age of ambient intelligence ?
7
The Five Freedoms Free movement of 1. Goods 2. Persons 3. Services 4. Capital 1 5. Knowledge 2 1.1986 - Single European Act 2.2007 - Green Paper COM(2007) 161 http://ec.europa.eu/research/era/pdf/era_gp_final_en.pdfhttp://ec.europa.eu/research/era/pdf/era_gp_final_en.pdf
8
Future Internet: Complexity! Trillions of components and transactions and zetta bytes of data Scalability Dependability Resilience Collaborative Security! End-to-End security and trust in highly complex networks and services! Non-functional requirements (trustworthiness) part of the design and construction
9
Security, Privacy, Trust in the Information Society? Cloud computing lets Feds read your email Phorm to use BT customers to test precision advertising system on net La colère associative monte contre Edvige, le fichier policier de données personnelles Web giants spark privacy concerns Big Brother tightens his grip on the web YouTube case opens can of worms on online privacy Grosse faille du web, et solution en chemin Revealed: 8 million victims in the world's biggest cyber heist Phishing attacks soar in the UK Cyberwar and real war collide in Georgia Internet security Code red The Evolution of Cyber Espionage Lessons from SocGen: Internal Threats need to become a security priority Six more data discs 'are missing' Big Brother Spying on Americans' Internet Data? UK's Revenue and Customs loses 25 million customer records Identity theft, pornography, corporate blackmail in the web's underworld, business is booming Defenseless on the Net Internet wiretapping Bugging the cloud Privacy Trust Security
10
Democratic Societal Values Endangered Species in the Digital Age ? Possible erosion of democratic values. It took generations to build our democratic values – Europe must foster them and carry them into the digital age.
11
Complex collaborations Users – systems – services Heterogeneous: access control, dynamic, dispersed, dependencies, security policies… Security is paramount – Identity management, confidentiality, data protection, privacy, QoS, traceability, integrity, policy enforcement… Service oriented architecture Service oriented infrastructure
12
The Crisis: Data collection and use in the interest of the citizen for governments to service citizens and business (e-government, e-education or e-health) for business, to provide personalized innovative applications and services for citizens, to better communicate and interact, improve the quality of their life (Web 2.0) for governments again, to provide public security (protection against crime or terrorism, border-control, protection of critical infrastructures, etc.) trust, user-control, privacy, security proportionality of data storage/use ??
13
The Commission in its First Report on the implementation of the Data Protection Directive: the use of appropriate technological measures is an essential complement to legal means and should be an integral part in any efforts to achieve a sufficient level of privacy protection "… the use of appropriate technological measures is an essential complement to legal means and should be an integral part in any efforts to achieve a sufficient level of privacy protection…". Trust, privacy and security in digital society role of technology
14
Strengthening Competitiveness through Co-operation Total 50,521 M€ 7th EU Research Framework Programme (FP7: 2007-2013) ICT Security & Trust
15
Future and Emerging Technologies Digital libraries & Content Sustainable & personalised healthcare ICT for Mobility, Environment, Energy ICT for Independent Living and Inclusion End-to-end systems for Socio-economic goals Technology roadblocks Pervasive & Trusted Network & service infrastructures Cognitive systems, Interaction, Robotics Components, Systems, Engineering Research in Security & Trust Embedded Systems Design Computing Systems Networked Embedded & Control Systems ICT for Cooperative Systems Virtual Physiological HumanICT & Ageing ICT FP7 - Security & Trust in perspective
16
Trustworthy ICT Future RTD and policy areas Trusted Global Identity Framework: providing global interoperability and enabling informed trust decisions on organisations, people, and digital entities in the Future Internet. Enabling privacy protection in accordance to EU culture Transparency and Accountability of data use in processes, services and policies in ICT systems Sound risk management for enterprises and consumers (there is no 100% security) Governance based on these principles for law enforcement and citizen/infrastructure security
17
Coordination Actions Research roadmaps, metrics and benchmarks, international cooperation, coordination activities 4 Projects: 3.3 m€ Network infrastructures 4 Projects 11 m€ Dynamic, reconfigurable service architectures 4 Projects 18 m€ Identity management, privacy, trust policies 4 Projects 22.5 m€ 4 Projects: 16 m€ Enabling technologies for trustworthy infrastructures Biometrics, trusted computing, cryptography, secure SW 3 Projects 9.8 m€ 1 Project 9.4 m€ 9 Projects: 20 m€ Critical Infrastructure Protection 110 M€ ICT Work Programme 2007-08 33 new FP7 projects in Security & Trust
18
Main R&D project priorities IPMASTER Assuring the security level and regulatory compliance of SOAs handling business processes (IP MASTER) AVANTSSAR Platform for formal specification and automated validation of trust and security of SOAs (AVANTSSAR) Consequence Data-centric information protection framework based on data-sharing agreements (Consequence) SECURE-SCM Crypto techniques in the computing of optimised multi-party supply chains without revealing individual confidential private data to the other parties (SECURE-SCM) Security in service infrastructures: 4 projects, 18 m€ EC funding Personalised Services
19
User-centric Privacy and ID-Management 6 projects, 35.7 m€ EC funding User-centric Privacy and ID-Management 6 projects, 35.7 m€ EC funding Main R&D project priorities PRIMELIFE, PICOS, SWIFT Sustainable Privacy and Identity Management in Networks and Services; Privacy-enhancing identity management ‘for life’ (PRIMELIFE, PICOS, SWIFT) TURBINE Revocable, user-controlled, fingerprint-based biometric identities (TURBINE) IP-TAS3 Trusted dynamic and secure services managing and processing personal information based on user-centric data management policies (IP-TAS3) PRISM Privacy-preserving network monitoring system with data protection (PRISM)
20
The FP7 ICT work programme for 2009-10 Objective ICT-2009.1.4: Trustworthy ICT ICT Call 5: 31 July 2009 – 3 November 2009
21
Priority areas for Trustworthy ICT in WP09-10 Trustworthy Network Infrastructures Trustworthy Service Infrastructures Networking, Coordination and Support Technology and Tools for Trustworthy ICT NoEs, CAs 10m€ 90 M€ Call 5 (OCT ’09) IPs, STREPs: 80 m€ min 50% to IPs
22
Trustworthy Network Infrastructures Building and managing the Future Internet Monitoring and managing threats Trustworthy communication, computing and storage (real-time management, virtualisation) Experiments and demonstration Attention to usability, social acceptance, economic and legal viability
23
Trustworthy Service Infrastructures Privacy protecting interoperable services on the FI User-centric, privacy respecting ID for persons, things and virtual entities Adaptive frameworks for managing trust throughout life-cycle Experiments and demonstration Attention to usability, social acceptance, human self-determination and privacy, economic and legal viability
24
Technology and Tools for Trustworthy ICT Focused technology development –in the network (control, things, malware) –for services (ID and privacy mgt tools, risk mgt, verification, certification) –for data management (assurance, integrity, availability, risks, long term storage) –Software assurance, secure software –enabling technologies (biometrics, crypto, trustworthy communication, virtualisation, metrics, certification)
25
Networking, Coordination and Support Threats and vulnerabilities Security and resilience in software and services Economics of security Interoperable standards, certification Legal and societal aspects of technology International cooperation
26
ICT Policy Support Programme – WP2009 - Objective 7.1 A European infrastructure for secure information management Focus and outcomes Integration of available technologies for secure information management systems Piloting deployment in public administrations and private organisations Rationale Many technologies for data & privacy protection exist Insufficient deployment, leading to data leakage, loss & theft International standards exist Main expected outcomes –functional pilot, possibly with applications in different areas –under typical real-life conditions; transferable deployment principles; best practices –contributing to convergence across European organisations
27
ICT PSP – WP2009 - Objective 7.1 A European infrastructure for secure information management ICT PSP – WP2009 - Objective 7.1 A European infrastructure for secure information management Conditions and characteristics Integration of available security technologies, techniques, tools, policies and procedures into a functional pilot Technologies such as encryption, single sign-on, strong authentication, role definition, distributed data storage Combine best available technologies and practices, European convergence Economic viability for real-life deployment Public-private partnerships, solution and service providers in ICT security, public admin, private data controllers
28
ICT PSP – WP2009 - Objective 7.1 A European infrastructure for secure information management ICT PSP – WP2009 - Objective 7.1 A European infrastructure for secure information management Expected impact Towards operational and comprehensive secure information management in daily work environments Limit information loss; limit unintended use of information; promote accountability Increase trust in eServices Instrument & funding: –One pilot project –One pilot project, type B, up to 3 M€ funding –minimum 4 eligible legal entities (Member States or associated) –typical duration 24-36 months, with 12 months pilot operating service –Open: 29 Jan. 2009 – close 2 June 2009 –http://ec.europa.eu/information_society/activities/ict_psp/index_en.htmhttp://ec.europa.eu/information_society/activities/ict_psp/index_en.htm
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.