Presentation is loading. Please wait.

Presentation is loading. Please wait.

OUTLINE Security and dependability: needs & concerns

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "OUTLINE Security and dependability: needs & concerns"— Presentation transcript:

1

2 OUTLINE Security and dependability: needs & concerns
Towards a comprehensive EU approach to security Why is R&D important for policy making on security ICT Security R&D in FP5 & FP6 - biometrics The FP6 projects: BioSec & Biosecure Supporting the deployment of biometrics: a Plan for Action

3 The new security needs and concerns ...
9/11 has raised the need for “higher levels of security” the fears of terrorism make “national security needs” to prevail security in AmI is increasingly associated with strong identification (biometrics, unique identifiers, etc.) growing policy interests on security of information: economic security, protection of intangible assets and IT investments, etc. AmI would not happen without new models of security and privacy societal applications and systems call for an holistic reflection on our dependency on technology current generation is unable to perceive and feel “digital security” in AmI the personal sphere of individuals would be an open and evolving environment (instant networking, smart dust, intelligent agents, etc.) new policy challenges posed by technical developments on virtual identity, anonymity, RFID, etc. privacy is a human right to be preserved and technology should work to avoid a privacy crisis asymmetric power game between “technology” and “humans” may lead to discrimination, exclusion, divide, etc. there are no technical means to ensure social accountability of security solutions

4 A comprehensive EU approach to security
External security / defence Framework Decision on attacks against information systems Lawful interception G8 CIP e-identification/e-authentication biometrics in visas and residence permit Pilot action with DG RTD Dual use technology research Crisis management International Co-operation OECD, G8, Council of Europe, UN, ITU, ... network security, dependability, cryptography, biometrics, identity management, watermarking, ... Electronic Signature Data protection in elect. com. Network & information security Culture of security ENISA digital right management, biometrics, smart card, IPv6, open source software critical infrastructure protection Economic, business and social aspects of security in Information Society Research and Technology Information and Communication Technologies Preparatory Action on Security Research Cyber-crime, Internal security 12 12

5 Why is R&D important for policy-making on security
ERA: European Research Area Lisbon Strategy “EU: Largest knowledge-based economy by 2010” FP6, Eureka, COST, National RTD Programmes Enlargement … towards a Single Market for Research The candidate countries are full partners in FP6. Other policies Broadband access, e-business, e-government, security, skills, e-health, ... Single Market, Single Currency, Security of Europeans, Sustainable Development, ...

6 What’s the mission of EU R&D on ICT security?
Develop knowledge & technology - understanding implications and benefits secure, dependable, acceptable & respectful (of human rights and dignity) systems/applications proper assessment and evaluation R&D shall lead to

7 Ethics in the Information Society
Today issues Poor understanding and awareness of risks to privacy Influencing factors increased “digital powers” of Governments globalisation & interconnectedness business interest in knowing more about customers/people opacity of data gathering vs inefficient enforceability of law intrusiveness of technologies: RFID, location based, profiling, P2P, biometrics, etc. unprecedented exposure of users de facto impossibility to retain control on personal data Future objective Ethics of privacy as a key element of the Information Society How to go about it socioeconomic research on what would be “privacy” in IS make privacy part of education programs, training and public debate commercial and business conducts must adopt commonly agreed principles promote privacy compatible processes, products and systems build-in privacy mechanisms to ease “enforceability” Innovative R&D to ensure personal control of privacy.

8 FP6: between continuity and novelty
Deployment through eTEN Articulation with and support to EU Policies (ENTR, MARKT, JAI, RELEX…) eEurope , National Events Technology assessment & transfer FP3 FP4 FP5 Budget 35M € Budget 88M € Projects ~50 Projects 67 Results Strategic security frameworks User & service requirements PKI trials Specifications, standardization, certification Results ICT Security community high-risk technologies, applications & processes @ RACE / ACTS ESPRIT/IT TAP + INFOSEC / ETS ISIS PAST 10 years ( ) From Security of Information Systems... NEXT 10 years ( ) ...to Security in Ambient Intelligent Space Protection of digital assets Information infrastructure dependability & CIP Keywords: ambient networks, nomadic people, mobile things in the environment, intermediation services, ubiquity, distributed interactive infrastructure... Individuals and open large communities Mobility and reconfigurability

9 EU R&D on biometrics: FP5 projects
Applications (e-polling, e-government, travel) E-POLL, FASME, (S_TRAVEL) Sensor - basic technologies SABRINA, FINGER_CARD, VIPBOB Technology improvement and validation in applications BANCA, U-FACE Socio-economic aspects BEE Shaping the Future BIOVISION => European Biometrics Forum, Dublin Collaborative R&D in Europe covers a wide range of interdependent activities, from basic research to technology take-up and policy definition.

10 FP6 - R&D on ICT trust and security & biometrics
A total portfolio of 16 Projects 6 Integrated Projects BioSec, e-Justice, Inspired, Prime, Secoqc, Seinit 3 Networks of Excellence Ecrypt, Fidis, Biosecure 6 Specific Targeted Research Project Digital Passport, Medsi, Positif, Scard, Secure Justice, Secure Phone 1 Coordination Action SecurIST (under negotiation)

11 BioSec Project http://www.biosec.org/
Biometrics and Security Integrated Project started December 2003 for 2 years 23 partners from 9 countries Two stages First stage: framework specification and early integration Second stage: late integration and comparison studies Objectives Enhance security features of authentication elements Performance, robustness and aliveness detection Integrity and data protection User acceptance Put technology to work in real scenarios Personal biometric storage: tokens Security framework Scenarios: physical and remote access Evaluation

12 BioSec Project (2)

13 BioSec Project (3) Approaching the end first year
Technical achievements Specification of interoperability framework: sensors and storage First prototypes: aliveness detection in fingerprint, 3D recognition, Voice noise models, Iris recognition Multimodal database acquisition tools Two scenario setups: Network access with remote authentication Physical access: Helsinki airport Dissemination achievements BioSec Web site and Interest Group: BioSec Workshop (June 2004): 100 delegates IST 2004 (Nov 2004) Exhibition Contact with standardisation bodies and international organizations

14 The Network of Excellence BioSecure
Coordinator GET (Groupement des Ecoles de Télécommunication) CDC (Caisse des Dépôts et Consignation) 29 Core Partners Main academic actors in the field Satisfy excellence criteria : publications, PhD, etc… Involved in different aspects of Biometrics With experience in evaluation campaigns Relations with Industrials, small companies... through a Forum of Industrial and end user partners ST-Microelectronics, France Telecom, Bouygues Telecom, Gemplus, OPSIS, ELRA/ELDA, ORGA, etc…

15 BioSecure NoE (2) Objectives
Integrate the research and infrastructures developed in different teams involved in the biometric field Identify and meet the scientific and technical challenges in the Biometric field Explore the technical and non-technical issues arising during the deployment of applications in relation with the industrials and end-users Facilitate dissemination and training activities

16 Sharing databases and algorithms
BioSecure NoE (3) Sharing databases and algorithms Creation of a virtual multimodal Database and related assessment protocols Software integration and production of reference systems Preparation of the first summer institute for algorithms evaluation (July 2005) Active participation to international standardization instances

17 ------------ Call published on 19/11/2004 ------------
The next step: S.O Towards a global dependability and security framework Key Objectives & Breakthroughs build on EU technical and scientific excellence on security, dependability and resilience meet EU demands for privacy and trust strengthen the interplay between research and policy Indicative budget> 63 MEuro Research Focus: security and dependability challenges arising from complexity, ubiquity and autonomy resilience, self-healing, mobility, dynamic content and volatile environments strategic and solid research on security and trust for new societal applications interoperable content and digital rights management Call published on 19/11/

18 ------------ Work in progress ------------
The next step: S.O Towards a global dependability and security framework Priority areas integrated frameworks and technologies for resilience, dependability and security modelling/simulation techniques and synthetic environments for interdependencies, recovery and continuity technologies and architectures for secure computing and interoperable management and trustworthy sharing of digital assets secure and interoperable biometrics security and privacy technologies and architectures for future wireless and mobile scenarios security assurance and certification of complex networked systems and infrastructures interoperable content and digital rights management Instruments IPs, NoEs, STREPs, CAs IPs, STREPs STREPs STREPs, SSAs Work in progress

19 Deployment of biometrics: open technology issues
Identification – biometrics are based on probability assumptions, no “absolute” identification Performance Limitations – this bear the not negligible risks of not being applicable to some percentage of population Distributed Enrolment – may undermine accuracy and performance of large scale systems Interoperability - not yet supported by standards nor technology

20 Deployment of biometrics: open technology issues
Security vs performance – enhancing security by very low failure rate may lead to low performances, not acceptable to users Availability of algorithms - no “open source” policy yet although desirable Scalability - no experience of large scale field trials Data Control - need of effective safeguards and remedial actions with respect to the risk of misuse

21 Supporting the deployment of biometrics: a Plan for Action
Motivation: The political agenda: integration of biometrics identifiers in visas, residence permits and European passports The technical state-of-the-art diverse context specific solutions available only problem of scalability and interoperability Urgent need for Technical advise (to decision makers) Common assessment and evaluation criteria Exchange of information on deployment activities at European level !

22 A Plan for Action on biometrics: the background
Internal discussion & consultation External consultation workshops Roadmap projects and studies The plan builds upon

23 A Plan for Action on biometrics: outline
Support for the establishment of a European Authoritative Technical Body on Biometrics Launching of an European Web Portal for the exchange of information on deployment activities between Member States Support for the creation of a European network on testing and assessment of biometric technology 4th objective on Member States discussion skipped here Presented by Commissioner Ján Figel’ at the Conference “Biometrics for the benefit of the citizen: a European Perspective“, Dublin 14 June 2004

24 Technical Body Objective: To assist decision makers in taking informed decisions on issues involving biometrics (e.g. passports) Status Draft Terms of Reference available Workshops planned for near future with relevant stakeholders (academia, industry, industrial and policy oriented fora, governmental bodies, etc.) Proposed outline Network of experts: European Biometrics Expert Group (EBEG)

25 The European Web Portal on biometrics
Objective: To share information of large scale deployment activities (pilots, trials, etc.) among the Member States Status Recent call for tender Selection of tenderer in progress Launching of web portal summer 2005 Expected results a common framework for data collection schemes to define and evaluate trials collection of good practices and lessons learnt

26 Assessment & Testing Network
Objective: To establish a European network for testing and assessment of biometrics technology. Status Discussion started with relevant stakeholders (centres of excellence in testing and assessment, certification bodies, etc.) Plan to propose a Network of Excellence in FP6 based on open research issues in testing of biometrics. Expected results a common framework for testing, assessing and certifying biometric technology Planned coordinator for the NoE: TÜViT, Germany Others involved so far: NPL, UK Univ. Bologna (synthetic test data for finger print) Univ. Manchester (dto. for face recognition)

27 Complementary activities
Follow closely the international work on technical standards for biometrics Stimulate and facilitate the participation of EU industry to on-going international standardization (ICAO, ISO/IEC, etc.) Promote further R&D on secure and interoperable biometrics (ref. Call 4 for proposal of IST priority)

28 ICT for Trust & Security PASR Consultation on new Work Programme
Web sites IST Programme: ICT for Trust & Security FP5 Roadmap projects PASR Consultation on new Work Programme IST helpdesk Fax :

Download ppt "OUTLINE Security and dependability: needs & concerns"

Similar presentations

ICT research priorities and recommendations for strategy development in the WBC Ulrike Kunze / PT-DLR, Germany Consultation session on recommendations.

ICT research priorities and recommendations for strategy development in the WBC Ulrike Kunze / PT-DLR, Germany Consultation session on recommendations.
A strategy for a Secure Information Society –

A strategy for a Secure Information Society –
S.O. 2.4.3 Towards a global dependability and security framework Andrea SERVIDA Deputy Head of Unit ICT for Trust and Security European Commission Directorate-General.

S.O Towards a global dependability and security framework Andrea SERVIDA Deputy Head of Unit ICT for Trust and Security European Commission Directorate-General.
Security and dependability in FP6 Andrea SERVIDA Head of Sector European Commission DG Information Society - Unit D/4 Trust and Security

Security and dependability in FP6 Andrea SERVIDA Head of Sector European Commission DG Information Society - Unit D/4 Trust and Security
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
FP7 Preparations ISTC meeting 31 March 2004. Content FP7 preparation approach and timetable Context for FP7 and for ICT in FP7 Research in New Financial.

FP7 Preparations ISTC meeting 31 March Content FP7 preparation approach and timetable Context for FP7 and for ICT in FP7 Research in New Financial.
NMP-NCP meeting - Brussels, 27 Jan 2005 Towards FP 7: Preliminary principles and orientations… Nicholas Hartley European Commission DG Research DG Research.

NMP-NCP meeting - Brussels, 27 Jan 2005 Towards FP 7: Preliminary principles and orientations… Nicholas Hartley European Commission DG Research DG Research.
ICT Work Programme 2011-12 NCP Infoday 23 June Maria Geronymaki DG INFSO.H.2 ICT for Government & Public Services Objective.

ICT Work Programme NCP Infoday 23 June Maria Geronymaki DG INFSO.H.2 ICT for Government & Public Services Objective.
The evolution of European security research and innovation programmes: changing purposes and rationales Jean-Marc Suchier ETTIS R&I strategies and policy.

The evolution of European security research and innovation programmes: changing purposes and rationales Jean-Marc Suchier ETTIS R&I strategies and policy.
Evidence based policy making Seminar FP7 Work Programme 2011-2012 2 December 2010, Paris, Université Paris Dauphine Maria Geronymaki DG INFSO.H.2 ICT for.

Evidence based policy making Seminar FP7 Work Programme December 2010, Paris, Université Paris Dauphine Maria Geronymaki DG INFSO.H.2 ICT for.
BioSec Biometrics & Security IST-2002-001766 © 2005 BIOSEC Consortium 1February 2005 BioSec Biometrics & Security Orestes SanchezBioSec Coordinator Telefónica.

BioSec Biometrics & Security IST © 2005 BIOSEC Consortium 1February 2005 BioSec Biometrics & Security Orestes SanchezBioSec Coordinator Telefónica.
Www.eaea.orgEuropean Association for the Education of Adults EAEA European AE Research – Look towards the future ERDI General Assembly, 2004.

Association for the Education of Adults EAEA European AE Research – Look towards the future ERDI General Assembly, 2004.
EHealth Challenges and Opportunities E-health: Multi-disciplinary of E (ICT) and Healthcare, or applied ICT in healthcare (Design oriented), or healthcare.

EHealth Challenges and Opportunities E-health: Multi-disciplinary of E (ICT) and Healthcare, or applied ICT in healthcare (Design oriented), or healthcare.
Research and Innovation Research and Innovation Research and Innovation Research and Innovation Research Infrastructures and Horizon 2020 The EU Framework.

Research and Innovation Research and Innovation Research and Innovation Research and Innovation Research Infrastructures and Horizon 2020 The EU Framework.
Scientific Publication in the European Research Area: moving towards change Pēteris Zilgalvis Head of Unit, Governance and Ethics European Commission,

Scientific Publication in the European Research Area: moving towards change Pēteris Zilgalvis Head of Unit, Governance and Ethics European Commission,
1 May 2006 … Identity management - Internet - Data controller - PKI - Vulnerabilities - Fingerprint - Critical Information Infrastructure - Privacy and.

1 May 2006 … Identity management - Internet - Data controller - PKI - Vulnerabilities - Fingerprint - Critical Information Infrastructure - Privacy and.
IT security seminar Copenhagen, April 4th 2002 M. Jean-Michel HUBERT Chairman of the French Regulation Authority IRG Chairman.

IT security seminar Copenhagen, April 4th 2002 M. Jean-Michel HUBERT Chairman of the French Regulation Authority IRG Chairman.
Horizon 2020 Secure Societies Security Research and Industry DG Enterprise and Industry 2013.

Horizon 2020 Secure Societies Security Research and Industry DG Enterprise and Industry 2013.
Giandonato CAGGIANO ENISA MANAGEMENT BOARD REPRESENTATIVE LEGAL ADVISER ON EUROPEAN AFFAIRS OF THE MINISTRY OF COMMUNICATIONS U. OF ROMA TRE LAW FACULTY.

Giandonato CAGGIANO ENISA MANAGEMENT BOARD REPRESENTATIVE LEGAL ADVISER ON EUROPEAN AFFAIRS OF THE MINISTRY OF COMMUNICATIONS U. OF ROMA TRE LAW FACULTY.
1 ENISA’s contribution to the development of Network and Information Security within the Community By Andrea PIROTTI Executive Director ENISA Cyprus, 28.

1 ENISA’s contribution to the development of Network and Information Security within the Community By Andrea PIROTTI Executive Director ENISA Cyprus, 28.

Similar presentations

Ads by Google