Presentation is loading. Please wait.

Presentation is loading. Please wait.

SWAMI Threats, vulnerabilities & safeguards in a World of Ambient Intelligence David Wright Trilateral Research & Consulting 21 March 2006.

Published byGladys Hill Modified over 9 years ago

Similar presentations

Presentation on theme: "SWAMI Threats, vulnerabilities & safeguards in a World of Ambient Intelligence David Wright Trilateral Research & Consulting 21 March 2006."— Presentation transcript:

1 SWAMI Threats, vulnerabilities & safeguards in a World of Ambient Intelligence David Wright Trilateral Research & Consulting 21 March 2006

2 SWAMI PrivacyIdentitySecurityTrust Digital divide

3 SWAMI goal Identify research & policy options re safeguards & privacy-enhancing mechanisms needed to ensure user control, acceptance and enforceability of policy with equal rights & opportunities for citizens

4 Privacy threats & vulnerabilities - 1  Hackers & malware  Function creep  Security & surveillance  Profiling  Sharing of data between companies & government  Lack of public awareness about privacy rights  Lack of enforcement & oversight  Erosion of rights & values  Uncertainties about what to protect & costs

5 Privacy threats & vulnerabilities - 2  Uncertainties about the economic costs of privacy erosion  Lax security  Government and industry are less than forthright

6 Identity threats & vulnerabilities - 1  Identity theft  Function creep  Exploitation of linkages by industry & government  Penetration of identity management systems (hacking, spoofing, denial of service, etc)  Authentication may intrude upon privacy  Complexity of identity management systems

7 Identity threats & vulnerabilities - 2  Failures in identity management & authentication systems  Inadequate protection of cyber identity  Misplaced trust in security mechanisms

8 Security threats Attackers - viruses, worms, Trojans, phishing, denial of service attacks Attackers – criminals, terrorists, government, industry

9 Security vulnerabilities System complexity, unexpected behaviour, not sufficiently reliable, generating false positives, insider attacks (authorised, but dishonest employee) Individuals are careless, lose their mobiles, forget to use security measures, are easily tricked Organisations don’t take adequate security measures, don’t know what to protect, don’t keep software up to date, have cost issues

10 Undermining trust - 1  Lack of trust in underlying cyber infrastructure and other people  Identity theft  Resourcefulness of hackers & intruders  Inadequate profiling (attribution conflicts & misinterpretation of user needs)

11 Undermining trust - 2  Loss of control –Technology paternalism (machines know best) –Unpredictable system behaviour –Hijacking of an AmI system  Service denial & discrimination  Victimisation

12 The digital divide could grow wider because of  technological & user dependencies  insufficient interoperability  cost  isolation  AmI “technosis”  stress  exclusion & discrimination – unequal access & stigmatisation

13 Safeguards A multiplicity of threats & vulnerabilities require a multiplicity of safeguards TechnologicalSocio-economic Legal & regulatory

14 Technological safeguards - 1 Main privacy-protecting principles in network applications:  Anonymity  Pseudonymity  Unlinkability  Unobservability

15 Technological safeguards - 2  Minimal data collection, transmission & storage  Active intrusion prevention – e.g., antivirus software  Passive intrusion prevention - encryption  Prove user authorisation locally, transmit only confirmation of authorisation  Hide relations between user identity & actions  Communications protocols that hide device ID  Limiting signal range

16 Technological safeguards - 3 Access control ISO 17799 – good but focuses on organisational security In AmI world access control will be needed in the wider, embedded world Unobtrusive, continuous, multimodal authentication Context-dependent access control Embedding legal requirements & personal user wishes Problem of authorised, but dishonest person Artificial intelligence to catch unusual patterns

17 Socio-economic safeguards Open standards Codes of practice Service contracts Trust marks Privacy audits Education Public awareness & media attention

18 Actions by the EC & Member States  Accessibility & inclusion  Accountability, audits, international collaboration, enforcement  Research proposals to identify potential privacy impacts  Guidelines for ICT research  Public procurement  Developing the legal framework to take AmI into account

Download ppt "SWAMI Threats, vulnerabilities & safeguards in a World of Ambient Intelligence David Wright Trilateral Research & Consulting 21 March 2006."

Similar presentations

E-ID: are you (proven) in control? INFORMATION RISK MANAGEMENT DENNIS VAN HAM.

E-ID: are you (proven) in control? INFORMATION RISK MANAGEMENT DENNIS VAN HAM.
4 Information Security.

4 Information Security.
Ethics, Privacy and Information Security

Ethics, Privacy and Information Security
Security Vulnerabilities and Conflicts of Interest in the Provider-Clearinghouse*-Payer Model Andy Podgurski and Bret Kiraly EECS Department & Sharona.

Security Vulnerabilities and Conflicts of Interest in the Provider-Clearinghouse*-Payer Model Andy Podgurski and Bret Kiraly EECS Department & Sharona.
Is There a Security Problem in Computing? Network Security / G. Steffen1.

Is There a Security Problem in Computing? Network Security / G. Steffen1.
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
Ch.5 It Security, Crime, Compliance, and Continuity

Ch.5 It Security, Crime, Compliance, and Continuity
7.1 © 2007 by Prentice Hall 7 Chapter Securing Information Systems.

7.1 © 2007 by Prentice Hall 7 Chapter Securing Information Systems.
Lecture 10 Security and Control.

Lecture 10 Security and Control.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
CYBER CRIME AND SECURITY TRENDS

CYBER CRIME AND SECURITY TRENDS
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 Steve Katz, CISSP Security.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.

Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

Similar presentations

Ads by Google