Presentation is loading. Please wait.

Presentation is loading. Please wait.

DG CONNECT NIPS Study – CONSULTATION CONFERENCE 13 November 2013

Published byErik Reeves Modified over 9 years ago

Similar presentations

Presentation on theme: "DG CONNECT NIPS Study – CONSULTATION CONFERENCE 13 November 2013"— Presentation transcript:

1 DG CONNECT NIPS Study – CONSULTATION CONFERENCE 13 November 2013
TESTA NG Testa new generation a trans-European perspective DG CONNECT NIPS Study – CONSULTATION CONFERENCE 13 November 2013

2 Agenda Mission Challenges Experiences and concerns
Collaborative process TESTA NG

3 Mission Facilitate cooperation between public administrations in various policy areas Consolidate existing networks by providing a secure, reliable and flexible communication service layer

4 Mission TESTA was born (Trans European Services for Telematics between Administrations)is a communication platform to exchange electronic data between European and Member States administrations in a secure, reliable and efficient way

5 Moving up the value chain

6 Challenges EU is a mix of different cultures and a different country specific handling of information makes a common agreement on classification of information difficult Different security approaches in EU counties push at EU level to apply the most strict security measures Technical security implementations are often driven by political sensitivity and not by risk assessment and risk management

7 Experiences and concerns
Security = End to end TRUST By implementing measures and policies By auditing By having agreements Bilateral Legal agreements Concern of legal requirements with regard to the handling of EU Classified Information (EUCI) with Member States, Third countries and International organizations

8 Experiences and concerns: Security accreditation
Step 1. Initial Demand TSO (Technical System Owner) sends a formal request to Commission SAA (Security Accreditation Authority) Creation of SAP (Security Accreditation Panel) Step 2. Pre-Certification TSO provides SSRS, SecOPs, Crypto documents (procedures) to SAP Accreditation Panel approves SSRS Step 3. Evaluation - Certification SAP assesses the conformity between deployed system and documents ( SSRS, SecOPs, …) SAP produces statement of conformity (+ residual risks) Step 4. Accreditation SAP takes decision on accreditation and informs Commission SAA Commission SAA notifies the CSPAG (Commission security policy advisory Group) Step 5. LDCP accreditation (statement of compliance by NSA)

9 Experiences and concerns: Security accreditation
“Accrediting networks (or clouds) is neither necessary nor sufficient for the (obligatory) accreditation of the classified information system which uses such a network as transport layer” (dixit HR/DS)

10 Experiences and concerns
Dedicated and/or public network? Availability Today a public network like the Internet cannot give the contractual availability guarantee. Some applications like Schengen Information system require high availability. This results in commercial agreements and redundant infrastructure.

11 Experiences and concerns
Dedicated and/or public network? Security Although theoretically confidentiality and integrity can be achieved via the appropriate mechanisms over a public network, in practice application owners impose the implantation of private networks.

12 TESTA NG: Collaborative process
TESTA is by concept based on a collaborative approach Consequences: Agreements like MoU, Statement of compliance etc… Setup of different working groups to prepare these documents (TESTA expert groups; Security Accreditation Panel) Difficulties: Achieve common agreement on the content of the agreements Signature at the same organisational level Lessons learned To have clear policies and measures understood and accepted by everybody before proceeding

13 TESTA NG: Requirements survey
Information is requested to be protected from source to destination (End to End) From a security standpoint, the use of internet as an alternative transport network would be acceptable for a majority of the stakeholders. Data is often misclassified to be able to use sTESTA Additional security levels and services are highly desired. (security requirements in the future will be more stringent for some users). These additional security services should be on top of the current network security architecture. The usage of sTESTA is sometimes limited by the lack of common security policies and standards among countries.

14 TESTA NG: Requirements survey

15 TESTA NG: EuroDomain EuroDomain EU Institutions EFTA countries
Security Operation centre EU Institutions EFTA countries EuroDomain EU Member States EU Agencies Central Services Ministries Ministries Restricted access Internet VPN National Ministries or agency directly connected

16 TESTA NG: EuroDomain Security based on risk assessment and management
MPLS-based network Dedicated IP addressing IPSEC encryption Firewalling at all entry points IDS/IPS at all access points Dedicated security operations centre + Backup Dedicated central services domain + Backup DNS, mail relay, PKI, collaboration tool, web server, ftp … Tested BCP

17 91 applications on EuroDomain
Criminal Records System Prüm FIUnet CECIS ECB EURODAC EESSI SIGL Tachonet EURAMIS

18 TESTA NG: multiple clouds
97 sites 58 sites TESTA NG/ EuroDomain TESTA NG/ VIS TESTA NG SOC TESTA NG/ SIS II 47 (44+3) sites TESTA NG/ EUROPOL 50 sites (40+10) TESTA NG/ Council 30 sites

19 Questions

Download ppt "DG CONNECT NIPS Study – CONSULTATION CONFERENCE 13 November 2013"

Similar presentations

ICT research priorities and recommendations for strategy development in the WBC Ulrike Kunze / PT-DLR, Germany Consultation session on recommendations.

ICT research priorities and recommendations for strategy development in the WBC Ulrike Kunze / PT-DLR, Germany Consultation session on recommendations.
Bring every citizen, school, business and administration on-line - quickly create a digitally literate and entrepreneurial Europe ensure an inclusive information.

Bring every citizen, school, business and administration on-line - quickly create a digitally literate and entrepreneurial Europe ensure an inclusive information.
A centre of expertise in data curation and preservation DCC Workshop: Curating emailsApril 24 – 25, 2006 Funded by: This work is licensed under the Creative.

A centre of expertise in data curation and preservation DCC Workshop: Curating sApril 24 – 25, 2006 Funded by: This work is licensed under the Creative.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
Architecture Decision Group Group Organization & Processes April 7, 2015 | Tuesday.

Architecture Decision Group Group Organization & Processes April 7, 2015 | Tuesday.
Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.

Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.
Public Procurement in Albania in the framework of recent reforms PUBLIC PROCUREMENT AGENCY 1.

Public Procurement in Albania in the framework of recent reforms PUBLIC PROCUREMENT AGENCY 1.
New technologies and disaster information resources Part 2. The right information, at the right time, the right way.

New technologies and disaster information resources Part 2. The right information, at the right time, the right way.
PenalNet Secure e-communications in Criminal Law Practice Antonio Ruiz-Giménez de Aguilar, CEO of PenalNet.

PenalNet Secure e-communications in Criminal Law Practice Antonio Ruiz-Giménez de Aguilar, CEO of PenalNet.
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Mark van Stiphout – DG TREN – C2 Internal market for electricity and gas The role of TSOs in the third package EUROPEAN COMMISSION GIE conference 7 May.

Mark van Stiphout – DG TREN – C2 Internal market for electricity and gas The role of TSOs in the third package EUROPEAN COMMISSION GIE conference 7 May.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.

SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.
First Practice - Information Security Management System Implementation and ISO 27001 Certification.

First Practice - Information Security Management System Implementation and ISO Certification.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Management of the Internet

Management of the Internet
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
1 2003-05-19 Experiences from establishing a national Centre for Information Security in Norway TERENA Networking Conference 2003 Maria Bartnes Dahl &

Experiences from establishing a national Centre for Information Security in Norway TERENA Networking Conference 2003 Maria Bartnes Dahl &
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Similar presentations

Ads by Google