INCO-TRUST. INCO-TRUST: to set up a co-operation framework based on mutual interests & capabilities! Canada US S. Korea Japan.



Similar documents
Trust areas: a security paradigm for the Future Internet

Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security

EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics

Agile Information Security Management in Software R&D

Internet of Things (IoT): A vision, architectural elements, and future directions

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

National Cyber Security Policy -2013

5G Public Private Partnership Objectives and opportunities

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Cyber Security Test-bed TDL Download Corner. Achieving The Trust Paradigm Shift ATTPS. Arthur Leijtens, Daan Velthausz, Bicore, April, Brussel

The cloud - ULTIMATE GAME CHANGER ===========================================

Developing the Corporate Security Architecture. Alex Woda July 22, 2009

Building a Mobile App Security Risk Management Program. Copyright 2012, Security Risk Advisors, Inc. All Rights Reserved

Approach to Information Security Architecture. Kaapro Kanto Chief Architect, Security and Privacy TeliaSonera

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

Enterprise Portfolio Management

Complete Web Application Security. Phase1-Building Web Application Security into Your Development Process

I. Introduction to Privacy: Common Principles and Approaches

NSF Workshop on Big Data Security and Privacy

Microsoft Services Premier Support. Security Services Catalogue

Cloud security architecture

Information & Asset Protection with SIEM and DLP

CYBER SECURITY INFORMATION SHARING & COLLABORATION

Big Data, Big Risk, Big Rewards. Hussein Syed

Research Topics in the National Cyber Security Research Agenda

US Federal Cyber Security Research Program. NITRD Program

Energy Efficient Systems

Cloud Security Introduction and Overview

Cloud Computing Security Considerations

How can the Future Internet enable Smart Energy?

Some Specific Parawise Suggestinons. 2. An application which collects and analyzes this data for further consolidation and,

The IT Maturity and the Threat to Corporate Business Strategies

Cyber intelligence exchange in business environment : a battle for trust and data

Security Considerations for Public Mobile Cloud Computing

PASTA Abstract. Process for Attack S imulation & Threat Assessment Abstract. VerSprite, LLC Copyright 2013

Cloud Computing for Architects

IAPP Privacy Certification

Cloud Standards - A Telco Perspective

<Insert Picture Here> Cloud Archive Trends and Challenges PASIG Winter 2012

WORK PROGRAMME Topic ICT 9: Tools and Methods for Software Development

Cyber Security and Privacy - Program 183

The Future of Privacy Insights from the Internet technical community

5G Network Infrastructure for the Future Internet

Meeting Cyber Security Challenges

INCO for Cyber Security. PTCIF: 21st Feb 2014

Overview TECHIS Carry out risk assessment and management activities

ICT 6: Cloud computing

ICT 7: Advanced cloud infrastructures and services. ICT 8: Boosting public sector productivity and innovation through cloud computing services

EU Threat Landscape Threat Analysis in Research ENISA Workshop Brussels 24th February 2015

Software Development: The Next Security Frontier

Kaspersky Fraud Prevention platform: a comprehensive solution for secure payment processing

Securing the Electric Grid with Common Cyber Security Services Jeff Gooding

On Premise Vs Cloud: Selection Approach & Implementation Strategies

Charter of Consumer Rights in the Digital World

Securing the Cloud Infrastructure

UNIFORM ECONOMIC TRANSACTION PROTOCOL. Payments and transactions several perspectives Utrecht, February 2 nd, 2015

L Impatto della SOA sulle competenze e l organizzazione ICT di Fornitori e Clienti

Concept and Project Objectives

Workshop on Building international cooperation WG2 : Network Information Security / cyber security

The Legal Pitfalls of Failing to Develop Secure Cloud Services

EUK : South Korea: IoT joint research

ETSI M2M / onem2m and the need for semantics. Joerg Swetina (NEC) (joerg.swetina@neclab.eu)

The data breach lifecycle: From prevention to response IAPP global privacy summit March 6, 2014 (4:30-5:30) Draft v

Mobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing

BIC a multi-lateral international cooperation strategy based on in-country Extended Working Groups (EWGs)

Practitioner Certificate in Information Assurance Architecture (PCiIAA)

Cloud-Security: Show-Stopper or Enabling Technology?

ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe. CENTR General Assembly, Brussels October 4, 2012

The Education Fellowship Finance Centralisation IT Security Strategy

Conceptual Model for Enterprise Governance. Walter L Wilson

Enhancing Cyber Security in Europe Dr. Cédric LÉVY-BENCHETON NIS Expert Cyber Security Summit 2015 Milan 16 April 2015

Enterprise Architecture Assessment Guide

Glossary of Key Terms

Cyber Security for your Connected Health Device

Update On Smart Grid Cyber Security

Introduction to Service Oriented Architectures (SOA)

INTERNATIONAL TELECOMMUNICATION UNION

Council of the European Union Brussels, 19 June 2015 (OR. en)

REPORT. Next steps in cyber security

ICT 9: Tools and Methods for Software Development

Transcription:

INCO-TRUST: Intl Co-Operation in Trustworthy, Secure and Dependable ICT Infrastructures Neeraj Suri, TU Darmstadt, Germany James Clarke, Waterford Institute of Technology, Ireland

INCO-TRUST Canada US S. Korea Japan Australia INCO-TRUST: to set up a co-operation framework based on mutual interests & capabilities!

The Mechanisms INCO-TRUST Intl. Cooperation in ICT Security & Trust USA (NSF, DHS), Japan (JST), Australia (NICTA), The Consortium Canada, S. Korea THINK-TRUST Personalisation, Security, Accountability Vs Privacy & Human Values! The Consortium Composite Social Legal Technical Issue considerations

EU, US +++ Partnerships Understanding problems & technologies of common interest where synergy would be meaningful & add local (technological, legal, societal) depth? Web x.0, Persona/Data mgmt (technologies and approaches, storage, access, data transfer rights/jurisdiction), privacy,... Problems where the interconnected trans-national world of things (& attacks, impact, enforcement) behooves us to join forces where synergy is a no-brainer... Web x.0, interlinked infrastructures (& their protection), testbeds Can we jointly influence and leverage issues? Understanding the other sides priorities The mechanism Inco-Trust DEEDS Group

Thrust 1: Future Internet Design & its Security Mixed-mode, mobility, WSN - heterogeneity galore!!! Will need global inputs: Technical, implementation, + regulatory/legal involvement at varied levels/layers design & monitoring End user/device compatibilities? Architectural? Protocols? Multi-layered, federated security?... (PlanetLab-intl.) CyberThreats? (CyLab involvement) Reality: composition of internet is terribly diffuse with many many many international entities BUT this is also the critical and high impact co-operation area! Influence via international standards groups? DEEDS Group 5

Thrust 2: Global Persona Mgmt & Privacy Technological base: biometrics, crypto Usage facets: User-in-the loop privacy, confidentiality human/machine/device ID mgmt coverage: across enterprise lifecycle? partitioned (VM style) access with multiple personas? data storage, access rights across intl. data centers, intl. jurisdiction? repudiation, intl. liability rights? abuse? privacy: varied intl. legalities, varied social acceptability & conformance standards + regulation data level (mobile content? DRM?) intl. issues? DEEDS Group ISORC 2006 6

Thrust 3: Infrastructure Protection App Level Users Businesses FI/Govt Impact Tech/Info Conduits Sys Level Public Custom UI Servers Telcos DB Servers Transactional & Data Confidentiality - Liability Driver Transactional & Data Integrity - Liability Driver Transactional & Data Availability - Usage Driver Operational Financial Confidence The Financial Infrastructure Protection (FIP) challenge is not just at a favorite (national) level or element(s) within the FI landscape, but the consolidated, coherent and consistent coverage of the overall environment the technological, usage and user elements on a global scale. DEEDS Group

WG1: Security, Dependability and Trust in the Future Internet What is our vision? Terms of Reference Scenarios for technological evolution Which TSD issues to address at generic level and which at application level? Security & trustworthiness of composite complex services Input from user perspective

WG1: Security, Dependability and Trust in the Future Internet Covering conceptual and implementation aspects across the spectrum of multi-layered network and services infrastructures Technological evolution and scalability Layering (polymorphic networks, physical, virtual, service, others ) Computing & communication paradigms (incl. protocols/middleware - functionality and monitoring) Emerging Threats Virtualization concepts Infrastructures and testbeds Across enabling technologies Core infrastructures, end users/devices,... Links with ETPs and FIA

WG2: Privacy and Trust in the Information Society What is our vision? Terms of Reference User centricity: User perspective: Social acceptability, usability, privacy, repudiation and liability issues Economic aspects: TSD as tradable service Trust and privacy aspects: convey problems and solutions E.g. short term & longer term scenarios that could make a difference

WG2: Privacy and Trust in the Information Society Covering conceptual, implementation and tradeoffs Human/machine/device ID (+ multiple persona) management Data collection, data storage, data access and data protection rights for businesses and consumers Usage facets: authentication, privacy, confidentiality Personal privacy versus societal and national needs Standards and regulatory issues Covering non-technical needs and concerns, from social and economic viewpoints (costs vs. benefits quantification), from the human and personal to the organisational and legal/governmental Across varied application domains and enabling technologies Biometrics, Crypto, Data/Identity Rights Management, Trusted Computing and Communication... Deployment case studies

Mapping WG Coverage Areas* of F5 Security Network infrastructures Identity management, privacy, trust policies Dynamic reconfigurable service architectures Critical Infrastructure Protection Underpinning technologies for trustworthy infrastructures * from EC F5 presentation

Related Topics raised during EU-US Workshops early identification and protection mechanisms for emerging global risks as the digital systems evolve permanently survey and identify the new possible attacks, the potential vulnerabilities due to complexity or just-in time services. look for new emerging risks, while being conscious of the incompleteness and the limitations of all these analyses. aspects related to attack distribution: information concerning possible attacks, who or what is responsible for the attack, the extent of the attack [1], information gathering; tracking and tracing for forensics to enable prosecution of cyber criminals; balancing technological challenges with legal aspects and privacy of individuals. [1] Taken from Infosec Research Council Hard Problems List - see http://www.infosec-research.org/docs_public/irc-hpl-as-released- 990921.doc

The Timeline & Mechanics of Inco-Trust Phase 0: Pre-Project EU-International Summit Series Workshops 1 + 2 Phase 1: Understanding & connections of mutual beneficial interests Phase 2: Prioritization of mutual interests Platform for international collaboration & consensus building Input to the design of future research programs * Call Prioritizations * Intl. Project Formulations WS(EU 11 06) WS (US) 4 07 M9: (EU) M15: (US) M21: (JPN ) Final M27: (EU) 2006-2007 2008 2009 2010

Next Steps 04 11/06 04/07 I-T: 1/08 NOW Q4/08 4/09 I-T WG WS-2 WS-1 Start Forma tions WS+1 ICT- TSD WP Call Please visit www.inco-trust.eu jclarke@tssg.org, www.wit.ie, www.tssg.org suri@cs.tu-darmstadt.de, www.deeds.informatik.tu-darmstadt.de DEEDS Group

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information