Embed Size (px)
Citation preview
Experience/views from PRECIOSAAntonio Kung| Trialog. 25 Rue du Général Foy, 75008, Paris, France | 25.05.2012
Click t
o buy NOW!
PDF-XChange
www.docu-track.com Clic
k to buy N
OW!PDF-XChange
www.docu-track.com
Secure Com ITS Privacy In-VehicleSecurity
In-VehicleSecurity
Secure Autom.App. PlatformSecure Autom.App. Platform
Integration and Field Testing
DRIVE C2X, FOTsis, C2C-CC, ETSI, …
212.06.2012 Workshop: Personal data protection & ITS
Click t
o buy NOW!
PDF-XChange
www.docu-track.com Clic
k to buy N
OW!PDF-XChange
www.docu-track.com
A Typical ICT/ITS Ecosystem
3
Platformprovider
ApplicationDeveloper
ServiceProvider
Interface forApplication
Interoperability
CompetingPlatforms
Manyapplications
Many End-to-endsolutions
ITS offer
Consumer
Market
Platform Application-Services
Click t
o buy NOW!
PDF-XChange
www.docu-track.com Clic
k to buy N
OW!PDF-XChange
www.docu-track.com
SeVeCom
• 2006-2008• Focus: secure communication• Contribution:
– proof of concept technology brick• secure communication for car-to-car based on ECC
(software)• pseudonym change
– flexible structure to allow for easy integration inexisting implementations
12.06.2012 Workshop: Personal data protection & ITS 4
Click t
o buy NOW!
PDF-XChange
www.docu-track.com Clic
k to buy N
OW!PDF-XChange
www.docu-track.com
SeVeCom
Application
Platforms
SeVeComSecurity
CommunicationStack
ApplicationInteroperability
12.06.2012 Workshop: Personal data protection & ITS
TechnologyInteroperability
Click t
o buy NOW!
PDF-XChange
www.docu-track.com Clic
k to buy N
OW!PDF-XChange
www.docu-track.com
Barriers Identified in SeVeCom
• Technology level– Lack of support for security in communication
stack implementation• No security-by-design approach
– Fixed MAC address– Lack of flexibility in changes
• Application level– Agreement process on security policies
• Application interoperability issue
12.06.2012 Workshop: Personal data protection & ITS 6
Click t
o buy NOW!
PDF-XChange
www.docu-track.com Clic
k to buy N
OW!PDF-XChange
www.docu-track.com
PRECIOSA
• 2009-2010• Focus: data protection in ITS• Contribution:
– proof of concept enforcement technology brick• Data protection within a (distributed) perimeter
(query based access, policy access)– Understanding privacy-by-design pillars
• Minimisation• Enforcement• Transparency for trust
12.06.2012 Workshop: Personal data protection & ITS 7
Click t
o buy NOW!
PDF-XChange
www.docu-track.com Clic
k to buy N
OW!PDF-XChange
www.docu-track.com
PRECIOSA
Application
Platforms
Data protectionPerimeter
SecureCommunicationStack
ApplicationInteroperability
12.06.2012 Workshop: Personal data protection & ITS
Click t
o buy NOW!
PDF-XChange
www.docu-track.com Clic
k to buy N
OW!PDF-XChange
www.docu-track.com
Barriers Identified in PRECIOSA• Meaning of PbD (privacy-by-design)
– Minimization+Enforcement+Transparency• Impact of PETs (Privacy Enhancing Technology) on
architecture– Towards PEARS (Privacy Enhancing Architectures)
• Practicing PbD– minimization, enforcement and transparency measures?– Integration into design process– Impact of ecosystem (designing technology vs designing
application)– Curriculum
• Lack of flexibility of ICT (architecture is changing)
12.06.2012 Workshop: Personal data protection & ITS 9
Click t
o buy NOW!
PDF-XChange
www.docu-track.com Clic
k to buy N
OW!PDF-XChange
www.docu-track.com
RecommendationsProtectionViewpoint Barriers Recommendation to
policy makers Comments
CommunicationProtection
Technology support Mandate support andstandardisation Beyond ITS
Fixed MAC address Mandate fix ETSI ITS WG5Security policiesinteroperability
Creation and support of aconsensus process
Need politicalsupport
Lack of flexibility inchanges
Research roadmap forflexibility Beyond ITS
12.06.2012 Workshop: Personal data protection & ITS 10
Click t
o buy NOW!
PDF-XChange
www.docu-track.com Clic
k to buy N
OW!PDF-XChange
www.docu-track.com
RecommendationsProtectionViewpoint Barriers Recommendation to policy
makers Comments
DataProtection
Conflict of interest Creation and support of aconsensus process (e.g. BAT)
Need politicalsupport
Meaning of privacy-by-design
Creation of multidisciplinaryworking group Beyond ITS
Focus on PET(Privacy EnhancingTechnology)
Focus on PEARS (PrivacyEnhancing Architectures) Beyond ITS
Practicing PbD
Wealth of measuresIntegration into processTake into account Impact ofecosystemPbD in the curriculum
Beyond ITS
Lack of flexibility ofICT
Research roadmap forflexibility Beyond ITS
11
Click t
o buy NOW!
PDF-XChange
www.docu-track.com Clic
k to buy N
OW!PDF-XChange
www.docu-track.com
[email protected] | www.trialog.com
Click t
o buy NOW!
PDF-XChange
www.docu-track.com Clic
k to buy N
OW!PDF-XChange
www.docu-track.com
