Jacques Bus F I I R L Presentation J B

Future Internet ForumFuture Internet Forum3 Dec 2009, Dublin, IRL

Jacques Bus, Head of Unit Trust and SecurityDG Information Society and Media

European Commission

Content

� Ongoing research� Drivers for future research� Recommentation RISEPTIS

� International cooperation

� Security in Network Infrastructures– Resilience of and across heterogeneous networks – Data gathering & analysis for preventing cyber thre ats

� Security in service architectures– Assuring security level and regulatory compliance– Specification and validation of trust and security of SOAs

� User-centric identity and privacy management– In Future Networks and Services (Future Internet)– Trusted SOA enabling user-centric data management p olicies– Privacy-preserving network monitoring

� Critical Infrastructure protection– Interactions and complexity in ICT with other infra structures– Secure and resilient information and process contro l systems

� Enabling technologies– Crypto; Trusted Computing; Biometrics– Secure software and software assurance

Examples of FP7 Project Research

Priority areas for Trustworthy ICT in WP09-10 (Call closed Oct 09)

Trustworthy NetworkInfrastructures

Trustworthy ServiceInfrastructures

Networking, Coordination and Support

Technology and Tools for Trustworthy ICT

•Securing the FI•Monitoring and managing threats•Trustworthy infrastructures & virtual

entities•Experimentation – Socio-economics

• In the network (control, things, malware)• For services (ID and privacy mgt tools, risk mgt) • For data management (integrity, availability, long term storage,…)• Software assurance, secure software engineering• Enabling technologies (biometrics, crypto, …)

STREPs, min 24m€

•Privacy protecting interoperable services on the FI

•Interoperable frameworks for identity management for persons and objects (user-centricity, privacy).•Managing trustworthiness throughout

life-cycle of service infrastructures•Experimentation – Privacy, user-

centricity and socio-economics

IP, min 40m€

90 M€Call 5

CAs, NoEsmax 10m€

Threats and vulnerabilities, Security and resilience in software and services, Economics of security, Interoperable standards, certification, Legal and societal aspects of technology, International cooperation

Content

� Ongoing research

� Drivers for future research� Recommentation RISEPTIS


Digital Data ExplosionDigital Data Explosion

governments to service citizensand business (e-ID, e-government, e-education or e-health)

business, personalized applications and services. In clouds for SAAS, …

citizens, to communicate and interact, improve the quality of their life (Web 2.0)

Governments: provide public security(against crime or terrorism)

The Long Tail

Digital ShadowLinked Data

Trusted & Smart “everything”

EnergyNetworks

Game Machine

Telephone

PC

DVD

Audio

TVSTBDVC

DigitalLiving

Sm

art

Sp

ace

Future InternetFuture Internet

TransportNetworks

eHealth & Health

networks

The Future Internet: an opportunity for Europe

� Cooperate to exploit European strength (telecom, research, societal freedom, stability, multi-culturalism)

� Competitiveness for small business, through standard platforms

� Social acceptance and trustworthiness

But it requires:

� “Complexity management” and open innovation� Ecosystem of consumers and suppliers (up- and down-stream)

and technologists and law makers

� Reducing fragmentation of efforts;

� Bridging the gap between technology and applications

“Future Internet Assembly”A call for EU action

1. Greater coordination of on-going EU R&Dactivities� Look for higher impact and take-up of results

� Articulate cross-cutting activities with policy requirements

2. PPP complementing the FP7-ICT WPactivities� Bridge the gap between the technologies and key application sectors (energy, health, transport, etc)

� Address large scale demonstration settings

� Involve new actors and innovation opportunities

3. A Forum of Member States� Further develop a Europe wide strategy on Future Internet

� Share best practices and reduce fragmentation

Three strategy lines

Security, Privacy, Trust Security, Privacy, Trust

Interplay in the Information SocietyInterplay in the Information Society

Trustworthy Information

Society?

End-Users & the Society

Policy & Regulation

Technology & Innovation

• Global ICT Global ICT -- national national ““ frontiersfrontiers ””•• ““ Economics of securityEconomics of security ””•• Policies for privacyPolicies for privacy --respecting respecting Trust and Identity?Trust and Identity?

• Complexity, ease of use• Role of end-users• Society-protecting business models

•• Security, privacy, identitySecurity, privacy, identity•• Protection of human values Protection of human values •• Transparency, accountabilityTransparency, accountability•• Auditing and Law enforcementAuditing and Law enforcement

Content


� Drivers for future research� Recommentation RISEPTIS� International cooperation

RISEPTIS Advisory BoardRISEPTIS Advisory Board

Research and Innovation in SEcurity, Privacy and Trustworthiness in the Information Society

Objective: provide visionary guidance on policy and research challenges in the field of security and trust in the InformationSociety.

Chair : George Metakides (U Patras, CTI) Members : Dario Avallone(Engineering), Giovanni Barontini (F inmeccanica), Kim Cameron (Microsoft), William Dutton (Oxford Interne t Institute), Anja Feldmann(Deutsche Telekom), Laila Gide (Thales), Carlos Jime nez (Secuware), Willem Jonker(Philips), Mika Lauhde (Nokia), Sachar Paulus (U. Bran denburg, ISSECO), ReinhardPosch (CIO GOV. Austria, TU Graz, A-SIT), Bart Prene el (KU Leuven), Kai Rannenberg (U. Frankfurt, CEPIS), Jacques Seneca (Ge malto); Observer : Peter Hustinx (Observer)Support : Willie Donnelly (WIT), Keith Howker (WIT), Sathya R ao (Telscom), Michel Riguidel (ENST), Neeraj Suri (U. Darmstadt)Jacques Bus, Thomas Skordas, Dirk van Rooy (EC)

Priority Fields:

� Trustworthy network, service and computing environments (incl. FI)

� Trust, privacy and identity management frameworks

� Engineering principles and architectures for trustworthiness (metrics, crypto, secure SW, …)

� Data and policy governance, socio-economic aspects, liability, management

Stimulating Research and Technology DevelopmentStimulating Research and Technology Development

In view of economic, societal and legal viabilityIn view of economic, societal and legal viability

� Common EU framework foridentity and authenticationmanagement as an essentialbuilding block

� Other possibilities could be:– Next generation social networks

(privacy, interoperability)

– EU-wide legally accepted electronic documents on various media

– European trustworthy Cloud infrastructure

PublicPublic--Private large scale projects advancing a Private large scale projects advancing a

Trustworthy Information SocietyTrustworthy Information Society

� An ecosystem of technology and lawfor data protection, privacy, consumer protection and related policy and regulation, ensuring a smooth transposition of European values into digital life

� International cooperation to promote the development of standards, interoperability frameworks and procedures to control cyber crime and promote trust in the Information Society

Technology, Law and JurisdictionTechnology, Law and Jurisdiction

Content


� Drivers for future research� Recommentation RISEPTIS


EU - International Cooperation Actions

� International Cooperation in ICT Security & Trust(USA (NSF, DHS), Japan, Australia, Canada, S. Korea)

� Security, Privacy and Trust in Large-scale global Netwo rksWorkshop Madrid, 31/4-1/5 2009

� Next workshop: US April 2010

INCO-TRUST �� 30 months, 830 K€ EC funding

EU-US Seminars on Dependability and Security � 15-16 Nov 2006, Dublin, IRL � 26-27 April, Urbana, Champaign, Illinois, US

Ongoing seminars in broader context: � EU-Japan, 2008, 2009 � EU-South Korea, Brussels Nov 2008

Further extension being worked on:� Brazil – joint Call in 2010� South Africa – still to be discussed

International CooperationInstruments

� Joint Seminars, discussing priorities and joint research agenda

� Cooperation between ongoing FP7 ICT projects and 'partner-projects' funded in other industrialised countries

� Joint or coordinated calls