smau - convegno “ict security: panorama internazionale” milano, 28 ottobre 2002 costruire una...
Post on 02-Apr-2015
214 Views
Preview:
TRANSCRIPT
SMAU - Convegno “ICT Security: panorama internazionale”
Milano, 28 Ottobre 2002
Costruire una Società della Informazione sicura: la prospettiva
Europea
Andrea Servida, Head of SectorDG Information Society - C4
European Commission, Brussels
Lisbon Strategy
“EU: Largestknowledge-basedeconomy by 2010”
The policy context
EnlargementEnlargement
The then candidate
countries are full partners in FP5.
ERA: EuropeanResearch Area
ERA: EuropeanResearch Area
FP6, Eureka, COST, National RTD Programmes… towards a
Single Market for Research
Broadband access, e-business, e-government,
security, skills, e-health, ...
Other policiesOther policies
Single Market, Single Currency, Security of
Europeans, Sustainable Development, ...
Overview of EU Activitiesin Information Security
Regulatory Framework
Regulatory Framework
PolicyPolicy
• eEurope 2005•Cybersecurity Task Force•‘Culture of security’
• JAI initiative on secure VISA•use of biometrics•smart travel documents
• International Fora•OECD•GBDe,•CoE, •G8•...
R&DActivities
R&DActivities
• Trust & Security:75 R&D projects(~80 M€)
• Dependability:•16 R&D projects(~28 M€)•Joint EU-US task force onR&D for CIP
• R&D in information security key in FP6
• Electronic Signature Directive
• Data protection in electronic communications
• Council Resolution on Information & network security
• coordination CERTs• CSTF• Int. Co-operation on
dependency on electronic networks
• Framework Decision on attacks against information systems
• Framework Decision on combating terrorism
NETWORK &INFO SECURITY
CYBERCRIME &TERRORISM
PRIVACY ANDDATA PROTECTION
Intrusion Data retention
Hacking
ID theft
Three angles for actions on security Policy
NETWORK &INFO SECURITY
PREVENT PROSECUTE
PROTECT
eEurope 2005
• Policy initiative for Information Society for All
• Builds on the progress made in eEurope 2002• Internet penetration in houses doubled; legal framework for
eCommerce; Telecom framework in place; fastest research backbone network; etc.
• Sets ambitious targets• modern online public services (eGovernment, eHealth, eLearning
• a dynamic business environment
enabled by
• widespread availability of broadband at competitive prices
• a secure information infrastructure
eEurope 2005: Secure Information Infrastructure
Proposed Actions
• Establish a Cyber Security Task Force (CSTF) - by mid 2003 • supported by Member States and Industry
• centre of competence on security issues
• Develop a ‘culture of security’ - end of 2005• develop best practice and standards
• report on progress issued end 2003
• Secure communication between public servers
the “INDIVIDUAL”
the “Communities” (B2E, B2B, B2C) but also agents, devices, etc.
the “Critical
Infrastructures”
privacy
Identity mangtConfidentialityIPR
Dependabilityinterdependencies
IST Research on Trust & Security
The European Commission’s R&D Programme IST
• 75 projects on Information Security (funding: ~80 M€)
• biometrics, advanced cryptographic primitives, protocols, privacy enhancing technologies, tamper proof devices, authentication technologies, access control, smart cards, etc.
• 16 projects on Dependability (funding: 28.4 M€)• attack tolerance for largely distributed systems• interdependencies between electric and telecom grids• stability of cellular networks• intelligent agents to enhance survivability of large critical
infrastructures
• EU-USA Joint Task Force on R&D for CIP (since 1998)
• a number of workshops involving OSTP, DARPA, NSF, DoE, DoC etc.
Transport
Industry
TelecommunicationsMilitary
C4IPower grid
Civil Defense
FinanceInformation
Infrastructures
Vital humanservices
HackersCyber terrorists Foreign IW agents
Mass Media
Water pumps& sewage
This is a global economic and societal challenge
Critical infrastructure dependability -What’s at stake
The way forward: moving towards FP6
• Security policy interests should not put at risk personal and social rights to privacy, intimacy and confidentiality
• In absence of geographic and jurisdictional boundaries over the network, securing ourselves would mean securing our Economy and Society
• In a global and seamless world, a balanced regulatory approach should be developed leveraging co-operation and social and economic responsibility
• More knowledge and technical capability should be gained on systemic issues pertaining dependability of critical infrastructures …
more research is needed ---> FP6
Road mapping on security and dependability
DDSI
AMSD : Overall Dependabilitye-business
embedded
CIP privacy
PAMPAS
mobile privacy & security
AMSDdependa
ble embedd
ed systems
ACIPcritical
infrastruct.
protection
RAPID
Privacy /
Identity
Mgmt
BVNBiometr
ics
RESET
Smart Cards
STORKCrypto
Dependability policy support
Building
Constituency
Derive
Research
Roadmaps
1 Jan. 2003
Identify stakeholders & derive Research Roadmap
OPEN discussion
1 June 2002
Dissemination
April 2002Closure
Call 1-FP6
WG-ALPINEActive LossPrevention
• IST PROGRAMME• http://www.cordis.lu/ist/
• DEPPY Forum• http://deppy.jrc.it
• EWIS Forum• http://ewis.jrc.it
• eEUROPE• http://europa.eu.int/comm/information_society/
eeurope/news/index_en.htm
• IST PROGRAMME• http://www.cordis.lu/ist/
• DEPPY Forum• http://deppy.jrc.it
• EWIS Forum• http://ewis.jrc.it
• eEUROPE• http://europa.eu.int/comm/information_society/
eeurope/news/index_en.htm
For More Information
andrea.servida@cec.eu.int
top related