Aljosa Pasic Atos Origin Trust Security and Dependability
Aljosa Pasic Atos Origin Trust, Security and Dependability in ICT – FP 7 WISTP workshop
Challenge 1: The Objectives Infrastructures and Engineering 1. 3 ICT in support of the networked enterprise 1. 4 Secure, Dependable and Trusted Infrastructures 1. 5 Networked Media 1. 6 New Paradigms and Experimental Facilities 1. 7 Critical Infrastructure Protection n Joint initiative with the Security-FP 7 Theme WISTP - 1 Call 1 1. 2 Service and Software Architectures, May 8 th 2007 1. 1 The Network of the Future
European Technology Platforms www. nessiinitiative. org www. emobility. eu. org Large Scale EU Partnerships joining the future www. artemis-office. org www. nem-initiative. org www. isiinitiative. eu. org/ § What are ETPs: Industry-led public-private partnerships that bring together industry, academia and public authorities in areas of strategic economic importance for Europe § 5 ETPs related to ICT security, dependability & trust: – NESSI (www. nessi-europe. com) software and trusted services – e. Mobility (www. emobility. eu. org) terrestrial mobile & wireless communications – ARTEMIS (www. artemis-office. org) embedded systems – NEM (www. nem-initiative. org) networked and electronic media – ISI (www. isi-initiative. eu. org) satellite communications WISTP - 2
NESSI & ESFORS European Security Forum for Web Services, ESFORS European Technology Platform: Networked European Software & service Initiative , NESSI SC ESFORS SB NWG TSD WISTP - 3
Motivation § Demand for Secure software is much higher than available security expertise § New complex scenarios introduce security issues not addressed by conventional processes § Security properties difficult to measure and it is also difficult to evaluate their “compositional effects” § Security segmentation and market definitions are blurring WISTP - 4
TSD topics in NESSI WG and SRA 1. Security mechanisms for services 2. Trust and dependability 1. 2. Trust analysis, management and monitoring Dependability assessment and monitoring 3. Security and Dependability engineering 4. Identity considerations 5. Multidisciplinary and integrated approach to TSD 6. Security of the human-computer interface 7. Privacy considerations 8. Dependable Architectures 9. Certification, auditing and assurance 10. Openness as a foundation for systems security WISTP - 5
Topics for the call 2 1. Integration of physical and logical security 2. Real Time Risk Management WISTP - 6
Topics for the call 2 Integration of physical and logical security - Multiple sensors deliver too much info over SOA - Autoconfiguration, clustering, filtering. . . - Complex event processing - Correlation over distributed databases - etc WISTP - 7
Topics for the call 2 Real Time Risk Management - Extraction of context - Predictive security - Trust Inclinations and Behavioral analysis - RA/RM interoperability - Metrics and measurments - etc WISTP - 8
Next steps § Workshop in Maribor (Slovenia), July 10 -11 th § Input for NESSI SRA & ICT workprogramme 2009 -2010 § Involvement of other ETP (NEM, e. Mobility, ISI, Artemis): common and complementary security issues § Closer cooperation with national platforms & ENISA WISTP - 9
Contact Aljosa Pasic aljosa. pasic@atosorigin. com Trust, Dependability and Security cannot be “bolted on”, it should be “woven in”. WISTP - 10
- Slides: 11