Find the most recent information on EU Funding activities in the field of Information and Communication Technologies (ICT) by visiting our ICT in FP7 website, which covers ICT in the 7th Framework Programme (FP7) 2007 - 2013.
IST Activities on Security and Dependability
Excerpt from the IST Specific Programme
Trust & Confidence are described in the draft Specific Programme as follows:
The objective is to develop technologies for key security challenges posed by the "all-digital" world and by the need to secure the rights of individuals and communities.
Research will focus on basic security mechanisms and their interoperability, dynamic security processes, advanced cryptography, privacy enhancing technologies, technologies to handle digital assets and technologies for dependability to support business and organisational functions in dynamic and mobile systems.
Objectives
- The personal environment, as security concepts are becoming one of the first considerations in any new system design, rather than something to be added at a late stage in the design. Trust and confidence requires new secured applications, services, networks and devices (so that people trust the applications, services and underlying networks) and new policies for privacy (so that the data collected from sensors on the body and in the personal environment is not misused and trust in the system lost).
- The 'community' environment (B2E, B2B, B2C): technical network security is a must (including firewalls, access control, etc.) and developments are needed to make it as invisible as possible; collaborative forms to support personal and organisational trust need to be studied (team formation, methods for qualification and selection of partners, software and team-ware support for collaboration); systems for support of legal and business collaboration (identity management, confidentiality, IPR).
- The critical infrastructures, with main interests in holistic view of dependability in society, security of communications for critical infrastructure emergency, dependability technologies and products for CIP, information dependability, highly dependable embedded devices, micro and nanotechnologies for homeland security, interdependencies of control systems and energy grid.
Dynamics and challenges for FP6
Building and providing trust and confidence in Ambient Intelligence scenarios would imply addressing and meeting specific needs and requirements at all levels - content, network and device. This would mean to consistently express specific security policies (which describe the organisational and technical processes and mechanisms to manage security) at every level as well as to coherently enforce those policies which would normally appear to be distinguished and independent. Enforcing the different security policies would, therefore, need technical capability to (automatically) understand the global security context and to efficiently mediate between the various policies.
A given security policy can be implemented using various means, depending on the level and nature of trust and security it needs for its user communities. Those means need to offer a global service although built on a potentially broad and heterogeneous set of elements. This view is sketched in the figure below.
A different perspective from the system architectural one above is provided by taking the user community angle that would privilege the view of the value chain and all stakeholders involved. From a vertically integrated client server model we move towards a horizontal model where producer and consumer of content dialogue via connectivity services and intermediaries as indicated in the figure below. The main challenge is to build dynamically the chain of trust between all stakeholders involved at a certain point in time in the service composition in order to deliver and support multiparty end to end security. This may entail mediation between different security policies when crossing the various intermediary domains. This perspective would become of greater importance as the interest in new architectures (i.e. GRID, P2P etc.) and web service composition grows.
Delivering security solutions that are technically and economically feasible and that ensure a proper balance between civil liberties and law enforcement is the challenge of this area.
