Presentation on theme: "SMAU - Convegno “ICT Security: panorama internazionale” Milano, 28 Ottobre 2002 Costruire una Società della Informazione sicura: la prospettiva Europea."— Presentation transcript:
SMAU - Convegno “ICT Security: panorama internazionale” Milano, 28 Ottobre 2002 Costruire una Società della Informazione sicura: la prospettiva Europea Andrea Servida, Head of Sector DG Information Society - C4 European Commission, Brussels
Lisbon Strategy “EU: Largest knowledge-based economy by 2010” The policy context Enlargement The then candidate countries are full partners in FP5. ERA: European Research Area FP6, Eureka, COST, National RTD Programmes … towards a Single Market for Research Broadband access, e-business, e-government, security, skills, e-health,... Other policies Single Market, Single Currency, Security of Europeans, Sustainable Development,...
Overview of EU Activities in Information Security Regulatory Framework Regulatory Framework Policy eEurope 2005 Cybersecurity Task Force ‘Culture of security’ JAI initiative on secure VISA use of biometrics smart travel documents International Fora OECD GBDe, CoE, G8... R&D Activities Trust & Security: 75 R&D projects (~80 M€) Dependability: 16 R&D projects (~28 M€) Joint EU-US task force on R&D for CIP R&D in information security key in FP6 Electronic Signature Directive Data protection in electronic communications Council Resolution on Information & network security coordination CERTs CSTF Int. Co-operation on dependency on electronic networks Framework Decision on attacks against information systems Framework Decision on combating terrorism
NETWORK & INFO SECURITY CYBERCRIME & TERRORISM PRIVACY AND DATA PROTECTION Intrusion Data retention Hacking ID theft Three angles for actions on security Policy NETWORK & INFO SECURITY PREVENT PROSECUTE PROTECT
eEurope 2005 Policy initiative for Information Society for All Builds on the progress made in eEurope 2002 Internet penetration in houses doubled; legal framework for eCommerce; Telecom framework in place; fastest research backbone network; etc. Sets ambitious targets modern online public services (eGovernment, eHealth, eLearning a dynamic business environment enabled by widespread availability of broadband at competitive prices a secure information infrastructure
eEurope 2005: Secure Information Infrastructure Proposed Actions Establish a Cyber Security Task Force (CSTF) - by mid 2003 supported by Member States and Industry centre of competence on security issues Develop a ‘culture of security’ - end of 2005 develop best practice and standards report on progress issued end 2003 Secure communication between public servers
the “INDIVIDUAL” the “Communities” (B2E, B2B, B2C) but also agents, devices, etc. the “Critical Infrastructures ” privacy Identity mangt Confidentiality IPR Dependability interdependencies IST Research on Trust & Security
The European Commission’s R&D Programme IST 75 projects on Information Security (funding: ~80 M€) biometrics, advanced cryptographic primitives, protocols, privacy enhancing technologies, tamper proof devices, authentication technologies, access control, smart cards, etc. 16 projects on Dependability (funding: 28.4 M€) attack tolerance for largely distributed systems interdependencies between electric and telecom grids stability of cellular networks intelligent agents to enhance survivability of large critical infrastructures EU-USA Joint Task Force on R&D for CIP (since 1998) a number of workshops involving OSTP, DARPA, NSF, DoE, DoC etc.
Transport Industry Telecommunications Military C4I Power grid Civil Defense Finance Information Infrastructures Vital human services Hackers Cyber terrorists Foreign IW agents Mass Media Water pumps & sewage This is a global economic and societal challenge Critical infrastructure dependability - What’s at stake
The way forward: moving towards FP6 Security policy interests should not put at risk personal and social rights to privacy, intimacy and confidentiality In absence of geographic and jurisdictional boundaries over the network, securing ourselves would mean securing our Economy and Society In a global and seamless world, a balanced regulatory approach should be developed leveraging co-operation and social and economic responsibility More knowledge and technical capability should be gained on systemic issues pertaining dependability of critical infrastructures … more research is needed ---> FP6
Road mapping on security and dependability DDSI AMSD : Overall Dependability e-businessembeddedCIPprivacy PAMPAS mobile privacy & security AMSD dependable embedded systems ACIP critical infrastruct. protection RAPID Privacy / Identity Mgmt BVN Biometrics RESET Smart Cards STORK Crypto Dependability policy support Building Constituency Derive Research Roadmaps 1 Jan Identify stakeholders & derive Research Roadmap OPEN discussion 1 June 2002 Dissemination April 2002 Closure Call 1-FP6 WG-ALPINE Active Loss Prevention
IST PROGRAMME DEPPY Forum EWIS Forum eEUROPE e/news/index_en.htm IST PROGRAMME DEPPY Forum EWIS Forum eEUROPE e/news/index_en.htm For More Information