Presentation is loading. Please wait.

Presentation is loading. Please wait.

Future ICT Landscapes – Security and Privacy Challenges & Requirements Simone Fischer-Hübner IVA Workshop, Stockholm 24th May 2012.

Published byDebra Franklin Modified over 8 years ago

Similar presentations

Presentation on theme: "Future ICT Landscapes – Security and Privacy Challenges & Requirements Simone Fischer-Hübner IVA Workshop, Stockholm 24th May 2012."— Presentation transcript:

1 Future ICT Landscapes – Security and Privacy Challenges & Requirements Simone Fischer-Hübner IVA Workshop, Stockholm 24th May 2012

2 Part I: Security & Privacy Challenges Part II: Requirements for Protecting Identity, Privacy & Security

3 ICT Trends & Challenges Open Communication Infrastructures (e.g., VoIP) Outsourcing, Cloud Computing Web 2.0, ”free” services Smart Devices Ambient Intelligence …

4 Open Communication Infrastructure Threats: Example: PSTN vs. VoIP PSTN: Public switched telephone network Circuit switching: Bandwidth reserved Fixed route VoIP: Voice over IP Packet Switching: Dynamic bandwidth Unfixed route

5 Pros and Cons of VoIP + Low cost Software based equipment Reused infrastructure Services integration More features: video, data, presence, game… - Quality Latency Dynamic bandwidth Packets order Security Open environment Shared infrastructures Emergence calls Not bound with physical location, no guarantee

6 VoIP: Security Vulnerabilities and Threats Availability threats: Denial of Service Confidentiality threats: Eavesdropping Timing attacks Integrity threats: Signaling messages modification Media injection Replay attacks Privacy threats: Call Spam (SPITs) Traffic Analysis

7 Cloud Computing – Security Challenges Security risks: Malicious insiders, data loss / leackages, shared technology vulnerabilities, downtime,… Cloud service users lack Understanding of risks Control over what happens with data Means for redress

8 Web 2.0 http://www.ethannonsequitur.com/ User Profiling ”Face rape” Lifelong privacy issues ….

9 Part I: Security & Privacy Challenges Part II: Requirements for Protecting Identity, Privacy & Security

10 Newly proposed EU Data Protection Rules (Data Protection Regulation proposed 25 January 2012) ”Right to be forgotten” Explicitly given consent, more transparency of data handling, easy-to- understand policies Easier exercising of data subject rights (electronically, in relation to all recipients) Increased accountability, privacy breach notification, higher penalites Privacy by Design (PbD), Privacy by Default

11 Privacy-enhancing Identity Management User control - Audience segegration Data minimisation Pseudonymity, Unlinkability ID theft protection, reliability Clauss/Köhntopp 2001

12 Enabler PETs: Anonymous Credentials (PrimeLife, ABC4Trust) www.abc4trust.eu

13 Transparency & Accountability Tools: Regulators, auditors, business governance service Cloud service supply chain/network Trusted services supporting accountability Chain of Accountability Cloud service users Cloud service Corrective Detective Preventiv e Cloud service users: control and transparency over how their data is used, and support in obtaining redress Service providers: techniques to make services more trustworthy, satisfy business policies and allow differentiation Regulators/auditors: assurance about compliance with policies and regulations

14 Questions ? http://www.cs.kau.se/~simone/

Download ppt "Future ICT Landscapes – Security and Privacy Challenges & Requirements Simone Fischer-Hübner IVA Workshop, Stockholm 24th May 2012."

Similar presentations

Potential Smart Grid standardisation work in ETSI Security and privacy aspects Carmine Rizzo on behalf of Scott CADZOW, C3L © ETSI 2010. All rights reserved.

Potential Smart Grid standardisation work in ETSI Security and privacy aspects Carmine Rizzo on behalf of Scott CADZOW, C3L © ETSI All rights reserved.
Jacques Bus, Head of Unit DG Information Society and Media EU-US Cooperation in Network and Information Security 17 Mar, 2008 – Yale, US.

Jacques Bus, Head of Unit DG Information Society and Media EU-US Cooperation in Network and Information Security 17 Mar, 2008 – Yale, US.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
1 Programa de Engenharia Elétrica - PEE/COPPE/UFRJ Universidade Federal do Rio de Janeiro A Review of Anomalies Detection Schemes for Smart Grids Andrés.

1 Programa de Engenharia Elétrica - PEE/COPPE/UFRJ Universidade Federal do Rio de Janeiro A Review of Anomalies Detection Schemes for Smart Grids Andrés.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
1 Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture Conference ICS – Wireless Group Meeting Tempe, Arizona.

1 Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture Conference ICS – Wireless Group Meeting Tempe, Arizona.
Security WG Areas of Interest FYI - Strawman Vancouver June 2001 Sprint PCS ®

Security WG Areas of Interest FYI - Strawman Vancouver June 2001 Sprint PCS ®
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
September 19, 2006speermint interim1 VoIP Threats and Attacks Alan Johnston.

September 19, 2006speermint interim1 VoIP Threats and Attacks Alan Johnston.
A Layered Approach to Support Extranet Security Ralph Santitoro Director of Security Solutions - Nortel SUPERCOMM 2005 Panel 2 Session - June.

A Layered Approach to Support Extranet Security Ralph Santitoro Director of Security Solutions - Nortel SUPERCOMM 2005 Panel 2 Session - June.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
1 VOIP Network Threats Let the subscribers beware Gerard Wilkes October 24, 2006.

1 VOIP Network Threats Let the subscribers beware Gerard Wilkes October 24, 2006.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
A Study on Quality of Service Issues in Internet Telephony  IP Telephony – Applications and Services  Advantages and benefits of Voice over IP  Technical.

A Study on Quality of Service Issues in Internet Telephony  IP Telephony – Applications and Services  Advantages and benefits of Voice over IP  Technical.
Rajeev Bevara CS-555 Security Threats in VoIP. What is VoIP ? ➔ VOIP - Voice Over Internet Protocol. ➔ Delivery of voice communications and multimedia.

Rajeev Bevara CS-555 Security Threats in VoIP. What is VoIP ? ➔ VOIP - Voice Over Internet Protocol. ➔ Delivery of voice communications and multimedia.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

Similar presentations

Ads by Google