1. Security and dependability in FP6 Andrea SERVIDA Head of Sector European Commission DG Information Society - Unit D/4 Trust and Security andrea.servida@cec.eu.int

2. 2 Changing the paradigm for security

3. 3 Security and dependability in FP6 Security and dependability are key requirements for AmI - they embrace all the attributes and properties of critical systems There is a growing policy interest on security and dependability of information infrastructures and related interdependencies (economic security, protection of assets and IT investments, etc.) The IST Advisory Group has identified dependability as an important topic for AmI - further reinforced after 9/11 Focussing on dependability implies stimulating an holistic reflection on our dependency on technology On-line privacy is a key requirement for mobile Information Society There is a growing policy interest on technical developments on virtual identity, virtual persona, anonymity, etc. with related tensions and open questions in IS the personal sphere of individuals would be more and more a technically open environment (AmI, instant networking, smart dust, etc.) Privacy is a human right that we need to preserve and technology should work to avoid a privacy crisis

4. 4 The need for a more integrated approached in IST The ISTAG report on Trust and security –To promote/support the migration to the AmI Space paradigm through ensuring rapid and effective communication within the Security community of latest understanding of requirements and options. High-level advisory group shaping the relevant programme and its content being an enabler for the development of new markets synergy from communication and cross-fertilisation among researchers ERA dimension + international co-operation dimension

5. 5 Why an integrated approach to security in Information Society ICT and applications are more and more pervasive to Society, leading to new types of and larger scale vulnerabilities Economic and Societal interests go beyond technical security, as they relate to –business opportunities and growth: new business models, virtual enterprising, delocalised workforces, tailored services, digital asset management, economic value of knowledge, etc. –individual: privacy, confidentiality, intimacy, cyber-crime, protection of minors, ethics, etc. –society: new dependencies on volatile technologies, long lasting preservation of knowledge and culture, digital divide, etc. –governments recognition and power: interdependencies, critical infrastructures, national defence, social order, international governance, etc.

6. 6 Why an integrated approach to security in Information Society (2) More and more intelligence and autonomy go in components/systems at lower and lower scale –large scale systems of casually networked and evolving embedded devices, –mobile codes in heterogeneous and mobile environments, –volatility of networks and service infrastructures Security issues in the digital environment are global –geographical and jurisdictional boundaries disappeared –the ultimate basis for trust and the recognition of powers in the digital environments are changing - recognition of states is blurring, new and local trusted third parties emerge, etc. –easy, uncontrolled and unlimited access to potentially harmful technologies. –the scale of potential disruptions is global

7. 7 Example of potential co-ordinated actions in security Privacy Basic technologies e.g. crypto, biometrics,... Dependable infra- structures Securing Content NoEs to generate knowledge and technologies IPs to generate breakthroughs National programmes & industrial investments Specific targeted research projects Securing mobile services Personal trusted devices

8. 8 Building on Call 1 - S.O. 2.3.1.5 89 proposals - 21 IP, 9 NoE, 51 STREP, 8 Other. Provisional results –7 IPs on secure IPv6, secure personal devices, identity management, quantum crypto, biometrics, secure justice and secure travel documents; –2 NoEs on advanced crypto and identity management; –7 STREPs on secure justice, policy-based network protections, digital passport, smart cards, trust relations, biometrics and CIP. Overall budget of ~76M

9. 9 Building on the Roadmap Projects DDSI AMSD : Overall Dependability e-businessembeddedCIPprivacy PAMPAS mobile privacy & security AMSD dependable embedded systems ACIP critical infrastruct. protection RAPID Privacy / Identity Mgmt BVN Biometrics RESET Smart Cards STORK Crypto Dependability policy support Building Constituency Derive Research Roadmaps WG-ALPINE Active Loss Prevention

10. 10 WEB sites IST helpdesk IST helpdesk Fax : +32 2 296 83 88 E-Mail : ist@cec.eu.int www.cordis.lu www.cordis.lu/ist www.cordis.lu/rtd2002 Instruments: http://www.cordis.lu/rtd2002/fp-activities/instruments.htm EoI:http://www.cordis.lu/fp6/eoi-instruments/ IRG Workshopon T&S http://www.cordis.lu/ist/events/workshops.htm ISTAG papers:ftp://ftp.cordis.lu/pub/ist/docs/istag_kk4402464encfull.pdf Roadmap projects: http://www.cordis.lu/ist/ka2/rmapsecurity.html T&S Workshops: http://www.cordis.lu/ist/ka2/rptspolicyconf.htm