Transcript Security, Privacy, Dependability and Trust in the Future

Security, Dependability and Trust
in the Future Internet
[email protected]
[email protected]
Jeju, South Korea, August 27, 2008
Think-Trust (FP7-216890) is a Coordination Action funded by the European Commission’s 7 th Framework Information Society Technologies (IST) Programme,
within the Unit D4 ICT for Trust and Security.
Digital world roadmap:
at a crossroads of intangible & invisible entities
Further
Expansive Attitude
Science convergence
Nano-Bio-Info-Cogno-Socio-Quantum
2020-2025
Effervescence, chaotic
period
Future Internet
and Future Web
Polymorphic, pervasive
I
Reclusive
Attitude
2015-2020
Digital Convergence
Architectures, protocols, formats
2008-2010
intangible
Cyber-systems
August 28, 2008
traceable
Physical & Digital
reconciliation
AsiaFI meeting, Jeju, South Korea
Invisible
Ecosystems
2
Digital hybrid urbanization :
holistic future Internet
No more monochromic, mono-technology security
Current Internet
WDM-IPv4-IPv6-MPLS
Post-Beyond 3-4G
Services
Hooked to several
infrastructures
Internet of Things
Galileo-GPS-…
Clock and Position
Quantum
Infrastructures
Distribution of secrets
August 28, 2008
AsiaFI meeting, Jeju, South Korea
3
“Future Internet” :
Polymorphic & Poly-Infrastructures
• Security of the digital convergence
– Digital governance : PC, TV, Phone, location infrastructures
– Instilling trust : Quantum Secret Keys distribution through Quantum
Infrastructures
• Pollination of services : threats & opportunities for security
– Composition of services
• Federation and orchestration of security functions
• Cross fertilization of secure services through several infrastructures
– With the new Future Internet , we can reinvest the real world
• Trusted clock and trusted location : Trusted infrastructures (Galileo, GPS2,
Russia, China)
– To avoid replay attacks
– To improve comfortable authentication (with time and location)
– To route data
August 28, 2008
AsiaFI meeting, Jeju, South Korea
4
(*) David D. Clark, “The Internet is broken,” Technology Review,
December 2005/January 2006, MIT Press.
Internet is broken : (*)
how to heal the future fragile communications ?
Privacy
Security
Mobility
Trust
Efficiency
IDS
Honey-pots
PKI
SSL
Firewall
IPv4
Digital signature
IPv6
TCP
IETF
3GPP
virus
IPSec
spam
Packet
Web
August 28, 2008
DNS
Anti-virus
Patches
XML
AsiaFI meeting, Jeju, South Korea
MPLS
URL
Router
5
The changing landscape in security
New standard bodies
Trans-continent
Domino effects
Quantum Crypto for
Virtual Organizations
distribution of secrets
Illicit computations
Spontaneous
massive attacks
Zetta bytes of data
identification
Physical attacks
IP addresses
on individuals
ONS
Overlay, P2P, Grids
Multimedia
content, XML,
Message,
document
DDoS
Intrusion, Malware
Asymmetric cryptography
Illicit content
Computer virus
August 28, 2008
AsiaFI meeting, Jeju, South Korea
6
New Threats
• New Usages => New threats
– New landscape
• Massive multi-parties applications programs (Alice & Bob relationship is over …)
• 500 Mega-machines, 3 Giga-people, 1 tera-objects (Security is not scalable …)
• Huge flows of multimedia content and virtual distributed services (traceability will be difficult,
indeed impossible)
• Interconnection with the physical world : sensors and actuators (end of an intangible world)
– Digital world : a vast ecosystem of critical infrastructures (how to control and master ?)
• Mobility of devices, persons, groups, swarms of things
• Privacy issues : European Identity cards, Anonymization, fragmented identity
• Addiction of users, Inescapable Infrastructures (individual, enterprise, society)
• Major threats => illicit computer programs
– Emergence of combined opportunities for attackers : coïncidence of
• Massive Power for everyone : an end-user will have at his disposal Billions of Mips over the
networks (new equilibrium of computing power)
• Pervasive connections to physical reality : possibility to join and disturb the distributed
physical world (physical presence will be too dangerous for terrorists, because of CCTV
networks of surveillance)
– New generation of attackers, failures
• Organized cybercrime: criminal organization, but also untrusted service operators (telecom,
network service, security brokers…)
August 28, 2008
AsiaFI meeting, Jeju, South Korea
7
New vulnerabilities
• New Architectures => new vulnerabilities
– 3 global virtual ubiquities : communication, computation, storage
• identity of persons and objects becomes a major issue
– Externalization of resources
• Mobility and disappearance of intangible entities: difficult to trace
• More complexity, more abstractions => more fragile
– Mobile and dynamic computing resources : flexible services & plastic
architectures
• Core network: high data rate cryptography
– How to encrypt at 100Gbits/s data rate
• Access network: illicit & malicious programs
• Wireless multi-technologies, multi-policies
• Peripheral networks : identity thefts
August 28, 2008
AsiaFI meeting, Jeju, South Korea
8
Future Internet Attacks
•
Attacks through user cooperation
–
–
•
Attacks through travels from Virtual to Real, back and forth
–
•
Remark: already implicitly possible today through connected object tracking
In future through direct object control and disruptive actions on objects resulting in “incidents”
Cyberterrorism
–
•
Secret and special services disrupting the IT infrastructures of enemy states
State sovereignty: massive disinformation and opinion manipulation, influence on elections in third states
Internet assassinations
–
–
•
Today mostly copyrighted material
Tomorrow: massive distribution of classified and illegal material through steganography and P2P networks
Cyberwars
–
–
•
Focus botnet power on targets, today mostly click fraud and DDoS
In future massive computations & data mining: inference, predictions
Illicit content distribution attacks
–
–
•
Attacks through dependencies: attack infrastructure A to provoke failures in infrastructure B
Botnet attacks
–
–
•
Users are increasingly lost in the dynamic, recursively overlaid structures and distributed applications
Attract, threaten, fool users to cooperation
disrupt services, provoke accidents in certain regions, kill certain citizens, disinformation, propaganda
Personal attacks leading to virtual solitude and depression
–
–
Identity theft, identity usurpation, targeted ads, illicit banking operations
Killing digital reputation, provoking digital isolation
August 28, 2008
AsiaFI meeting, Jeju, South Korea
9
Incremental or Disruptive Approach ?
Upgrade Internet++, B3G++
=> Patch & Go
Clean slate
=> rethink & radically design
Hostile context
RFC 934 576.2b
SSL++
Tranquil context
IPSecV9
Next Generation IDS
Antivirus-spam
& botnet
August 28, 2008
proprietary
PKI
For security : radical redesign
Authentication with trusted clocks and position
Distribution of secrets using Quantum Crypto
AsiaFI meeting, Jeju, South Korea
10
Trust instrumentation (at the design level)
Systems : S original & S operational
Ambient System S
Human values
Digital
System S
technology
We must secure the whole relationship
August 28, 2008
AsiaFI meeting, Jeju, South Korea
11
Research at the international level
• Research, based on progress & human
values
– Awareness of
• what is achievable (technical)
• what is acceptable (civilized ethics,
democratic values)
– Countries: bearers of a variously facetted
humanism
Technology
• to be instantiated in the communications or
protection tools
Usage
• Knowledge, partitioned for choice
Societal
factors
– Users’ awareness to grasp the security &
intimacy stakes
• The choices: multiple, ephemeral &
adaptable
• Defining the demarcation line: movable
Economy
Legislation
– Users’ behavior to be taken into account
• imagining and anticipating the effects on the
behavior of both individuals and groups
August 28, 2008
AsiaFI meeting, Jeju, South Korea
12
Intercontinental Thought : new models
beyond an idyllic, pre-scripted vision of future networks
• Neither unique nor providential solution
– Model, counter-model, alter-model
– Arrival of China and India on the IT scene
• change in concerns (demographic, development)
• change in power
– Alter-models
• the pseudo-libertarians (“Naives of the Internet”)
• Repression-pure players (some governments).
• Cyberspace & Cyber-governance (Kuber : rudder)
– Technology-free reign?
• descriptive of order
• no control and regulation: becomes self-reflexive
• normative of order
• governing is defining order
– In technologies, we talk about
• often: what is
• not often: what ought to be or what could be
August 28, 2008
AsiaFI meeting, Jeju, South Korea
13
3 Ubiquities : Storage - Communication - Computation
security at simple
for small, indeed invisible
Components
complex security at large
for networks and systems
Intelligence & Cognition
security at giant,
indeed inextricable
Meta-Systems
Availability
Accountability
Identity
Traceability
Integrity
Authentication
Access Control
August 28, 2008
AsiaFI meeting, Jeju, South Korea
14
Expand the field of security & Push back the Frontiers
Within space
→ ubiquity and mobility of computation, communication & storage
–
–
–
Securing Communication & Information Infrastructures & MetaSystems
• global ubiquitous computing, ambient intelligence, digital Living, digital urbanization
• globalization of services, Skype-, Google-like innovative services
Protecting huge amount of artifacts (hardware, software, data) for citizens, organizations,
governments
• waste, archive, backup, permanent, persistent, volatile, just-in-time dematerialized information
• noise, fungible, public, proprietary (IPR, DRM), critical, sensitive, classified
Treating scarce resources & information in all respects
• Infrastructures of Rfids, nanoHardware, tiny OSs, fleets of “smart dust”, massive short
messages
Within time (> 20 years)
→ transcend “ephemeral” & incremental technologies
–
–
Protection duration of digital data > Life duration of Security technologies (hash or encryption
algorithms)
Secure archives & signatures must be foolproof
In a complexity
→ from the simple, via the complex, to the inextricable
• a Divergence & richness of services, usages
• Spontaneous virtual mobile architectures
• Virtual Hybrid Ontologies
– the physical/logical features + brand image, identity, ownership…
• Massive Hardware, Software, Data
• Dynamic Virtual Entities, fleets of structures, dynamic services
• Adaptive security policies
August 28, 2008
AsiaFI meeting, Jeju, South Korea
15
Regular: artifacts for individuals & enterprises
Traditional security to be improved and
revisited (architecture & protocols):
Classical Cryptography
August 28, 2008 Security
AsiaFI meeting, Jeju, South Korea
Engineering
16
Dwarf : tiny program, simple artifact, scarce resource
The digital world is
neither fractal
nor scalable …
For tiny objects,
Emergence of
self-* models
at the collection level
Stochastic Security
Strong security at the collection level (architecture)
Cheap weak security at the individual level
August 28,
(massive
& 2008
simple algorithms) AsiaFI meeting, Jeju, South Korea
17
Huge, Giant : Complex systems, inextricable problems
Semantic security for
Complexity & human values
August 28, 2008
AsiaFI meeting, Jeju, South Korea
Trust
18
Virtualization – Incarnation dialectic
• Virtualization of properties
– Heterogeneous
infrastructures
– Mobility, security …
• Network concepts
incarnation
– Situated services, context
– Neighbors, Topology
Resilience of the Ambient Intelligence : ecology of virtual
ontologies (V2V)
Management of global security, Transparency
A virtual community
Resilience of non functional properties : architecture, mobility, configurability, QoS, …
Logical entities
Resilience of functional objects : centralized trusted infrastructures (PKI, DNS, …)
Responsibility, Accountability
Physical entities
August 28, 2008
AsiaFI meeting, Jeju, South Korea
19
2 orthogonal dashes in the paradigms evolution
• the virtualization paradigm
– to juggle with entities of a
different nature to mask
exotic forms and reduce
complexity
•
•
•
•
•
• the incarnation / embodiment
paradigm
memory, storage
hw (virtual machine)
sw (OS)
architecture (overlay)
protocols (circuit/package) …
– Ephemeral instantiation and
dynamic configuration of
systems’ properties
Network of Artifacts societies
– Thinking requests a knowledge
posture (it is not only computation)
– intelligence requires a body (*)
– Instantiation for networks
• Old vision: signaling protocols,
control plane
• Distributed instrument (usually
software) to grasp the context and
the situation
• Today vision: overlay structures
• Tomorrow vision : overlay and
incarnation over network-computer,
hw/sw, content-services
Adaptation
(*) “How the Body Shapes the Way We Think: A New View of Intelligence” by Rolf Pfeifer and Josh C. Bongard, MIT Press, 2006
August 28, 2008
AsiaFI meeting, Jeju, South Korea
20
Computational Cryptography
Traditional hierarchical ladder of the
current internet
Governmental organizations
Re-equilibrium of forces within the
future internet (attacks, cryptanalysis)
Massive externalized
furtive computer power
running within the
anonymous networks
confidential illicit computations
Standalone end-user
amateur Hacker
August 28, 2008
New Crypto with computation, history and geography ?
Alice and Bob are no more alone in this world:
They have witnesses, alibis, trajectories
AsiaFI meeting, Jeju, South Korea
21
They leave traces …
Cryptography in the Future Internet
• Classical cryptography
– Core network : Crypto at 100 Gbits/s up to 1 Tbits/s :
authentication protocols
– Edge: Crypto for the Internet of things - integrity of tags
– Multiparty, massive Games
• Alice and Bob are dead …
• … or they are lost within the crowd
• Quantum cryptography
– Distribution of secrets
• October 2008 : demonstration in Vienna (Secoqc IP FP6 Project)
August 28, 2008
AsiaFI meeting, Jeju, South Korea
22
Exchanges crossing boundaries :
virtual, massive, private
country A
Multi-parties : Web2 (Second Life, multi-players games)
Massive numbers of participants
Multiservices : Skype, P2P …
Technology 1
Technology 2
country B
Technology 3
August 28, 2008
AsiaFI meeting, Jeju, South Korea
23
A science of the Web : technical challenges
• Old Web : importance of the underlying protocols
• computers connected (Web pages, Web sites)
– 1986 : ancient Web : (Wide Electronic Board)
– 1991 : Web (Berners-Lee)
• Web with text
• 1995 : first success (Java encapsulated)
•
•
Bandwidth issue (wait-wait-wait)
2000 : high data rate
• Web with Multimedia
Catastrophic event in the protocol world in 2000 :
• Web2 (Multiparties, Virtual), “Semantic” Web, … Web Http decreases, P2P protocols raises drastically
• Future Web: importance of mobility, context and reinvestment of Humans &
Reality
• Computers (Mobile, Multimedia), networks at large, within physical world
– profound evolution in parallel with Future Internet
• Geography : Mobility, Ubiquity
– Reconciliation with nomadicity (vocal Web)
– Search engines with locality, smarter search engines : Post-Google engines
• History : Memory of the web (Next Generation of the Deep Web, Hidden Web)
– Stochastic XML (see P Senellart PhD Thesis December 2007, Paris)
• Knowledge
•
•
Representation, Visualization
Search engines, Social computing, Natural language technology
– Web of intentional Things
• Things will display their public life cycle, will blog (for maintenance)
August 28, 2008
AsiaFI meeting, Jeju, South Korea
24
Hidden Web, Deep scattered services :
death of the OSI model
Old Internet : flat architecture,
independence between
application - network
Future Web Services : distributed
resources, “aggressive” protocols,
Continuity application - network
First
Drawing
Example : Skype architecture
August
28, 2008 of Internet (Paul Baran,
AsiaFI 1962)
meeting, Jeju, South Korea
25
Resilience Vision:
“private dedicated local” overlay technology
mutualization of three resilient Ubiquities
technologies for the three functions
storage
computation
local
P2P structures
local
Overlay Services
“Grids”
“local” stands for resources
“known or shared by neighbors”
August 28, 2008
cross-mechanisms
to link
the virtual interfaces
communication
Local Overlay Networks
AsiaFI meeting, Jeju, South Korea
26
Scalability & granularity issues :
overlays do not overlap
Infrastructure
storage
communication
August 28, 2008
computation
AsiaFI meeting, Jeju, South Korea
27
Evolution of computing paradigms:
growing complexity, darkness, vulnerability
• Before 1980 :
– Computing belonged to private kingdoms
• 1980: Everything is a file
– Instruments: Unix and C Language (golden age of the computer scientist)
• Unix unites hardware and software
• A file: string of characters that can be manipulated using C programming language
• A printer is a file (/dev/lpr), as is the recycling bin (/dev/null)
• 1990: Everything is a document
• Computing for all businesses
– 1990: On the desktop (Microsoft)
– 1995: On a network (Internet)
• for someone communicating, everything is a document available on the network, readable by
everybody (HTML) and executable everywhere (Java)
• 2000: Everything is a Program
• ambient intelligence
–
–
–
Jini Concept: a printer is a Java program (which announces its capabilities to its neighbors)
Active network: an IP packet has a header which is a Java program that executes itself on the network’s routers
Intentional Architecture: an address name is a program which can be used to find it
• 2010 : Architecture is a program
August 28, 2008
AsiaFI meeting, Jeju, South Korea
28
Languages :
complexification of abstract typing
1955
1958
1965
Pointers:
Static Structures
Floats, Integers
Independent
within the
memory
John Backus
Fortran
1992
Pointers : objects,
dynamic, programs
Java
List : organization
of the memory with strings
John Mac Carthy
Lisp
Dennis M. Ritchie
C
August 28, 2008
1986
AsiaFI meeting, Jeju, South Korea
C++ Bjarne Stroustrup
29
Networks :
Complexification of abstract typing of links
1960-2000
Traditional network :
nodes and links
2000-2010
2010-2020
2020-2030
ubiquity
Overlay network, P2P :
Asynchronous
Introduction of topology
Text
BitTorrent, Chord
Text Mining
Virtual tier networks :
Scalable protocols
Static structure of
Geography
personalized nodes
Multimedia
Semantic dynamic networks :
History
Programmable structures
memory
Google
Knowledge
Web
Ontologies
August 28, 2008
AsiaFI meeting, Jeju, South Korea
30
Identity card projects in Europe with biometry
A secure ID plastic card with a chip set ?
and other secure keys and personal data ?
August 28, 2008
AsiaFI meeting, Jeju, South Korea
31
Fragmented Compartmented Multi-identities
You have multiple roles:
a citizen, an employee,
a consumer, a provider
a parent, a patient,
a victim, a player …
All these roles have
their own privacy
Physical identity(ies) &
Cyber identity(ies)
must be considered
separately and as a whole
August 28, 2008
AsiaFI meeting, Jeju, South Korea
32
Virtual & Real world :
new generation of attacks
Attacks swing between
virtual and reality, back and forth
avatar
What is biometry (voice, picture)
when digitized ? Just 1 and 0
On the future Internet, the audio video content
will be quite sensitive and highly valuable
August 28, 2008
AsiaFI meeting, Jeju, South Korea
33
A 2 layer model after the digital convergence
Virtual
PLANE
Engineering
PLANE
August 28, 2008
Management
Internet
Service
oriented
architecture
Security
3G
AsiaFI meeting, Jeju, South Korea
Galileo
Internet
of Things
34
How to secure a fully virtual world across countries ?
The virtual plane
Virtual Word : Deep Web, Virtual Organizations, Virtual Operating Systems, Virtual Private Networks,
Overlays (BitTorrent, Skype, Storage Area Networks…), Underlays (Landmarks), Web2 …
August 28, 2008
AsiaFI meeting, Jeju, South Korea
35
Security & Trust
Suspect behaviour
Maximum trust value
Trust
1
Real World (Context)
Ambient Intelligence
0
Trust
absolute
Trust
Security
1
1st Threshold
0.50
2nd Threshold
0.0
Digital World
Information System & Networks
0.50
Dissociation between both
Distrust
absolute
Infrastructures/Instrumentations of Trust &
Security
August 28, 2008
AsiaFI meeting, Jeju, South Korea


Number of interactions
-1
Trust
Distrust
Trust Continuum
1st Threshold to modify behavior
2nd Threshold to stop interacting 36
Privacy : Dialectic Security & Freedom
Visibility, reciprocal transparency, peer surveillance
Security
Privacy
Quarantine zone
citizen
society
A private entity : an individual, a company
August 28, 2008
AsiaFI meeting, Jeju, South Korea
The rest of the world
37
Future Internet
•
Will be characterized through unlimited services and infrastructure convergence
– Apparent service transparence on heterogeneous networks
• Complexity, vertical mobility, adaptation
– International environment
• Different ethics, different legislations
– Participative environment
• Consumers are producers who are consumers of other producers, etc.
• Ad-hoc spontaneous service creation: complex workflows with security policies
– Unlimited distribution vs. content vulnerability
• Origin, authenticity, legality of content, legality of possession of it
• Non-repudiation, accounting, billing
– Privacy violations
• Tracing, abuse, identity theft
•
Still a definition problem
–
–
–
–
Interconnection of today’s Internet, 3G/4G, Galileo
New networks: Internet of things, opening of critical infrastructures
Scaling: from the minuscule to the gigantic
Reconcile ethics & cultures: system with multiple instantiations, multi-form structure?
• Multipolar Governance
August 28, 2008
AsiaFI meeting, Jeju, South Korea
38
Trust, Security, Dependability & Privacy
Issues to be validated
•
•
•
•
•
Identity of physical and moral persons
– Identity management, accountability, responsibility, in proportionality of the whole value chain of players : end-user,
software editor, Service Provider, etc
– Catalog of authentications (Accountability & non repudiation)
– Privacy and intimacy policies
Identity of virtual entities and physical artifacts
– Internet of Things (Massive and extremely tiny objects ) : Statistical security (traceability)
“Urbanization” of Poly-infrastructures (Internet, 3G, Galileo, Internet of things…)
– Huge and inextricable digital world
• Complex system of systems : impossible to fully understand (and secure)
• End-users and assets to protect :
– New Architectures and protocols
• Necessity to create a new trusted infrastructures (analog to reinforced concrete for physical buildings)
– Contents (flow, assets) and programs
Distributed Learning Machines in Security : Resilience
– Traffic analysis & monitoring : early detection
– Distributed security instrument to detect and analyze security breaches
– Scalability of security paradigms
• Seamless (through heterogeneity), mobility (through persons and robots) and massivity (extreme data rate &
volume) properties
Digital governance
– Protection of the user (ethical behavior) from the rest of the world
– Protection of the society from the user (hacker, cyber crime, cyber terrorism)
August 28, 2008
AsiaFI meeting, Jeju, South Korea
39
New security paradigms for Internet resilience
• The new art of sharing secrets
– How to split between address – location & identity ?
– Design new mechanisms for authenticity
•
•
•
•
Death of bunch of passwords : when?
Tamper resistant devices
Protocols to ensure trust properties for routing
No lies, no spoofing, no impersonation
– How to forget ?
• Traces, memories, events, blogs and
• The new art to be accountable and liable
– Sharing trust in the end to end actor’s chain within the collaborative
environment
• The new art of remaining free and private
August 28, 2008
AsiaFI meeting, Jeju, South Korea
40
Top down approach : different granularities
• Need to secure systems of systems
– Urbanism instead of architecture
– Reconcile different security policies and build coexistent conflicting policies
• Need to secure any participating system
– Multi-party security, heterogeneous security
– Close but do not enclose: service vs. security
• Need to secure every entity
– Identification, traceability, protected sessions
– But respect privacy needs of legal bodies
• Anonymity, pseudonymity, unconditional confidentiality
• Need to educate users
– Legal issues, responsibility, technological background, risks & opportunities
– Best practices, control, reaction and procedures
• Governance: need to control and manage (end-users within the loop)
– System and entity management at every level
– Just-in-time analysis and reaction to incidents
• Machine and autonomous learning
• Security and reliability of these mechanisms
August 28, 2008
AsiaFI meeting, Jeju, South Korea
41
New challenges
• Dynamic systems & adaptive context & services
– Security services : realtime measurements and assurance calculations
• Just-in time security is very vulnerable
– How to make the distinction between
• positive services and distributed botnets ?
• Self-* properties, autonomous local properties : who is
responsible? non repudiation protocols will be crucial
– Current Internet : Alice and Bob are dead
– Future Internet : Astrid, Barnabé, Charlotte, David, Elody … were born
within a dynamic environment, with a lot of neighbours
• Personalization
– Not only end-to-end communications
• Indirect attacks through Objects, locations
– Location based services
– Traceability (ONS, etc)
• Virtual entities are not taken into account by Policies
– Virtual stands for
• Identification difficult
• Accountability difficult
August 28, 2008
AsiaFI meeting, Jeju, South Korea
42
Changing the paradigm & rethinking the system
• First route: changing the paradigm : pervasive and never finished
– Vision of a future pervasive ICT
• with billions of networked devices, leading to self-organizing, -healing, -protection
systems
• could benefit from bio-living world inspiration where such organized populations evolve
– Incremental development & deployment
• systems are never finished, evolution is incessant, upgrades, changes in functionality,
new features are being added at a continuous pace
• systems are expected to be able to respond to the changing circumstances of the
ambient where they are embedded
• Second route: rethink the system from the users’ point of view
– This vision of a future user-centric system
• These users must take back control (at least in part) of their personal, digital space
• to change the current asymmetry between users and suppliers/publishers/service
providers.
– Privacy
• risk of the growing trend towards a massive dissemination of digital traces representing
behavioral, personal and even biological information
– The result should be able to combine privacy protection with personalization
• driving role, by seeking subsidiarity and independence, arriving at developing methods for
user-oriented risk assessment
August 28, 2008
AsiaFI meeting, Jeju, South Korea
43
Security : technology & policy (societal)
• Security of functional properties (services, operations)
– Through the natural Security functions
• identification, authentication, access control, data protection…
– Through the architecture: new distribution of computers, persons,
things, contents, services
• Composition, self-*
– Through the delegation of …
• Business process management
• Security of non functional properties of the digital world
– Mobility
– Management
– Evolution, adaptability
• Security2 for instilling trustworthiness (stakeholders)
–
–
–
–
Security of security
Security of trust
Trust of security (security in the dark)
Usability
August 28, 2008
AsiaFI meeting, Jeju, South Korea
44