1 / 23

Emerging Research Dimensions in IT Security

Emerging Research Dimensions in IT Security. Dr. Salar H. Naqvi snaqvi@ieee.org Senior Member IEEE Research Fellow, CoreGRID Network of Excellence European Research Consortium for Informatics and Mathematics. Research Context. Evolution of Computing Paradigm. Customer. Vendor.

paul
Télécharger la présentation

Emerging Research Dimensions in IT Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Emerging Research Dimensions in IT Security Dr. Salar H. Naqvi snaqvi@ieee.org Senior Member IEEE Research Fellow, CoreGRID Network of Excellence European Research Consortium for Informatics and Mathematics

  2. Research Context

  3. Evolution of Computing Paradigm Customer Vendor Orders, Payments Computer Computer • Static Cooperation • Electronic Data Interchange (EDI) • Dynamic Cooperation • Internet • Dynamic Collaboration • Peer-to-Peer (P2P), Web Services (WS) • Dynamic Resource Sharing • Computational Grid Invoice, Price notices, updates

  4. New Challenges • Very large scales • million of entities • Dynamic • entities join, leave, move, change behavior • Heterogeneous • capability, connectivity, reliability, guarantees, QoS • Unreliable • components, communication • Lack of common/complete knowledge • number, type, location, availability, connectivity, protocols, semantics, etc.

  5. Security – Challenges • Computational Grids • Interoperability, Trust, Usability, Robustness/Resilience, Delegation, Bootstrapping, Mobility • Clusters • Integration of different security solutions, automated security management • Peer-to-Peer Systems • Setting up uniform security policy, Trust management, storage of authentication tokens and user identities • Pervasive/Ubiquitous Computing • Privacy, Scalability, Heterogeneity, Integration, Invisibility • Mobile Computing • Dependability, Disconnections, Context and State Management

  6. New IT Security Research Dimensions

  7. Classical Planes Logical Physical

  8. Novel Planes Virtual Logical Physical Quantum

  9. Virtualization • The secure interoperability between VOs demands interoperable solutions using heterogeneous systems. • Virtualization permits each participating end-point to express the policy it wishes to see applied when engaging in a secure conversation with another end-point. • Policies can specify supported authentication mechanisms, required integrity and confidentiality, trust policies, privacy policies, and other security constraints.

  10. Pluggability/Configurability • Pluggable Security Services (PSS) requirements include: • Definition of standard and flexible interfaces • Integration at application layer • Coordinated invocation of services • Usable by users and services • Simultaneous use of multiple services • Support for future enhancement • Optimization for various communication links • Provision of real-time invocation features • Use of standard programming interfaces

  11. PSS Architectural Overview

  12. Application/Client Interface • Authenticates user/application • Facilitate communications • Configuration Daemon • Accepts machine independent, abstract configuration request • Interacts with the coordination service • Security Services Handler • Absorbs the diversity of security mechanisms • Protocol Mapping • Contains the list of supported protocols • Security Architecture Interface • Consists of socket modules to plug various security services.

  13. SEINIT: Security Expert Initiative • IST Integrated Project • IST-2002-001929-SEINIT • Duration: December 2003 – November 2005 • Extended till February 2006 • Budget • Total cost: 8 M€ • EU Contribution: 3.9 M€ • Objectives • Ensure a trusted and dependable security framework, ubiquitous, working across multiple devices, heterogeneous networks, being organisation independent (inter-operable) and centred around an end-user.

  14. www.seinit.org

  15. Use case

  16. Novel Planes Virtual Logical Physical Quantum

  17. Quantum Key Distribution (QKD) • Quantum Key Distribution (QKD) is simultaneous generation of identical bit sequences in two distinct locations with quantum physical methods • QKD enables the implementation of a secure secret channel • To make QKD ready for practical applications, we need to • Make physical devices ready for practical application • Provide necessary interfaces for the integration into existing technologies • Develop conceptual design for networked infrastructures • Development of cryptographic algorithms and models

  18. IST Integrated Project SECOQC • SECOQC: Secure Communication based on Quantum Cryptography • IST-2002-506813-SECOQC • Duration: April 2004 – March 2008 • Budget • Total cost: 11.3 M€ • EU Contribution: 5.5 M€ • Objectives • Global dependability and security framework

  19. www.secoqc.net

  20. Conclusions & Perspectives • Security has emerged as an indispensable characteristic of any IT system • Security components should be woven in the IT Fabric • IT Security requires new dimensions to tackle the contemporary threats paradigm • European Commission provides funding for IT research through various programs of IST (Information Society Technologies) • Notably: • Future Emerging Technologies (FET) • Beyond the Horizon • Security is not a product – Security is a PROCESS!

More Related