IoT privacy risk management in ANASTACIA project

Similar documents
ANASTACIA: Advanced Networked Agents for Security and Trust Assessment in CPS IoT Architectures

Enhancing Critical Infrastructure Protection with innovative SECurity framework

GDPR Update and ENISA guidelines

Cybersecurity & Digital Privacy in the Energy sector

The NIS Directive and Cybersecurity in

Cybersecurity ecosystem and TDL Antonio F. Skarmeta

NIS Standardisation ENISA view

Security Enhancements

European Union Agency for Network and Information Security

Fintech District. The First Testing Cyber Security Platform. In collaboration with CISCO. Cloud or On Premise Platform

Trustworthy ICT. FP7-ICT Objective 1.5 WP 2013

Continuous protection to reduce risk and maintain production availability

ENISA EU Threat Landscape

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Part I: Future Internet Foundations: Architectural Issues

PRISMACLOUD. Privacy and Security Maintaining Services in the Cloud Thomas Loruenser. CSP2015 Brussels /

Leveraging SDN & NFV to Achieve Software-Defined Security

Google Cloud & the General Data Protection Regulation (GDPR)

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

In Accountable IoT We Trust

CEF Telecom Calls: CEF-TC : Cyber Security TZAFALIAS ARISTOTELIS POLICY OFFICER DG CONNECT

ELASTIC SERVICES PLATFORM

Simplified service creation and delivery. Branch. SOHO Data Center. Control Center / NOC Packet Muse Service & Network Applications

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

DT-ICT : Big data solutions for energy

VMWARE AND NETROUNDS ACTIVE ASSURANCE SOLUTION FOR COMMUNICATIONS SERVICE PROVIDERS

MASP Chapter on Safety and Security

Angela McKay Director, Government Security Policy and Strategy Microsoft

Cisco 5G Now! Product Announcements. February, 2018

Call for Expressions of Interest

Introduction. Delivering Management as Agile as the Cloud: Enabling New Architectures with CA Technologies Virtual Network Assurance Solution

Discussion on MS contribution to the WP2018

Cyber Security in Europe

Supply Chain Integrity and Security Assurance for ICT. Mats Nilsson

IOT FLAGSHIP PROJECT. Dr. Mario Drobics, AIT

Security and Privacy in Car2Car Adhoc Networks

Towards the Certification for IoT

National Institute of Standards and Technology

ITU-T Y Next generation network evolution phase 1 Overview

The Key Principles of Cyber Security for Connected and Automated Vehicles. Government

The NIST Cybersecurity Framework

Evolving IoT with Smart Objects

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Systems Engineering for Software-Defined Network Virtualisation. John Risson, Solutions Engineering Manager IP and Transport Engineering, Telstra

BHConsulting. Your trusted cybersecurity partner

Crises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.

Horizon 2020 Security

Siemens view and approach on critical infrastructure resilience against cyberthreats Joint OECD-JRC Workshop, Paris September 2018

New cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017

EU funded research is keeping up trust in digital society

General Framework for Secure IoT Systems

ERCI cybersecurity seminar Guildford ERCI cybersecurity seminar Guildford

Secure Data Processing in the Cloud

The Network and Information Security Directive - ENISA's contribution

Secure Societies in 2015

H2020 & THE FRENCH SECURITY RESEARCH

Secure Development Lifecycle

Directive on security of network and information systems (NIS): State of Play

Security and resilience in Information Society: the European approach

Altice Labs 5G activities

H2020 WP Cybersecurity PPP topics

Third annual ITU IMT-2020/5G Workshop and Demo Day 2018

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Identify adequate calls and analyze the call text

6 KEY SECURITY REQUIREMENTS

Twilio cloud communications SECURITY

Cybersecurity & Privacy Enhancements

ETNO Reflection Document on the EC Proposal for a Directive on Network and Information Security (NIS Directive)

The Interoperability Challenge in. Telecom and NFV Environments. Carsten Rossenhövel, EANTC Chris Price, Ericsson Ildikó Váncsa, OpenStack Foundation

5 Steps to Government IT Modernization

Business Continuity Management

Systemic Analyser in Network Threats

EU General Data Protection Regulation (GDPR) Achieving compliance

MITIGATE CYBER ATTACK RISK

Real-time Communications Security and SDN

EU LEIT-ICT program and SE position on FP9

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

IoT & SCADA Cyber Security Services

13967/16 MK/mj 1 DG D 2B

EUROPEAN COMMISSION JOINT RESEARCH CENTRE. Information Note. JRC activities in the field of. Cybersecurity

Preemptive PREventivE Methodology and Tools to protect utilities

Encounter LATP-ETPs 19 October 2015, Lisbon, Portugal Ernestina Menasalvas, Universidad Politécnica de Madrid

Digital Renewable Ecosystem on Predix Platform from GE Renewable Energy

An Anomaly-Based Intrusion Detection System for the Smart Grid Based on CART Decision Tree

Certified Information Security Manager (CISM) Course Overview

Smart Software Licensing tools and Smart Account Management Privacy DataSheet

Future Glimpses: Two Next Generation Applications of SDN and NFV. Alan Carlton. VP, InterDigital Europe. June G World, London

Cloud Security Standards and Guidelines

Birmingham Community Healthcare NHS Foundation Trust. 2017/17 Data Security and Protection Requirements March 2018

CSA GUIDANCE VERSION 4 S TAT E O F T H E A R T CLOUD SECURITY AND GDPR NOTES. Hing-Yan Lee (Dr.) EVP, APAC, Cloud Security Alliance

WORK PROGRAMME

Package of initiatives on Cybersecurity

SEGRID storyline. Workshop SEGRID November 14 th, 2016, Barcelona, Spain

ACARE WG 4 Security Overview

A QUICK INTRODUCTION TO THE NFV SEC WG. Igor Faynberg, Cable Labs Chairman ETSI NFV SEC WG

Future-Proof Security & Privacy in IoT

Certification. F. Genova (thanks to I. Dillo and Hervé L Hours)

Securing a Dynamic Infrastructure. IT Virtualization new challenges

(Project Number ) SecSoN Workshop, ACM SIGCOMM 2018 Budapest, 24 August Mike Surridge, University of Southampton IT Innovation Centre

Transcription:

ANASTACIA has received funding from the European Union s Horizon 2020 Research and Innovation Programme under Grant Agreement N 731558 and from the Swiss State Secretariat for Education, Research and Innovation. Advanced Networked Agents for Security and Trust Assessment in CPS/IoT Architectures IoT privacy risk management in ANASTACIA project Stefano Bianchi Softeco Sismat ANASTACIA Project Coordinator IoTWeek 2017 IoT Risk Management

ANASTACIA has received funding from the European Union s Horizon 2020 Research and Innovation Programme under Grant Agreement N 731558 and from the Swiss State Secretariat for Education, Research and Innovation. Advanced Networked Agents for Security and Trust Assessment in CPS/IoT Architectures TYPE: CALL: TOPIC: Research & Innovation Action H2020-DS-LEIT-2016 DS-01-2016 Assurance and Certification for Trustworthy and Secure ICT systems, services and components DURATION: 36 MONTHS (Jan 2017 Dec 2019) COSTS: 5,420,208.75 FUNDING: 3,999,208.75 G.A.: 731558

Rationale The heterogeneous, distributed, and dynamically evolving nature of Cyber Physical Systems (CPS) based on Internet of Things (IoT) and virtualised cloud architectures introduces new and unexpected risks that cannot be solved by current stateof-the-art security solutions. ANASTACIA will deliver paradigms and methods that build security into the system at the outset; adapt to changing conditions; reduce the need of finding flaws and repairing them when the system is already deployed; provide the assurance that ICT systems are secure and trustworthy at all times. ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 3

Mission To develop a trustworthy-by-design autonomic security framework which will address all the phases of the ICT Systems Development Lifecycle (SDL) and will be able to take autonomous decisions through the use of new networking technologies such as Software Defined Networking (SDN) and Network Function Virtualisation (NFV) and intelligent and dynamic security enforcement and monitoring methodologies and tools holistic solution enabling trust and security by-design for Cyber Physical Systems (CPS) based on IoT and cloud architectures ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 4

The ANASTACIA framework includes 1 Security development paradigm based on the compliance to security best practices and the use of the security components and enablers (this will provide assisted security design, development and deployment cycles to assure security-by-design) 2 Distributed trust and security components and enablers able to dynamically orchestrate and deploy user security policies and actions within complex and dynamic CPS and IoT architectures (online monitoring and testing techniques will allow more automated adaptation of the system to mitigate new and unexpected security vulnerabilities) 3 Holistic Dynamic Security and Privacy Seal (DSPS) combining security and privacy standards and real time monitoring and online testing (this will provide quantitative and qualitative run-time evaluation of privacy risks and security levels, which can be easily understood and controlled by the final users) ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 5

The ANASTACIA framework provides 1 Self-protection capabilities 2 Self-healing capabilities 3 Self-repair capabilities ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 6

1 ANASTACIA's sub-objectives To provide the end users with intuitive and user-friendly tools and solutions to model and configure policies governing the configuration of the security in decentralized and virtualized architectures. 2 To leverage cloud and SDN/NFV functionalities to allow easy deployment and provide security solution for highly connected CPS/IoT; and, more generally, smart objects communications. 3 To develop a dynamic Security Enforcement Manager, based on Monitoring and Reaction components, using beyond state-of-the-art vulnerability analysis and security monitoring techniques. 4 To develop a Dynamic Security and Privacy Seal (DSPS) combining normative requirements (GDPR, ISO standards, etc.) with monitoring functionalities to provide real-time indication on the trustability of a deployed system. 5 Validation and evaluation of the overall approach in two realistic industrial case studies with high societal and economic impact. 6 To maintain a strong link to relevant standards and standard bodies. ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 7

SECURITY BEST PRACTICES FRAMEWORK Security development paradigm Summarizing Self-protection capabilities SECURITY & PRIVACY STANDARDS Distributed trust and security components and enablers Holistic Dynamic Security and Privacy Seal (DSPS) Self-healing capabilities Self-repair capabilities DEVICE VALUE CHAIN ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 8

Summarizing (more) SECURITY TECHNOLOGY LEGISLATION PRIVACY ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 9

Seal Mgt Plane Dynamic Security and Privacy Seal Monitor Human Control and Validation Life Cycle and Deployment Analysis ANASTACIA User Plane User Interfaces Services Policy Editor Tool Applications framework Autonomic Plane Monitoring Reaction Security Enforcement Component Anastacia Security Orchestrator architecture Extended NorthBound Interface (REST) PLANES Control Plane Physical Network Functions (legacy) IoT controls SDN Controller Extened SouthBound Interface Virtual Network Functions NFV Management & Orchestration MANO Virtualized Infrastructure - NFVI Physical Infrastructure Data Plane IoT Devices LAN Switch Router Packet Switch Other Net compute storage Devices ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 10

ANASTACIA framework architecture COMPLEXITY INCREASED ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 11

?? Privacy?? HOW TO GUARANTEE COMPLIANCY WITH PRIVACY LEGISLATION? ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 12

Holistic approach combining security and privacy ANASTACIA will endow end users and security experts with intuitive and user-friendly tools, models, guidelines and solutions to manage security, privacy and risk in decentralized and virtualized architectures. ANASTACIA will provide a set of novel security and trust by design enablers tailored to cope with heterogeneous and holistic scenarios that may combine SDN-NFVs and IoT, implementing: policy based security management models threat analysis and contingency mechanisms privacy risk modelling secure software development guidelines The privacy risk analysis and modelling will identify measurement points as well as contingency measures to mitigate the risk. ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 13

DYNAMIC SECURITY AND PRIVACY SEAL (DSPS) Instantaneous view and understanding on the trust level of the system, combining real-time dynamic security and privacy monitoring with conventional certification schemes applying ISO certification models, plus normative requirements from General Data Protection Regulation (GDPR) and ISO standards The first ICT-based seal addressing GDPR New models of secured certificate registry will be also researched in order to prevent the risk of counterfeiting ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 14

ANASTACIA's challenge on privacy-compliant security USER SECURITY POLICIES SECURITY ENFORCEMENT & REACTION/MITIGATION DEVICE!!! FEEDBACK & MONITORING LEGISLATION GUIDELINES ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 15

Mobile Edge Computing applications Use Cases Test Case: MEC on video cameras Scenario: Spoofing attack on the security camera system Smart Building Management Systems applications Test Case: Resilient cyber-physical systems in smart buildings Scenario: Cyber-attack at a hospital building ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 16

Innovation Advisory Board (IAB) To support the Consortium in the identification and implementation of the strategy to maximize the impact of results, overviewing and aligning the released outcomes with the industry s and standardization bodies requirements ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 17

IAB members ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 18

Contacts Project Coordinator Stefano BIANCHI (Softeco Sismat) stefano.bianchi@softeco.it Scientific and Technical Project Manager Antonio SKARMETA (Universidad de Murcia) skarmeta@umu.es ANASTACIA G.A. 731558 - www.anastacia-h2020.eu 19

ANASTACIA has received funding from the European Union s Horizon 2020 Research and Innovation Programme under Grant Agreement N 731558 and from the Swiss State Secretariat for Education, Research and Innovation. Advanced Networked Agents for Security and Trust Assessment in CPS/IoT Architectures www.anastacia-h2020.eu http://www.anastacia-h2020.eu http://youtube.anastacia-h2020.eu http://youtube.anastacia-h2020.eu http://twitter.anastacia-h2020.eu http://twitter.anastacia-h2020.eu http://linkedin.anastacia-h2020.eu http://linkedin.anastacia-h2020.eu

ANASTACIA has received funding from the European Union s Horizon 2020 Research and Innovation Programme under Grant Agreement N 731558 and from the Swiss State Secretariat for Education, Research and Innovation.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback