View
1.833
Download
2
Category
Tags:
Preview:
DESCRIPTION
This presentation was held by Michael Waidner at »Konferenz Zukünftiges Internet« on 5/6 of July 2011.Can be also found at: http://www.future-internet-konferenz.de/programm/5.-juli-2011-1
Citation preview
– 1 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
Security, Privacy and the Future Internet
Prof. Dr. Michael Waidner
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
– 2 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
Outline
Future Internet
Security and Privacy
Security and Privacy by Design
– 3 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
Globally interconnected cyber-physical system
Internet of People, Data, Services, Things, … and Crime & War
Cloud-delivered IT & Business
Services
Online Social Networks Cloud-delivered
Crime & War
– 4 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
Overall, Security is Becoming More Difficult
Future Internet is the ideal target: everybody, everything is online
Professionalization and industrialization of cybercrime and cyberwar
Network of people and user-generated content
Privacy (in public spaces …)
Intellectual property
Filtering illegal and dangerous content
Withstanding censorship
– 5 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
But Security may Also Benefit from the Future Internet
Better security through standards, automation, services
Cloud will lower costs for good and well-managed security and privacy
Today, poor service management (governance, change, patch) is key source of insecurity!
Global scale, global economy may enable global standards
Trust and identity infrastructures
Privacy and information sharing
Assurance, auditing, forensics
– 6 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
Outline
Future Internet
Security and Privacy
Security and Privacy by Design
– 7 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
A Slightly More Technical View: Security Problems
New technologies, new threat vectors
Massive resource sharing in clouds
Mobile and ambient as new access channel
Cyber-physical convergence
Global connectivity without global identity
Old principles don’t apply anymore
Perimeter security vs. service decomposition
Trusted base vs. everything in the cloud
Managed endpoint security vs. consumerization
…
– 8 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
Some Security Research Challenges
Research pipe full of untested results Crypto, trusted computing, provenance,
sticky policies, automated checking, …
More applied research
Security for legacy systems, networks, …
Unexpected intrusions, abuses, insiders
Accountability with privacy
Forensics with privacy
Quantification of risks and security
Create a network to fight a network Cross-org sharing of security information
Commons nature of security
– 9 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
Privacy in the Future Internet
Privacy is difficult to define
What is the €-value of your personal information?
What is privacy in a public space like an OSN?
Tradeoffs are always individual
Status
Purpose Binding: responsible data management – mostly mature
Data minimization: crypto and data management – no practical experience
Context binding: not even well defined
Sustainable informational self-determination: no good solutions
– 10 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
Some Privacy Research Challenges
What is privacy in …
OSN, location, ambient, mobile, cloud, smart grids, … Mental models for usability
Research pipe full of untested results
Standardization Portable id, pseudonyms, options, expiration dates, … Globally practical trust and identity framework
M0re applied research Privacy despite accountability Privacy despite forensics Computing with encrypted data
Commons nature of privacy
– 11 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
Outline
Future Internet
Security and Privacy
Security and Privacy by Design
– 12 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
Building a Secure System
Huge body of engineering knowledge
Many articles, books, courses, degrees, tools, …
So, in theory, this should be doable
– 13 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
Building a Secure System
Source: Microsoft Secure Development Lifecycle
Source: IBM X-Force, 2011
State of the art in the software industry
But # of vulnerabilities is still going up
A more detailed look shows:
• Same errors again and again
• IT people lack skills
• Current processes and tools are too complex for humans
– 14 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
Which one is Better: “by design” or “by patching”
Security and Privacy by Design
Security and Privacy by Patching
Overall: economic
High initial costs Low recurring costs
Overall: expensive
Low initial costs High recurring costs
Avoids damage Damage might be irreversible:
Life and health Critical infrastructure Privacy, reputation,
confidentiality
NIST 2010: • 80% of development
costs spent on finding and fixing errors
IBM 2010: Fixing a single defect during … costs: • Coding: $80 • Build: $240 • QA/Test: $960 • Post release: $7’600 +
reputational costs
European Center for Security and Privacy by Design (EC-SPRIDE) Projected start: October 1st, 2011
– 15 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
What needs to be done
Challenges
Consistent models throughout all phases
Patterns for requirements analysis
Model-driven security (design, test)
Static and dynamic analysis
Usability: end users, developers, admins
Ready to use building blocks
Demonstrable and quantifiable improvements in security
Applied to interesting cases: cloud computing, embedded, …
Education for ordinary developers
– 16 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
Outline
Future Internet
Security and Privacy
Security and Privacy by Design
– 17 –
© F
rau
nh
ofe
r-G
ese
llsch
aft
20
11
Fraunhofer-Institut für Sichere Informationstechnologie
Rheinstraße 75 64295 Darmstadt
www.fraunhofer.de www.sit.fraunhofer.de
Center for Advanced Security Research Darmstadt
Lehrstuhl für Sicherheit in der IT Mornewegstraße 30 64289 Darmstadt
www.cased.de www.sit.tu-darmstadt.de
Prof. Dr. Michael Waidner michael.waidner@sit.fraunhofer.de
Recommended