This objective addresses cyber security and privacy in three major technological areas: cloud computing, mobile services and the management of cyber incidents. Activities will cover R&D&I including the adaptation and integration of technology and demonstration in real life environments, from the design to the implementation stage. This objective also aims at supporting trust and security policies.
It will be complemented with an EU-Japan co-ordinated call (Obj. 10.1 of the WP2013) and foresees targeted support to EU-Australian cooperation in trustworthy broadband services.
a) Security and privacy in cloud computing:
should improve the security components, in particular for identification, authentication and encryption, in terms of speed of processing and easiness of deployment in highly distributed environments, with very large amounts of users. It should ensure the long-term privacy and security of data and applications, including when necessary through hardware solutions, and enhance user control (including on location of data) and usability. New models and tools for inter-domain security breaches detection, notification and reaction should be developed.
b) Security and privacy in mobile services
The efficiency, robustness and performance of the security solutions for mobile environments should be improved, in particular for system security (e.g. malware detection), data management and identification/authentication. It should address the specificities of the mobile devices (smart phone, tablet…) compared to traditional personal computers: lower resources (e.g. computational, power), different models of software development and distribution (e.g. applications marketplaces). It should include privacy-by-design and give to users the long-term control of the security and privacy of their data and processes, including notification for intentional or unintended breach. It should be scalable, inter-operable and applicable across technologies, vendors and operators.
c) Development, demonstration and innovation in cyber security:
addresses the application of technologies to increase the level of cyber security in Internet. This includes the development and demonstration of technologies, methodologies and processes to prevent, detect, manage and react to cyber incidents in real-time, and to support the breach notifications, improving the situational awareness and supporting the decision making process. It will also develop and demonstrate advanced technologies and tools that will empower users, notably individuals and SMEs, in handling security incidents and protecting their privacy.
d) Technologies and methodologies to support European trust and security policies
The proposed activities should:
• Develop a cyber security research agenda, anticipation of future trends and addressing the needs for interoperability;
• Analyse the innovation process in privacy and cyber security, identifying the obstacles and propose improvements; identify market conditions and economic incentives for organisations to invest in ICT security and integrate it into their products, services and systems;
• Facilitate the application of privacy and security by design practices in the development and implementation of products and services, foster a risk management culture among users and support an unhindered usage of Internet and other telecom technologies against arbitrary disruptions, censorship and surveillance.
e) EU-Australia cooperation on building user trust in broadband delivered services:
aims at developing an integrated framework for advanced authentication and identity management in broadband delivered services. The solution will rely on existing or emerging schemes, prototype components or recent research results.
a), and b): IPs, STREPs
c): IP (up to one IP)
d): CSAs (up to one CSA per bullet point)
e): STREP (up to one STREP)
Relevant challenge: 1. Pervasive and Trusted Network and Service Infrastructures
Comments are closed