Navigation path

Countries


This page was published on 08/12/2005
Published: 08/12/2005

   Headlines

Published: 8 December 2005  
Related category(ies):
Information society  |  Research policy

 

Add to PDF "basket"

Framework for beating cyber-fiends

IT companies have pumped millions of euros into finding a robust digital security solution for an increasingly web-weary world. But high-level breaches are still common, viruses are ever lurking and e-commerce is still waiting for an all-purpose digital cure. One EU-funded project, called SEINIT is keen to meet these demands by creating a virtual security framework independent of both devices and the networks they use.

Guaranteeing eSecurity no matter what device or software. © PhotoDisc
Guaranteeing eSecurity no matter what device or software.
© PhotoDisc
SEINIT, the Security Experts Initiative, offers the promise of seamless security regardless of hardware, software or access protocol. This means it could work with mobile phones, bluetooth, WiFi, ethernet or broadband connection. And the two-year Sixth Framework Programme (FP6) project found a solution for providing pervasive security without sacrificing privacy, according to a recent IST Results report.

SEINIT created a framework for security that negotiates between users and the service they are trying to access. ”We set ourselves the almost paradoxical goal of reconciling security and freedom,” says Andre Cotton, coordinator of the SEINIT project and Head of the Advanced Information Technologies Laboratory at Thales Communication in France.

Setting up secure connections can be difficult for several reasons. Sometimes the device – for example, a PDA – cannot cope with the protocols required, or the user is not willing to divulge a vital piece of information to complete the secure connection. With SEINIT's solution, users decide at the beginning what level of information they want to reveal to the service. The framework then negotiates with the service and applies the appropriate security component or protocol.

A security framework
Cotton offers the example of trying to access a bank account without disclosing the user's name or identifier. “In this case, the framework alerts the user that the connection is not possible, and suggests alternatives,” he told IST Results. Control of privacy is left with the user while the framework applies the appropriate level of security.

Deploying a system like this means that security is by its very nature both hardware and software independent. It is governed by a framework instead of a particular piece of encryption or a programme. What's more, SEINIT designed the framework security protocols and technologies as components. This means when new security components or technologies emerge, they can be added to the framework.

The project team are finalising a demonstrator for the framework on Windows and the popular Unix system Linux and across Local Area Networks (LANs), internet, and wireless networks. “But the framework has a small footprint and, as of right now, it could be implemented in a mobile phone. We simply want to demonstrate the principle,” explains Cotton.

The next stage is to develop a user interface. A separate EU project, called DISCREET, which is due to start in January 2006, will carry out this work, according to IST Results. “If we had the capability for any platform – hard or soft – to be involved in a security agreement with any requirement and standard, it would truly unlock the potential and promise of the information age," concludes Cotton.

European Commission, IST Results

Convert article(s) to PDF

No article selected


loading


Search articles

Notes:
To restrict search results to articles in the Information Centre, i.e. this site, use this search box rather than the one at the top of the page.

After searching, you can expand the results to include the whole Research and Innovation web site, or another section of it, or all Europa, afterwards without searching again.

Please note that new content may take a few days to be indexed by the search engine and therefore to appear in the results.

Print Version
Share this article
See also

SEINIT fact sheet (on CORDIS)

IST Results

eSecurity News (IDABC on Europa)

eSecurity and eEurope 2005 (Information Society DG on Europa)

Sixth Framework Programme (on Europa)


Contacts
Research Contacts page
  Top   Research Information Center
 
Countries