SlideShare una empresa de Scribd logo

Martine Lapierre - Security & Privacy trends for Urban & transport applications

ServiceWave 2010
ServiceWave 2010

Martine Lapierre - Security & Privacy trends for Urban & transport applications

1 de 16
Descargar para leer sin conexión
Security & Privacy trends for Urban & transport applications Martine Lapierre Vice President, Technical Director Defense & Security C4I Systems Division 23-27 November 2009 13-15 December 2010 ICSOC-ServiceWave 2009
Security and Privacy technologies A key element for urban multi-modal transportation 23-27 November 2009
Agenda • Future applications & services addressed • What Security & Privacy issues face this example? • Bringing FI PPP project into context • Approach toward Content Driven Security 23-27 November 2009
•Future Internet will enable the so called “Internet of Services”(IoS) •New trends pushed by end-users: •On demand intelligent/smart services •Service personalization •Increased QoS exigencies but also QoE (Quality of Experience!) •Respect of Users right (new legislation..) •Service provider in “Co-opetition” (collaboration and competition) •Urban applications may use this : e.g. Urban Multi-Modal Transportation •universally available geo-localisation •universally available mobile communications •fully individualized service offer •Technology enablers are there as well •Content-driven security and privacy enablers become reality 23-27 November 2009
Future Internet - Urban transport Application exemple • 17:11 : Bring me to my next meeting •Your contact is Daniel Gidoin From Thales •Verification of agendas •Calculation of both positions •Meeting point proposition •17h12 : Multi-Modal travel Proposition •Take Bus 126 in 4mn for 2 stops •Take shared car xwz4 at bus stop in 7 mn •Shared car will drop you at Velizy station in about 40 mn •Walk with gps to final destination (10mn) •Arrival around 18:07 23-27 November 2009
Future Internet - Urban transport Application exemple • 17:11 : Bring me to my next meeting •Your contact is Daniel Gidoin From Thales •Verification of agendas •Calculation of both positions •Meeting point proposition •17h12 : Multi-Modal travel Proposition •Take Bus 126 in 4mn for 2 stops •Take shared car xwz4 at bus stop in 7 mn •Shared car will drop you at Velizy station in about 40 mn •Walk with gps to final destination (10mn) •Arrival around 18:07 •Automatic Update •A Thales Employee declared a travel to Velizy •Calculating travel optimization •New arrival proposition 18:00 with direct car share •Accept to switch car •Travels achieved •Automatic Payment 23-27 November 2009
13-15 December 2010 ServiceWave 2010
Multimodal travel made easy, Itinerary updated in real time •Online services offer •a wide range of transports incl. walking •Customized : Emphasis is on QoS and QoE •shortest journey time and greatest convenience; • Or / And best cost (minimal); • Or /And greatest energy efficiency and reliability. •Applications stakeholders are: •multimodal travelers (any means to reach the target) •public and other collective transport operators •road operators and traffic managers •Taxis, private fleets, car rentals, and sharing drivers •The itinerary is continuously monitored in real-time and is adjusted whenever conditions or options change. • Various context-aware services are “pushed” to the traveler just when needed: •Monitoring, rentals, ticketless mobile fare payment… 23-27 November 2009
Efficient multimodal travel : issues •Challenges which apply •To propagate the geo-localisation information in a time compatible with real- time dynamic adaptation of multi-modal traveler : Localisation PRIVACY •To process the collected information fast enough (e.g. using cloud technology) in a context of massive simultaneous constrained and/or contradictory requests, keeping CUSTOMER DATA PRIVACY & INTEGRITY •To efficiently integrate user preferences and constraints so as to provide user acceptable multi-modal proposal in all situations • To ENSURE SAFETY of drivers & travellers as well as PAYMENT INTEGRITY & CERTIFICATES- allowing proportional automatic contribution to journey •(semi-)Automated and very effective negotiation functions between travelers and drivers based on CERTIFIED cross-rating of participant, including geo- localisation based rendez-vous (LOCATION ACCURACY & Perm. Of Service) As a resume, Security functions ensuring the safety of all participants through a careful set of preventive, en-route and forensics functions 23-27 November 2009
Security & privacy issues : more details • 17:11 : Bring me to my next meeting •Corporate data interaction •Mobile Identity •Your contact is Daniel Gidoin From Thales federation •Geo-localisation Privacy •Verification of agendas •Role Based Access •Calculation of both positions Control •Tier service activation •Meeting point proposition •17h12 : Multi-Modal travel Proposition •Anonymization of data •Take Bus 126 in 4mn for 2 stops before statistics •Customization based on private data (profile..) •Take shared car xwz4 at bus stop in 7 mn •Data lifecycle managed •Private travel data anonymi- •Shared car will drop you at Velizy station by the user sed for public traffic in about 40 mn •Sticky policies regulation •Walk with gps to final destination (10mn) •Security Video Recording •Arrival around 18:07 •Role-oriented data •Automatic Update usage control •Business Information •A Thales Employee declared a travel to •Accountability recording Velizy •Cyber Attack •Calculating travel optimization •realized service Certification •New arrival proposition 18:00 with direct •Claim based ID •Financial Data exchange car share •Content Driven •Accept to switch car Security •Travels achieved & Automatic Payment 23-27 November 2009
Security & privacy issues •Security and privacy issues and the consequences of the strong contextual information collected •Scalable and pervasive IPv6-based vehicle-to-vehicle (V2V) communications / Security Video - Mobile Network permanence of service •guarantee that the personal information provided by users will be processed in accordance with the user rights and requirements and would be erased afterwards •protect commercial required information in case of delegate partial execution to a third party service operated by another provider: •PAYMENT integrity and security • As a consequence : Content-driven security and privacy •Tag datum elements with dedicated security and privacy meta-information regarding traceability, propagation and divulgation. •Such meta-information propagated along with the datum elements •Technical and legal mechanism to guarantee the compliance of services with the usage requirements (also legislation and regulation which may apply) 23-27 November 2009
Bringing FI PPP project into context •Lot of expectations on this project … •Indeed as per FI PPP Call Objective 1.7 the Core Platform project will help •design, develop and implement a generic, trusted and open network and service Core Platform supporting generic enablers with standardized interfaces serving multiple use cases, and making use of and integrating advanced Internet features.” •Remember the aim to offer Core Platform functionalities that can be generically reused in multiple usage contexts to support "smart applications" of various natures there is no doubt that this project would make happen new usages in a broad range of application domains (e.g. Transport, Energy, …) •Among others this project will deliver the Generic Security services (e.g. IAM/AAA, Privacy, …) that will enable smart applications (e.g. Multimodal Transport) to happen and be widely adopted since generating the necessary Trust and Confidence people or organizations need to have it done. 23-27 November 2009
From Content Based to Content Driven Security: What Thales can contribute? •Content Based Security: Security attached to the data (structured or unstructured) •with fine-grained partitioning adapted to data owners requirements •with trust established between services providers •with trust established between services providers •With multi-level ciphering at the datum level •with traceability and accountability at each step Using open standards for ubiquitous protection and x-border interoperability 23-27 November 2009
Approach towards Content Driven security Example Claims name •As data travel across the Internet group age • It will pass through multiple services, processes and users • It must be protected from misuses, unauthorized disclosure and harmful aggregation Usage and travel constraints Data protection constraints Data element BANK PAYMENT Bank Clear text account # Amount to Cipher • Secure pay #1 Handshake • Never Propagate • Report at Account of Cipher Security information and requirements should receiver #2 each step travel along with data elements, to establish Content Driven Security in flexible and Bloc Signature virtualized environments. 23-27 November 2009
Content Driven access rule •CONFIA proposes a set of rules suitable for controlling the access • Grant rules: To provide the access to a user on an object according to some requirements (e.g. Conditions, obligations) •Derived rules: To propagate access to a user through the content and the kind of rights defined. •Forced rules: To solve any conflict between different accesses sharing user and object. •Non-vulnerability rules: To protect the whole content of a document of intrusion by a non- allowed access 23-27 November 2009
THANK YOU! ICSOC-ServiceWave 2009

Recomendados

Payment Hsm Payshield9000
Payment Hsm Payshield9000Payment Hsm Payshield9000
Payment Hsm Payshield9000Eugene Sushchenko
 
HSM Basic Training
HSM Basic TrainingHSM Basic Training
HSM Basic TrainingMd. Budrul Hasan Bhuiyan
 
Next level urban mobility steffen schaefer
Next level urban mobility steffen schaeferNext level urban mobility steffen schaefer
Next level urban mobility steffen schaeferSteffen Schaefer
 
Itswc17 steffen schaefer es03- urban mobility
Itswc17 steffen schaefer es03- urban mobilityItswc17 steffen schaefer es03- urban mobility
Itswc17 steffen schaefer es03- urban mobilitySteffen Schaefer
 
DorogaTV cloud fleet management
DorogaTV cloud fleet managementDorogaTV cloud fleet management
DorogaTV cloud fleet managementEvgeni
 
KPN & Dynniq - Case Study Talking Traffic Scaling Smart Mobility to a product...
KPN & Dynniq - Case Study Talking Traffic Scaling Smart Mobility to a product...KPN & Dynniq - Case Study Talking Traffic Scaling Smart Mobility to a product...
KPN & Dynniq - Case Study Talking Traffic Scaling Smart Mobility to a product...BigDataExpo
 
WebXpress enterprise mobility capability and solutions
WebXpress enterprise mobility capability and solutionsWebXpress enterprise mobility capability and solutions
WebXpress enterprise mobility capability and solutionsWebXpress.IN
 
i-TINS_overview
i-TINS_overviewi-TINS_overview
i-TINS_overviewGlenn Havinoviski
 

Más contenido relacionado

Similar a Martine Lapierre - Security & Privacy trends for Urban & transport applications

Future Mobility Day - URBANITE
Future Mobility Day - URBANITEFuture Mobility Day - URBANITE
Future Mobility Day - URBANITEURBANITEProject
 
Mobility Platforms: Lessons learnt from integrating mobility services from va...
Mobility Platforms: Lessons learnt from integrating mobility services from va...Mobility Platforms: Lessons learnt from integrating mobility services from va...
Mobility Platforms: Lessons learnt from integrating mobility services from va...Steffen Schaefer
 
WebXpress solutions TMS express cargo
WebXpress solutions TMS express cargoWebXpress solutions TMS express cargo
WebXpress solutions TMS express cargoWebXpress.IN
 
20171213 Future Internet: The forgotten Enabler for SmartCities
20171213 Future Internet: The forgotten Enabler for SmartCities20171213 Future Internet: The forgotten Enabler for SmartCities
20171213 Future Internet: The forgotten Enabler for SmartCitiesstefano de panfilis
 
WebXpress Transportation Management System (TMS) Solution
WebXpress Transportation Management System (TMS) SolutionWebXpress Transportation Management System (TMS) Solution
WebXpress Transportation Management System (TMS) SolutionWebXpress.IN
 
Fire Appliance Dynamic Mobilisation - Martin Collins
Fire Appliance Dynamic Mobilisation - Martin CollinsFire Appliance Dynamic Mobilisation - Martin Collins
Fire Appliance Dynamic Mobilisation - Martin Collinsgrhodes05
 
Equinix peering location matters 2016_feb_24
Equinix peering location matters 2016_feb_24Equinix peering location matters 2016_feb_24
Equinix peering location matters 2016_feb_24EquinixUK
 
Shared. Connected. Sustainable.
Shared. Connected. Sustainable.Shared. Connected. Sustainable.
Shared. Connected. Sustainable.RPO America
 
Smart Work Zones – New ways of communicating with road users and managing wor...
Smart Work Zones – New ways of communicating with road users and managing wor...Smart Work Zones – New ways of communicating with road users and managing wor...
Smart Work Zones – New ways of communicating with road users and managing wor...JumpingJaq
 
Making of MaaS - AWS meetup Stockholm 2016-08
Making of MaaS - AWS meetup Stockholm 2016-08Making of MaaS - AWS meetup Stockholm 2016-08
Making of MaaS - AWS meetup Stockholm 2016-08Sami Pippuri
 
Collision_Avoidance_in_VANETs_Grp5_Topic.ppt
Collision_Avoidance_in_VANETs_Grp5_Topic.pptCollision_Avoidance_in_VANETs_Grp5_Topic.ppt
Collision_Avoidance_in_VANETs_Grp5_Topic.pptMohammedThanishA
 
Building multi-services in personal mobile devices based on partially trusted...
Building multi-services in personal mobile devices based on partially trusted...Building multi-services in personal mobile devices based on partially trusted...
Building multi-services in personal mobile devices based on partially trusted...Miguel Pardal
 
Firetide Mesh Node Mobility Overview
Firetide Mesh Node Mobility OverviewFiretide Mesh Node Mobility Overview
Firetide Mesh Node Mobility OverviewPaul Richards
 
Messaging solutions for logistic companies and 3PL
Messaging solutions for logistic companies and 3PLMessaging solutions for logistic companies and 3PL
Messaging solutions for logistic companies and 3PLMDK Labs GmbH
 

Similar a Martine Lapierre - Security & Privacy trends for Urban & transport applications (20)

SMARTIE
SMARTIESMARTIE
SMARTIE
 
Future Mobility Day - URBANITE
Future Mobility Day - URBANITEFuture Mobility Day - URBANITE
Future Mobility Day - URBANITE
 
Mobility Platforms: Lessons learnt from integrating mobility services from va...
Mobility Platforms: Lessons learnt from integrating mobility services from va...Mobility Platforms: Lessons learnt from integrating mobility services from va...
Mobility Platforms: Lessons learnt from integrating mobility services from va...
 
WebXpress solutions TMS express cargo
WebXpress solutions TMS express cargoWebXpress solutions TMS express cargo
WebXpress solutions TMS express cargo
 
20171213 Future Internet: The forgotten Enabler for SmartCities
20171213 Future Internet: The forgotten Enabler for SmartCities20171213 Future Internet: The forgotten Enabler for SmartCities
20171213 Future Internet: The forgotten Enabler for SmartCities
 
WebXpress Transportation Management System (TMS) Solution
WebXpress Transportation Management System (TMS) SolutionWebXpress Transportation Management System (TMS) Solution
WebXpress Transportation Management System (TMS) Solution
 
Fire Appliance Dynamic Mobilisation - Martin Collins
Fire Appliance Dynamic Mobilisation - Martin CollinsFire Appliance Dynamic Mobilisation - Martin Collins
Fire Appliance Dynamic Mobilisation - Martin Collins
 
Equinix peering location matters 2016_feb_24
Equinix peering location matters 2016_feb_24Equinix peering location matters 2016_feb_24
Equinix peering location matters 2016_feb_24
 
Vanet ppt
Vanet pptVanet ppt
Vanet ppt
 
Vehicular Networks
Vehicular NetworksVehicular Networks
Vehicular Networks
 
Smart Mobility
Smart MobilitySmart Mobility
Smart Mobility
 
Smart Mobility
Smart MobilitySmart Mobility
Smart Mobility
 
Shared. Connected. Sustainable.
Shared. Connected. Sustainable.Shared. Connected. Sustainable.
Shared. Connected. Sustainable.
 
Smart Work Zones – New ways of communicating with road users and managing wor...
Smart Work Zones – New ways of communicating with road users and managing wor...Smart Work Zones – New ways of communicating with road users and managing wor...
Smart Work Zones – New ways of communicating with road users and managing wor...
 
Making of MaaS - AWS meetup Stockholm 2016-08
Making of MaaS - AWS meetup Stockholm 2016-08Making of MaaS - AWS meetup Stockholm 2016-08
Making of MaaS - AWS meetup Stockholm 2016-08
 
Collision_Avoidance_in_VANETs_Grp5_Topic.ppt
Collision_Avoidance_in_VANETs_Grp5_Topic.pptCollision_Avoidance_in_VANETs_Grp5_Topic.ppt
Collision_Avoidance_in_VANETs_Grp5_Topic.ppt
 
Brubaker2
Brubaker2Brubaker2
Brubaker2
 
Building multi-services in personal mobile devices based on partially trusted...
Building multi-services in personal mobile devices based on partially trusted...Building multi-services in personal mobile devices based on partially trusted...
Building multi-services in personal mobile devices based on partially trusted...
 
Firetide Mesh Node Mobility Overview
Firetide Mesh Node Mobility OverviewFiretide Mesh Node Mobility Overview
Firetide Mesh Node Mobility Overview
 
Messaging solutions for logistic companies and 3PL
Messaging solutions for logistic companies and 3PLMessaging solutions for logistic companies and 3PL
Messaging solutions for logistic companies and 3PL
 

Más de ServiceWave 2010

Massonet Philippe Panel - Security in the clouds: An Academic Perspective
Massonet Philippe Panel - Security in the clouds: An Academic PerspectiveMassonet Philippe Panel - Security in the clouds: An Academic Perspective
Massonet Philippe Panel - Security in the clouds: An Academic PerspectiveServiceWave 2010
 
Rainer Zimmermann (European Commission): The role of the European Commission ...
Rainer Zimmermann (European Commission): The role of the European Commission ...Rainer Zimmermann (European Commission): The role of the European Commission ...
Rainer Zimmermann (European Commission): The role of the European Commission ...ServiceWave 2010
 
Usman Wajid: Service-based Application Development by Ordinary End Users and ...
Usman Wajid: Service-based Application Development by Ordinary End Users and ...Usman Wajid: Service-based Application Development by Ordinary End Users and ...
Usman Wajid: Service-based Application Development by Ordinary End Users and ...ServiceWave 2010
 
D. Meiländer, S. Gorlatch, C. Cappiello, V. Mazza, R. Kazhamiakin, and A. Buc...
D. Meiländer, S. Gorlatch, C. Cappiello, V. Mazza, R. Kazhamiakin, and A. Buc...D. Meiländer, S. Gorlatch, C. Cappiello, V. Mazza, R. Kazhamiakin, and A. Buc...
D. Meiländer, S. Gorlatch, C. Cappiello, V. Mazza, R. Kazhamiakin, and A. Buc...ServiceWave 2010
 
Maryam Razavian: A Frame of Reference for SOA Migration
Maryam Razavian: A Frame of Reference for SOA MigrationMaryam Razavian: A Frame of Reference for SOA Migration
Maryam Razavian: A Frame of Reference for SOA MigrationServiceWave 2010
 
Security in the Clouds Panel Chair: Mike Surridge
Security in the Clouds Panel Chair: Mike SurridgeSecurity in the Clouds Panel Chair: Mike Surridge
Security in the Clouds Panel Chair: Mike SurridgeServiceWave 2010
 
Martine Lapierre - Security in Cloud computing: sharing more than resources
Martine Lapierre - Security in Cloud computing: sharing more than resourcesMartine Lapierre - Security in Cloud computing: sharing more than resources
Martine Lapierre - Security in Cloud computing: sharing more than resourcesServiceWave 2010
 
Chen Wang, Pazat, Di Napoli, Giordano: A Chemical Based Middleware for Workf...
Chen Wang, Pazat, Di Napoli, Giordano: A Chemical Based Middleware for Workf...Chen Wang, Pazat, Di Napoli, Giordano: A Chemical Based Middleware for Workf...
Chen Wang, Pazat, Di Napoli, Giordano: A Chemical Based Middleware for Workf...ServiceWave 2010
 
Pablo Chacin (Polytechnic University of Catalonia, Spain): Utility Driven Ser...
Pablo Chacin (Polytechnic University of Catalonia, Spain): Utility Driven Ser...Pablo Chacin (Polytechnic University of Catalonia, Spain): Utility Driven Ser...
Pablo Chacin (Polytechnic University of Catalonia, Spain): Utility Driven Ser...ServiceWave 2010
 
Roman Khazankin (Vienna University of Technology): Providence: A Framework fo...
Roman Khazankin (Vienna University of Technology): Providence: A Framework fo...Roman Khazankin (Vienna University of Technology): Providence: A Framework fo...
Roman Khazankin (Vienna University of Technology): Providence: A Framework fo...ServiceWave 2010
 
Maurer, Sakellariou, Brandic : Simulating Autonomic SLA Enactment in Clouds u...
Maurer, Sakellariou, Brandic : Simulating Autonomic SLA Enactment in Clouds u...Maurer, Sakellariou, Brandic : Simulating Autonomic SLA Enactment in Clouds u...
Maurer, Sakellariou, Brandic : Simulating Autonomic SLA Enactment in Clouds u...ServiceWave 2010
 
Andreas Wolke: TwoSpot. A Cloud Platform for Scaling out Web Applications dyn...
Andreas Wolke: TwoSpot. A Cloud Platform for Scaling out Web Applications dyn...Andreas Wolke: TwoSpot. A Cloud Platform for Scaling out Web Applications dyn...
Andreas Wolke: TwoSpot. A Cloud Platform for Scaling out Web Applications dyn...ServiceWave 2010
 
Scott Kirkpatrick (Hebrew University): OneLab: Federation and Testbeds
Scott Kirkpatrick (Hebrew University): OneLab: Federation and TestbedsScott Kirkpatrick (Hebrew University): OneLab: Federation and Testbeds
Scott Kirkpatrick (Hebrew University): OneLab: Federation and TestbedsServiceWave 2010
 
Jacques Magen (FIRESTATION): Testbeds for Service Deployment. FIRESTATION’s v...
Jacques Magen (FIRESTATION): Testbeds for Service Deployment. FIRESTATION’s v...Jacques Magen (FIRESTATION): Testbeds for Service Deployment. FIRESTATION’s v...
Jacques Magen (FIRESTATION): Testbeds for Service Deployment. FIRESTATION’s v...ServiceWave 2010
 
Orestis Terzidis - Taking the Internet of Services to the Next Level
Orestis Terzidis - Taking the Internet of Services to the Next LevelOrestis Terzidis - Taking the Internet of Services to the Next Level
Orestis Terzidis - Taking the Internet of Services to the Next LevelServiceWave 2010
 
Mário Campolargo - Services and clouds as cornerstones of the Digital Agenda
Mário Campolargo - Services and clouds as cornerstones of the Digital AgendaMário Campolargo - Services and clouds as cornerstones of the Digital Agenda
Mário Campolargo - Services and clouds as cornerstones of the Digital AgendaServiceWave 2010
 

Más de ServiceWave 2010 (20)

03 v pevtschin
03 v pevtschin03 v pevtschin
03 v pevtschin
 
03 v pevtschin
03 v pevtschin03 v pevtschin
03 v pevtschin
 
Massonet Philippe Panel - Security in the clouds: An Academic Perspective
Massonet Philippe Panel - Security in the clouds: An Academic PerspectiveMassonet Philippe Panel - Security in the clouds: An Academic Perspective
Massonet Philippe Panel - Security in the clouds: An Academic Perspective
 
Rainer Zimmermann (European Commission): The role of the European Commission ...
Rainer Zimmermann (European Commission): The role of the European Commission ...Rainer Zimmermann (European Commission): The role of the European Commission ...
Rainer Zimmermann (European Commission): The role of the European Commission ...
 
Usman Wajid: Service-based Application Development by Ordinary End Users and ...
Usman Wajid: Service-based Application Development by Ordinary End Users and ...Usman Wajid: Service-based Application Development by Ordinary End Users and ...
Usman Wajid: Service-based Application Development by Ordinary End Users and ...
 
D. Meiländer, S. Gorlatch, C. Cappiello, V. Mazza, R. Kazhamiakin, and A. Buc...
D. Meiländer, S. Gorlatch, C. Cappiello, V. Mazza, R. Kazhamiakin, and A. Buc...D. Meiländer, S. Gorlatch, C. Cappiello, V. Mazza, R. Kazhamiakin, and A. Buc...
D. Meiländer, S. Gorlatch, C. Cappiello, V. Mazza, R. Kazhamiakin, and A. Buc...
 
Maryam Razavian: A Frame of Reference for SOA Migration
Maryam Razavian: A Frame of Reference for SOA MigrationMaryam Razavian: A Frame of Reference for SOA Migration
Maryam Razavian: A Frame of Reference for SOA Migration
 
Security in the Clouds Panel Chair: Mike Surridge
Security in the Clouds Panel Chair: Mike SurridgeSecurity in the Clouds Panel Chair: Mike Surridge
Security in the Clouds Panel Chair: Mike Surridge
 
Martine Lapierre - Security in Cloud computing: sharing more than resources
Martine Lapierre - Security in Cloud computing: sharing more than resourcesMartine Lapierre - Security in Cloud computing: sharing more than resources
Martine Lapierre - Security in Cloud computing: sharing more than resources
 
Chen Wang, Pazat, Di Napoli, Giordano: A Chemical Based Middleware for Workf...
Chen Wang, Pazat, Di Napoli, Giordano: A Chemical Based Middleware for Workf...Chen Wang, Pazat, Di Napoli, Giordano: A Chemical Based Middleware for Workf...
Chen Wang, Pazat, Di Napoli, Giordano: A Chemical Based Middleware for Workf...
 
Pablo Chacin (Polytechnic University of Catalonia, Spain): Utility Driven Ser...
Pablo Chacin (Polytechnic University of Catalonia, Spain): Utility Driven Ser...Pablo Chacin (Polytechnic University of Catalonia, Spain): Utility Driven Ser...
Pablo Chacin (Polytechnic University of Catalonia, Spain): Utility Driven Ser...
 
Roman Khazankin (Vienna University of Technology): Providence: A Framework fo...
Roman Khazankin (Vienna University of Technology): Providence: A Framework fo...Roman Khazankin (Vienna University of Technology): Providence: A Framework fo...
Roman Khazankin (Vienna University of Technology): Providence: A Framework fo...
 
Maurer, Sakellariou, Brandic : Simulating Autonomic SLA Enactment in Clouds u...
Maurer, Sakellariou, Brandic : Simulating Autonomic SLA Enactment in Clouds u...Maurer, Sakellariou, Brandic : Simulating Autonomic SLA Enactment in Clouds u...
Maurer, Sakellariou, Brandic : Simulating Autonomic SLA Enactment in Clouds u...
 
Andreas Wolke: TwoSpot. A Cloud Platform for Scaling out Web Applications dyn...
Andreas Wolke: TwoSpot. A Cloud Platform for Scaling out Web Applications dyn...Andreas Wolke: TwoSpot. A Cloud Platform for Scaling out Web Applications dyn...
Andreas Wolke: TwoSpot. A Cloud Platform for Scaling out Web Applications dyn...
 
Scott Kirkpatrick (Hebrew University): OneLab: Federation and Testbeds
Scott Kirkpatrick (Hebrew University): OneLab: Federation and TestbedsScott Kirkpatrick (Hebrew University): OneLab: Federation and Testbeds
Scott Kirkpatrick (Hebrew University): OneLab: Federation and Testbeds
 
Jacques Magen (FIRESTATION): Testbeds for Service Deployment. FIRESTATION’s v...
Jacques Magen (FIRESTATION): Testbeds for Service Deployment. FIRESTATION’s v...Jacques Magen (FIRESTATION): Testbeds for Service Deployment. FIRESTATION’s v...
Jacques Magen (FIRESTATION): Testbeds for Service Deployment. FIRESTATION’s v...
 
1 sw2010 testbeds-panel
1 sw2010 testbeds-panel1 sw2010 testbeds-panel
1 sw2010 testbeds-panel
 
Orestis Terzidis - Taking the Internet of Services to the Next Level
Orestis Terzidis - Taking the Internet of Services to the Next LevelOrestis Terzidis - Taking the Internet of Services to the Next Level
Orestis Terzidis - Taking the Internet of Services to the Next Level
 
Mário Campolargo - Services and clouds as cornerstones of the Digital Agenda
Mário Campolargo - Services and clouds as cornerstones of the Digital AgendaMário Campolargo - Services and clouds as cornerstones of the Digital Agenda
Mário Campolargo - Services and clouds as cornerstones of the Digital Agenda
 
Fire Demos
Fire DemosFire Demos
Fire Demos
 

Martine Lapierre - Security & Privacy trends for Urban & transport applications

  • 1. Security & Privacy trends for Urban & transport applications Martine Lapierre Vice President, Technical Director Defense & Security C4I Systems Division 23-27 November 2009 13-15 December 2010 ICSOC-ServiceWave 2009
  • 2. Security and Privacy technologies A key element for urban multi-modal transportation 23-27 November 2009
  • 3. Agenda • Future applications & services addressed • What Security & Privacy issues face this example? • Bringing FI PPP project into context • Approach toward Content Driven Security 23-27 November 2009
  • 4. •Future Internet will enable the so called “Internet of Services”(IoS) •New trends pushed by end-users: •On demand intelligent/smart services •Service personalization •Increased QoS exigencies but also QoE (Quality of Experience!) •Respect of Users right (new legislation..) •Service provider in “Co-opetition” (collaboration and competition) •Urban applications may use this : e.g. Urban Multi-Modal Transportation •universally available geo-localisation •universally available mobile communications •fully individualized service offer •Technology enablers are there as well •Content-driven security and privacy enablers become reality 23-27 November 2009
  • 5. Future Internet - Urban transport Application exemple • 17:11 : Bring me to my next meeting •Your contact is Daniel Gidoin From Thales •Verification of agendas •Calculation of both positions •Meeting point proposition •17h12 : Multi-Modal travel Proposition •Take Bus 126 in 4mn for 2 stops •Take shared car xwz4 at bus stop in 7 mn •Shared car will drop you at Velizy station in about 40 mn •Walk with gps to final destination (10mn) •Arrival around 18:07 23-27 November 2009
  • 6. Future Internet - Urban transport Application exemple • 17:11 : Bring me to my next meeting •Your contact is Daniel Gidoin From Thales •Verification of agendas •Calculation of both positions •Meeting point proposition •17h12 : Multi-Modal travel Proposition •Take Bus 126 in 4mn for 2 stops •Take shared car xwz4 at bus stop in 7 mn •Shared car will drop you at Velizy station in about 40 mn •Walk with gps to final destination (10mn) •Arrival around 18:07 •Automatic Update •A Thales Employee declared a travel to Velizy •Calculating travel optimization •New arrival proposition 18:00 with direct car share •Accept to switch car •Travels achieved •Automatic Payment 23-27 November 2009
  • 7. 13-15 December 2010 ServiceWave 2010
  • 8. Multimodal travel made easy, Itinerary updated in real time •Online services offer •a wide range of transports incl. walking •Customized : Emphasis is on QoS and QoE •shortest journey time and greatest convenience; • Or / And best cost (minimal); • Or /And greatest energy efficiency and reliability. •Applications stakeholders are: •multimodal travelers (any means to reach the target) •public and other collective transport operators •road operators and traffic managers •Taxis, private fleets, car rentals, and sharing drivers •The itinerary is continuously monitored in real-time and is adjusted whenever conditions or options change. • Various context-aware services are “pushed” to the traveler just when needed: •Monitoring, rentals, ticketless mobile fare payment… 23-27 November 2009
  • 9. Efficient multimodal travel : issues •Challenges which apply •To propagate the geo-localisation information in a time compatible with real- time dynamic adaptation of multi-modal traveler : Localisation PRIVACY •To process the collected information fast enough (e.g. using cloud technology) in a context of massive simultaneous constrained and/or contradictory requests, keeping CUSTOMER DATA PRIVACY & INTEGRITY •To efficiently integrate user preferences and constraints so as to provide user acceptable multi-modal proposal in all situations • To ENSURE SAFETY of drivers & travellers as well as PAYMENT INTEGRITY & CERTIFICATES- allowing proportional automatic contribution to journey •(semi-)Automated and very effective negotiation functions between travelers and drivers based on CERTIFIED cross-rating of participant, including geo- localisation based rendez-vous (LOCATION ACCURACY & Perm. Of Service) As a resume, Security functions ensuring the safety of all participants through a careful set of preventive, en-route and forensics functions 23-27 November 2009
  • 10. Security & privacy issues : more details • 17:11 : Bring me to my next meeting •Corporate data interaction •Mobile Identity •Your contact is Daniel Gidoin From Thales federation •Geo-localisation Privacy •Verification of agendas •Role Based Access •Calculation of both positions Control •Tier service activation •Meeting point proposition •17h12 : Multi-Modal travel Proposition •Anonymization of data •Take Bus 126 in 4mn for 2 stops before statistics •Customization based on private data (profile..) •Take shared car xwz4 at bus stop in 7 mn •Data lifecycle managed •Private travel data anonymi- •Shared car will drop you at Velizy station by the user sed for public traffic in about 40 mn •Sticky policies regulation •Walk with gps to final destination (10mn) •Security Video Recording •Arrival around 18:07 •Role-oriented data •Automatic Update usage control •Business Information •A Thales Employee declared a travel to •Accountability recording Velizy •Cyber Attack •Calculating travel optimization •realized service Certification •New arrival proposition 18:00 with direct •Claim based ID •Financial Data exchange car share •Content Driven •Accept to switch car Security •Travels achieved & Automatic Payment 23-27 November 2009
  • 11. Security & privacy issues •Security and privacy issues and the consequences of the strong contextual information collected •Scalable and pervasive IPv6-based vehicle-to-vehicle (V2V) communications / Security Video - Mobile Network permanence of service •guarantee that the personal information provided by users will be processed in accordance with the user rights and requirements and would be erased afterwards •protect commercial required information in case of delegate partial execution to a third party service operated by another provider: •PAYMENT integrity and security • As a consequence : Content-driven security and privacy •Tag datum elements with dedicated security and privacy meta-information regarding traceability, propagation and divulgation. •Such meta-information propagated along with the datum elements •Technical and legal mechanism to guarantee the compliance of services with the usage requirements (also legislation and regulation which may apply) 23-27 November 2009
  • 12. Bringing FI PPP project into context •Lot of expectations on this project … •Indeed as per FI PPP Call Objective 1.7 the Core Platform project will help •design, develop and implement a generic, trusted and open network and service Core Platform supporting generic enablers with standardized interfaces serving multiple use cases, and making use of and integrating advanced Internet features.” •Remember the aim to offer Core Platform functionalities that can be generically reused in multiple usage contexts to support "smart applications" of various natures there is no doubt that this project would make happen new usages in a broad range of application domains (e.g. Transport, Energy, …) •Among others this project will deliver the Generic Security services (e.g. IAM/AAA, Privacy, …) that will enable smart applications (e.g. Multimodal Transport) to happen and be widely adopted since generating the necessary Trust and Confidence people or organizations need to have it done. 23-27 November 2009
  • 13. From Content Based to Content Driven Security: What Thales can contribute? •Content Based Security: Security attached to the data (structured or unstructured) •with fine-grained partitioning adapted to data owners requirements •with trust established between services providers •with trust established between services providers •With multi-level ciphering at the datum level •with traceability and accountability at each step Using open standards for ubiquitous protection and x-border interoperability 23-27 November 2009
  • 14. Approach towards Content Driven security Example Claims name •As data travel across the Internet group age • It will pass through multiple services, processes and users • It must be protected from misuses, unauthorized disclosure and harmful aggregation Usage and travel constraints Data protection constraints Data element BANK PAYMENT Bank Clear text account # Amount to Cipher • Secure pay #1 Handshake • Never Propagate • Report at Account of Cipher Security information and requirements should receiver #2 each step travel along with data elements, to establish Content Driven Security in flexible and Bloc Signature virtualized environments. 23-27 November 2009
  • 15. Content Driven access rule •CONFIA proposes a set of rules suitable for controlling the access • Grant rules: To provide the access to a user on an object according to some requirements (e.g. Conditions, obligations) •Derived rules: To propagate access to a user through the content and the kind of rights defined. •Forced rules: To solve any conflict between different accesses sharing user and object. •Non-vulnerability rules: To protect the whole content of a document of intrusion by a non- allowed access 23-27 November 2009