Diapositive 1

1
French (Network) Security Research Activities
Serge Fdida University Paris 6
CNRS Contributions from Michel Riguidel
(ENST) French/Japanese Joint Symposium on
Computer Security Tokyo September 2005
2
Background

• Research activity on Security in France was quite
  fragmented
• Some strong communities
• Cryptography (Research Action ACI)
• Proof Formal methods
• Dependability, Reliability
• Industrial / Gov interests
• Limited public funding
• Security (at large) not recognized as a noble
  area and found to be limited in scope!
• Lack of programs in Education

3
Background (2)

• Security is multidisciplinary,
• Incentives to bring researchers into this area
• Expose this area as a priority
• Initiatives launched in 2003
• ACI (Joint Incitative Research Action) Ministry
  of Research/INRIA/CNRS
• Head by Claude Kirchner
• RNRT (National Research Network in
  Telecommunications) special focus
• Monitored by Michel Riguidel (ENST)
• Strong link with Europe IST FPs
• STIC/Asia Program
• Expert Committee on Security at CNRS

4
Security Targets

• Homeland (Defense)
• Critical Infrastructures (semi public, semi
  private)
• Trust to fight against cyber terrorism, strong
  cybercriminality
• Safety, Security, Dependability
• Crisis management, public awareness
• Resilience
• Cybersecurity (public, private)
• Trust to fight against hackers, cybercriminality,
  espionage, etc
• Security, Dependability
• Privacy
• Resilience

5
Emergence of new security challenges

• Critical infrastructure protection
• Large scale complex systems (ICT physical
  infrastructure) with interdependencies
  Electricity power, water supply, networks, etc
• We need robust and resilient infrastructures to
  reduce vulnerabilities
• Security of Smart spaces or Ambient Intelligence
• Pervasive and ubiquitous computing
• Electronic devices, sensors disseminated, not
  supervised
• We need to introduce ambient security
• Global Localization Information, Global
  Identification

6
Emergence of new security challenges (2)

• Networked communication systems (self-x
  architectures)
• Self organizing networks, architectures of
  Internet caches mirrors, DNS-Sec,
• Self healing architecture, privacy in mobile
  networks
• Grid security
• Reconfigurable distributed organization to
  provide a service
• Spontaneous real time organization
• We need
• To secure the grid (components infrastructure)
• To be protected from malicious grids (ethical
  computations)
• Content protection
• Video distribution, DRM,
• Require
• Fundamental research
• Application Test-Beds (measurement, honeyspots,
  )

7
RNRT Security Call For Projects in 2005
http//www.telecom.gouv.fr/rnrt/index.htm
8
RNRT

• Created in 1998
• Fund 212 projects, 200 M, Cost 440 M
• Funding to launch calls in the area of
  Telecommunications and Networking
• Joint projects Industry, Academia, SMEs
• Budget of about 30Me for 2005
• Peer with RNTL (Software), RIAM (Multimedia)
• Linked with ARA SIASE (C. Kirchner)

9
Security (1)

• The 2005 Call for Projects addresses the new
  practices modern approaches in Security
• Security of software Content Distribution
• Digital Rights Management, Intellectual Property
  Rights,
• Security of New Architectures Paradigms
• Grids, P2P, Ad-hoc,
• Just-in-Time Security
• Downloading patches, weekly or daily Software
  upgrades, reconfigurability
• Security Crisis Management

10
Security (2)

• The Call for Projects is focused on security of
  Complex Systems or Infrastructures
• With heterogeneous technologies
• Taking into account non functional properties
  (mobility, interoperability, flexibility, )
• Infrastructures, Networks, Very Large Information
  Systems
• Networks Information Systems (enterprise,
  personal)
• Multimedia Content

11
Security (3)

• IT networks
• Internet, WiFi, Enterprise LANs, Bluetooth, RFId,
  Sensors,
• Telecom Infrastructures
• Satellites constellations, telecom networks,
  mobile networks (GSM, GPRS, UMTS, WiMax)
• Broadcast networks (TV, Radio)
• Content protection, digital movies (trust
  digital chain)
• Information Systems
• Government, Enterprise, Home Personal Networks

12
Security (4)

• Security Functions point of view
• Identity of a physical person
• biometry, with trusted personal entity smart
  cards, etc
• Authentication
• with digital signature, labeling or watermarking
• Audit
• facts accountability, personal accountability,
  traceability
• Management of rights, privilege, etc
• Authorizations
• with security policy
• Security Management
• tools administration, overall assessment of the
  security assurance level

 
13
ARA SIASE

• Follow-on of the ACI Security
• Presentation by Claude Kirchner

14
Europe

• National / European projects
• French academic Industry are largely involved
• Integrated Projects
• Networks of Excellence
• STREPs
• Security in FP6
• Security in FP7

15
Security in FP6with France participation
16
Europe FP6 some examples

• NoE FP6 - ECRYPT Cryptography, J Stern (LIENS).
  INRIA.
• IP FP6 - SEINIT Network Security. M Riguidel
  (LTCI) head of the project
• IP FP6 - SECOQC Quanta cryptography. Philippe
  Grangier (CNRS, Laboratoire C Fabry de lInstitut
  dOptique) and M Riguidel involved
• IP FP6 - PRIME Privacy (Privacy) and Identity
  management. Y Deswarte (CNRS) and R Molva (GET)
  involved.
• IP FP6 - e-JUSTICE Common secured exchange
  platform for administrative information's. R
  Molva (GET).
• IP FP6 INSPIRED  Personal data authentication.
  INRIA involved.
• NoE FP6 Biosecure  Biometry (GET).

17
e-JUSTICE Towards a global security and
visibility framework for Justice in Europe

• To define, develop, teach, test and prepare the
  deployment of a complete and innovative system to
  improve security of the communities and the
  privacy of the bearers, and to provide
  interoperable keys to digital information.
• Research on security will focus on smart
  identity cards, on-chip combined biometrics,
  cryptography and PKI interoperability, and rights
  management.
• Eurecom, Thales, Greffe Tribunal Paris

18
INSPIRED Integrated Secure Platform for
Interactive Personal Devices

• To specify and develop a new generation of secure
  portable devices called Trusted Personal Device
  (TPD), addressing the main requirements for trust
  and security of the information society
• The TPD technology can provide devices that will
  combine a fully integrated security architecture
  (HW, SW, OS, communications) with
  ultra-portability, low-cost, and advanced
  networking and mobile communication features.
• INRIA, Gemplus, Schlumberger,

19
PRIME Privacy and Identity Management for Europe

• To research and develop approaches and solutions
  for privacy-enhancing identity management,
• The project will address foundational
  technologies (human-computer interface,
  ontologies, authorisation, cryptology), assurance
  and trust, and architectures.
• Application scenarios, including on-line
  healthcare systems, location based services,
  privacy preserving customer databases, anonymous
  access to infrastructure for mobile workers,
  privacy enhancing ambient intelligence.
• IBM fr, LAAS-CNRS, Eurecom

20
s-BORDER Privacy respectful and threat tuneable
traveller smart monitoring system

• To promote the early adoption of Automated Travel
  Document Control and Risk Assessment systems
  during the various phases of the travel,
  including the border control,
• Technologies such as advanced biometrics,
  contactless chip circuits, digital certificates
  and scoring systems to both automate the flow of
  no-risk passengers and allow detecting potential
  risky ones,
• France Telecom, Gemplus, Sagem

21
SECOQC Development of a Global Network for
Secure Communication based on Quantum Cryptography

• To specify, design and validate the feasibility
  of an open Quantum Key Distribution (QKD)
  infrastructure dedicated to secure communication
  as well as to fully develop the basic enabling
  technology.
• The ST objectives are to design physical
  devices ready to allow applicable Quantum Key
  Distribution
• University Nice, Thales, Laboratoire dOptique,
  ENST

22
SEINIT Security Expert INITiative

• To ensure a trusted and dependable security
  framework, ubiquitous, working across multiple
  devices, heterogeneous networks, being
  organization independent (interoperable) and
  centered on the ambient intelligence around an
  end-user.
• The project will explore new security models and
  build the architecture and components to address
  the nomadic, pervasive, multi-players
  communicating world (IPv6)
• Thales, ENST, 6Wind

23
ECRYPT European Network of Excellence in
Cryptology

• To ensure a durable integration of European
  research in both academia and industry and to
  maintain and strengthen the European excellence
  in these areas.
• 35 leading players will integrate their research
  capabilities within 5 virtual labs focused on
  symmetric key algorithms, public key algorithms,
  protocols, implementation, watermarking. These
  labs will advance the state of the art in their
  domains and develop common tools,
• ENS, Gemplus, Cryptolog, CNRS

24
Security in FP7

• A proposal for Strategic Objectives of the FP7
  embracing all the security paradigms of the past
  30 yrs and the next 10 years
• Security, Trust Dependability of
• the new pervasive digital landscape ambient
  intelligence
• Infrastructures of the digital urbanization
• Interdependencies, survivability, robustness,
  resilience, maintenance of trust
• Massive passive and low-energy wireless
  autonomous computers (RFIds, etc)
• Peer to peer and new spontaneous architectures
  (grids)
• Security of distributed virtual operating systems
• embedded systems end-user terminals
• Security of hardware (smart cards, low energy, )
• Security of new nanokernels operating systems

25
Security in FP7 (cont)

• Privacy of European citizens
• with a set of profiles of virtual identities
• Biometry, personal attributes
• History elements (Tracing activities to be
  checked, that can be deactivated)
• And with trusted personal entities
• Security of complex and/or massive computing
  services data knowledge
• Large databases, web services, semantic web
• Grids of computations
• Distribution of content, mobile code
• Virtual communities

26
Thanks
Babel Tower Security Management
How to secure to manage the security
infrastructure ?
27
CNRS STIC

• Presentation

28
(No Transcript)
29
Key elements

• Around 26 000 employees of whom
• 11 600 are researchers
• 14 400 are engineers and administrative staff
• 1 170 research units
• (85 are associated with universities)
• An annual budget of 2,6 billion euros

30
(for 2006)
Board of Trustees

President
National council on scientific research
Strategic Planning Mission
Scientific department - MIPPU - 1
General Director
Regional Director IDF
Scientific department C - 2
General Scientific Director
Regional Director NE
Scientific department V - 3
General Secretary And DRH
Scientific department - HS - 4
Regional Director NW
Deputy General Secretary
Regional European International Director
Transversal Department EDD 1
Regional Director SE
Transversal Department I 2
Regional Director SW
Director of industrial and technology transfer
Institute IN2P3 - 1
Communication director
Institute - INSU - 2
31
The STIC Department
http//www.cnrs.fr/STIC/
32
Our partners

• Universities
• INRIA (The French national institute for research
  in computer science and control
• CEA (Atomic Energy Commission)
• GET (Education et Research in Information and
  Communication Technologies)
• etc.

33
Staff in the STIC Labs May 2005

• CNRS researchers 813
• Researchers from other organizations 326
  5334
• Permanent university staff 4195
• Ph.Ds. 4778
• Post-docs 321 5099
• CNRS engineering and
• administrative support staff
  809
• from organizations 353 1746
• from universities 584
• TOTAL 12 179

34
Regional centers
Lille
Lens
Valenciennes
Amiens
Compiègne
Rouen
Metz
Strasbourg
Ile de France
Nancy
Lannion
Brest
Troyes
Brest
Main centers
Le Mans
Orléans
Belfort
Vannes
Dijon
Angers
Tours
Besançon
Nantes
Secondary centers
Poitiers
Lyon
Saint-Etienne
Grenoble
Bordeaux
Nice
Avignon
Montpellier
Toulouse
Marseille
35
Resources

• 23 M total budget (excluding salaries)
• 30 to 35 new permanent research positions per
  year
• 40 new engineering and administrative positions
  per year
• 16 short-term positions (typically 3 years)
• 40 post-doc positions (1 year)
• 40 Ph.D. grants
• 60 research positions for university staff

36
Research units

• 114 laboratories
• 9 federations
• 14 joint laboratories with industry
• 10 international laboratories

37
International priorities of STIC department

• Europe
• Asia
• China
• India
• Japan
• North America

38
Main International Institutional Cooperation
Russia 1 common lab 1 twinning program 1
scientist exchange program
North America International common lab Georgia
Tech (Atlanta) Scientist exchange program
European communauty 2 european associated
laboratories Switzeland and Belgium
Japan LIMMS/CIRMM 2 Common labs JRL (project) 1
Scientist exchange program
Asia Outside Japan 3 commons labs IPAL
Singapore LIAMA China MICA Vietnam 1
Scientist exchange program
Central America 2 Associated Laboratoratories LAF
MI LAFMAA 3 years term
Australia 1 scientist exchange program
Information and Communication Sciences and
Technologies
39
Partnerships in Japan

• ? JRL Joint Robotic Laboratory
• AIST National Institute of Advanced Industrial
  Science and Technology with CNRS
• ISRI Intelligent Systems Research Institute
  with STIC
• ? LIMMS Laboratory for Integrated
  Micro-Mechatronic Systems
• IIS Institute of Industrial Science, The
  University of Tokyo
• CNRS
• ? CIRMM Center for International Research on
  Micro-Mechatronics
• IIS Institute of Industrial Science