Sie sind auf Seite 1von 16

Trust and vulnerabilities in the

Information Infrastructure

Marcelo Masera, Marc Wilikens

Joint Research Centre Institute for the Protection


European Commission and Security of the Citizen

Innovations for an ee-Society


-Society
Challenges for Technology Assessment
Berlin, 18 October 2001
Overview

• The Information Infrastructure


• Information assets
• Risk and trust
• Cases:
– Health care sector
– Electric power sector

18 October 2001 JRC - Cybersecurity Group 2


The citizen and the e -Society
e-Society

PC (home, work) e-Commerce


Mobile phone Health care
PDA Utilities
Internet kiosks Government
Smart home Bank & insurance
Car …

Computing + Non-linear
communication + Tightly coupled
organisational systems Most complex
machine ever built

18 October 2001 JRC - Cybersecurity Group 3


The information infrastructure
Emerging “public utility”
– Internet + Public Telephone Networks (fixed and mobile) + …

Characteristics:
– Behaves as single system, but multiple owners
– Multi-jurisdictional, heterogeneous, unbounded
– Topologically and technologically evolving

18 October 2001 JRC - Cybersecurity Group 4


The layered model
User
Sector
Value-added services specific
Generic end-user services applications

Network management services Information


Information
Network Basic network services Infrastructure
Infrastructure
Data transmission Local access

But, the services provided by the information


infrastructure are not assured…
And it is subject to failures and malicious attacks
18 October 2001 JRC - Cybersecurity Group 5
The infrastructure today
• The infrastructure is fault-ridden & vulnerable
• Developers interested on cost and time-to-market
• Operators don’t consider the effects of service disruptions
• Nobody is concerned with overall security, safety or reliability

• Features
– Availability, timeliness, bandwidth: best effort
– Integrity, confidentiality: application-level solutions

– Service level agreements: not standard yet

18 October 2001 JRC - Cybersecurity Group 6


Why be concerned?

Information assets Î value Î potential damage

Thus, the main issue is Risk

But benefits and risks for all stakeholders


are not obvious
for developers, operators and users

18 October 2001 JRC - Cybersecurity Group 7


Information assets
• Not just raw data From
undefined
item

• But information that


needs to be assured
– Contents To assured
product
– Assurance marks:
• Univocal identification
• Life-cycle events
• Trust properties

18 October 2001 JRC - Cybersecurity Group 8


User requirements
Users
– rely on many actors, the majority unknown
– have specific requirements

Functionality
• Data transfer and services
Quality features
• Availability: capabilities, services, data
• Integrity: data transmission, data handling
• Confidentiality: for all actors (source, user, intermediaries)
• Timeliness: end-to-end service timing
• Capability: throughput, reliability

Plus privacy!

18 October 2001 JRC - Cybersecurity Group 9


Trust
Reliance requires Trust

Networks give rise to


chains of trust

Structured along
Trust constituencies

Policies Filters & permits Protocols


Supported by a Distributed Certificates
Trust infrastructure security PKI

Trust management services

18 October 2001 JRC - Cybersecurity Group 10


Who should be concerned?
It is about managing risks
at different levels: individual, national, international

Users:
Peer-to-peer
– Should solve the equation trust engagement
trust risk
rights and obligations
for specific assets in a given situation
Countries:
– Should assure each national critical infrastructure
Social trust
…and their interactions

18 October 2001 JRC - Cybersecurity Group 11


Health care case study
Project DRIVE (IST 12040)

Hospital
Clinical Internal Clinical support
ICT
Administrative Logistics

Information
infrastructure

Public health authorities Drug supplier


Internal Internal
ICT ICT

18 October 2001 JRC - Cybersecurity Group 12


Health care case study
Patient
record Drug
Hospital record
Clinical TC
Clinical Internal Clinical support
ICTHospital TC
Administrative Logistics
Anonymous
Drug supply
Patient Information TC
record infrastructure
Product
Health surveillance
record
Public TC
health authorities Drug supplier
Internal Internal
ICT ICT

TC: Trust constituency


18 October 2001 JRC - Cybersecurity Group 13
Electric power sector case
Generation Power plant Internal Power market agency
company DSC / SCADA ICT
ICT

Transmission system operator


Power lines SCADA
Information
Internal infrastructure
ICT

Distribution company
LV lines SCADA ICT
RTU
Internal
ICT End customer

18 October 2001 JRC - Cybersecurity Group 14


Electric power sector case
Production
Generation record Internal Power market
Power plant
Energy production Energy price agency
company TCDSC / SCADA ICT record ICT

Energy network
Transmission system operator TC
Transmission
Power lines SCADA
record Information
Internal Energy market
infrastructure
ICT TC
Energy distribution
Distribution company Energy
TC
LV lines SCADA consumption
RTU
record ICT
Internal
ICT End customer

TC: Trust constituency


18 October 2001 JRC - Cybersecurity Group 15
Conclusions
Need to conceive
Trust
for a “networked” society

– Develop concepts and technologies


e.g. from “fortress/Maginot” to “networked” security

– Determine responsibilities and social functions


e.g. new private-public partnership

18 October 2001 JRC - Cybersecurity Group 16