Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the...
Transcript of Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the...
![Page 1: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/1.jpg)
Digital Security R&D&I
in Horizon 2020 (and the Workprogramme 2014 -2015)
Trust and Security Unit H4
DG Communications Networks, Content and Technology European Commission
![Page 2: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/2.jpg)
Summary
1. Overview
2. LEIT – ICT 32 – 2014: Cybersecurity, Trustworthy ICT
a. Cryptography
b. Security-by-design for end to end security
3. Societal Challenge 7 – Secure societies "Protecting freedom and security of Europe and its citizens" – Digital Security: Cybersecurity, Privacy & Trust
1. Privacy,
2. Access Control,
3. Risk Management & assurance models
2
![Page 3: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/3.jpg)
... a survival kit...
3
• Participant Portal
http://ec.europa.eu/research/participants/portal/desktop/en/home.html
• H2020 Cybersecurity – Workprograms
• http://ec.europa.eu/research/participants/data/ref/h2020/wp/2014_2015/main/h2020-wp1415-security_en.pdf
• http://ec.europa.eu/research/participants/data/ref/h2020/wp/2014_2015/main/h2020-wp1415-leit-ict_en.pdf
• Trust & Security
http://ec.europa.eu/digital-agenda/en/telecoms-and-internet/trust-security
• Questions?
![Page 4: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/4.jpg)
What's new, what's different ...
H2020 FP7
R&D = Policy
R&D Policy = support to Policy
broader objectives => more flexibility
4
![Page 5: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/5.jpg)
5
EU Policy Cyber Security
EU Cyber
Security Strategy
Technology / Industry
R&D industrial
strategy
pilots,
business cases
education
International
cybercrime
Resilience
Directive R&D
![Page 6: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/6.jpg)
In summary...
• R&D = incentive to increase ICT security
• R&D = satisfy end-user needs - public and/or private
• R&D = policy instrument
=> H2020 Digital Security WPs
6
![Page 7: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/7.jpg)
Where to find cybersecurity R&D&I in H2020?
Everywhere!
7
change of mindset
![Page 8: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/8.jpg)
8
LEIT Excellence
Societal Challenges
FET
1-6 7!
Cross-cutting!
Embedded!
![Page 9: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/9.jpg)
Example: smart grids
• quantum teleportation => FET
• cryptography? => LEIT
• SCADA? => SC7
• smart meter? => SC3
• smart city? => SC3
=> determine your focus!
9
![Page 10: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/10.jpg)
LEIT ICT 32 – 2014:
Cybersecurity, Trustworthy ICT
![Page 11: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/11.jpg)
LEIT
"Technology-driven approach to develop enabling technologies that can be used in multiple areas,
industries and services"
Scope: Experimentation with innovative research ideas
Strategic Vision:
Long term goal to replace the current business model to provide security as add-on by a security-by-design approach
Outcome:
Assist industry to adjust their business model to the strategic
vision
11
![Page 12: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/12.jpg)
Instrument: Research and Innovation Actions Coordination and Support Action (CSA) Technology readiness level: Next generation technology and generation thereafter Time to market introduction: 5-7 years (indicative) Research and Innovation Actions: Small contribution: between 2 and 4 MEuro (indicative) Large contribution: between 5 and 8 MEuro (indicative)
12
Specificities of LEIT
![Page 13: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/13.jpg)
CALL: ICT 32-2014 Cybersecurity, Trustworthy ICT
• Cryptography
• Research & Innovation Actions (small and large)
• Coordination and Support Actions
• Security-by-design for end to end security
• Research & Innovation Actions (small and large)
13
![Page 14: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/14.jpg)
Call Details
Timeline:
11 Dec 2013 Publication
23 Apr 2014 Submission Deadline (17.00.00)
16-20 Jun 2014 Evaluation
Sep 2014 Information on outcome of the scientific evaluation
Dec 2014 Signing grant agreements
Budget:
ICT32.a 37 Meuro (Security-by-Design & Cryptography R&I Actions)
ICT32.b 1 Meuro (Cryptography CSA)
14
![Page 15: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/15.jpg)
15
Cryptography – which results?
Research projects have to address the key challenges to guarantee the security for the lifespan of the application it
supports, to stay ahead of the evolution of the ICT environment and keep pace with the performance increase of
ICT technology.
• net increase in performance • reduction in energy or power consumption, • validation in realistic application scenarios, • Relevance to current trends (cloud, mobile, IoT,etc) • methods for provable security against physical attacks • security certification.
![Page 16: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/16.jpg)
Cryptography – Challenges (1/2)
• Resource efficient, real-time and highly secure technology for
1. hardware based cryptography; or
2. homomorphic cryptography.
• Distributed cryptography including functional cryptography;
• Cryptographic tools for securely binding applications to software, firmware and hardware environments, with or without adaptation of primitives which are used;
16
![Page 17: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/17.jpg)
Cryptography – Challenges (2/2)
• Post-quantum cryptography for long-term security;
• Quantum key distribution (QKD) systems and networks for long-term security-by-design (etc.) addressing:
1. low-bit-rate QKD with low cost components for short-distance;
2. high-bit rate QKD systems, tolerant to noise and loss.
17
![Page 18: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/18.jpg)
Cryptography - CSA
18
• durable integration and structuring of the European cryptography community;
• strengthen European excellence in this domain; • provide technology watch, joint research agendas and
foresight studies; • identify technology gaps, market and implementation
opportunities; • technical expertise to cybersecurity and privacy communities; • development of European standards (incl. public sector) • solve training needs and skill shortage • evaluation and verification of cryptographic protocols and
algorithms. • open competitions with benchmarking. • dissemination and outreach, strengthening the link with
institutional stakeholders.
![Page 19: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/19.jpg)
19
Security-by-design
"Security-by-design paradigms have to be developed and tested, to provide end-to-end security, across all hardware and software layers of an ICT system and application and business
services." Paradigms for complex environments: • Highly connected, complex and interoperable networks. • Multi-layer and multi-service systems, spanning multiple
domains or jurisdictions
![Page 20: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/20.jpg)
Security-by-design – what? (1/2)
Aiming at:
• Platform-independent solutions for context-aware and self-adaptive security
• Automated security policy governance for run-time verification, customisation and enforcement between operators or virtual entities,
Important Considerations:
• Interaction of Layers
• Holistic Approach
20
![Page 21: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/21.jpg)
Security-by-design – what? (2/2)
Special Attention to:
• Open and dynamically reconfigurable environments
• Reliance on other, potentially untrustworthy, providers
Importance of Usability:
• Deployment and implementation with usability in mind against improper use or misconfiguration for higher degrees of trust by users.
21
![Page 22: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/22.jpg)
Expected Impact of ICT-32 (1/2)
22
Macro: • New paradigms for the design and implementation. • European ICT with a higher level of security and/or privacy. • Compliance with Europe's security and privacy legislation. • Measurably higher level of security and/or privacy with
marginal additional cost. Societal: • More user trust in ICT and online services. • Better ability of users to detect breaches of security and
privacy. • Better privacy protection and legal compliance with privacy
rules • More resilient critical infrastructures and services.
![Page 23: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/23.jpg)
Expected Impact of ICT-32 (2/2)
23
Research: • User empowerment in new generation of ICT • Security and privacy as a built-in feature • Easier understanding and management for users. • Simpler implementation of cryptographic primitives. • New ICT technology approaches more secure than
traditional ones
![Page 24: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/24.jpg)
Security and Privacy LEIT ICT Have a look!
• ICT 1 – 2014: Smart Cyber-Physical Systems (privacy/security by design)
• ICT 4 – 2015: Customised and low power computing (security) • ICT 5 – 2014: Smart Networks and novel Internet Architectures
(security, trust, privacy) • ICT 7 – 2014: Advanced Cloud Infrastructures and Services (security,
privacy) • ICT 14 – 2014: Advanced 5G Network Infrastructure for the Future
Internet • ICT 22 – 2014: Multimodal and Natural computer interaction (Robotics,
security) • ICT 26 – 2014: Photonics KET • ICT 30 – 2015: Internet of Things and Platforms for Connected Smart
Objects (security)
• EUB 1 – 2015: Cloud Computing, including security aspects (Joint Call with Brazil)
• EUJ 4 – 2014: Experimentation and development on federated Japan – EU testbeds (Joint Call with Japan) 24
![Page 25: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/25.jpg)
Contacts:
ICT 32-2014 Cybersecurity, Trustworthy ICT
Documentation:
http://ec.europa.eu/research/participants/portal/desktop/en/opportunities/h2020/topics/96-ict-32-2014.html
![Page 26: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/26.jpg)
Societal Challenge 7
Secure societies: Protecting freedom and security
of Europe and its citizens
Digital Security: Cybersecurity, Privacy & Trust
![Page 27: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/27.jpg)
Content
27
• Targets: End-users & Impact
• Only instrument: "Innovation Actions"
• Security: A Societal Challenge
• Topics (H2020-DS-2014-1)
Privacy
Access Control
Risk Management & assurance models
![Page 28: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/28.jpg)
Targets: End-users & Impact
28
• Focus on addressing the needs of end-users!
• The extent of end-user participation is an important factor when evaluating the proposal's impact.
• The scope of a proposal may be limited within the specific needs of clearly defined stakeholder communities i.e. individual sectors of economic activity (e.g. finance, transport, energy, etc.), public administration, public safety and security end-users.
![Page 29: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/29.jpg)
Targets: End-users & Impact
29
• Proposals should pay particular attention to the "Expected Impact" section of each topic.
• Three evaluation criteria: Excellence, Impact, Quality and efficiency of the implementation
• In this call, to determine the ranking, the score for the criterion ‘impact’ will be given a weight of 1,5.
![Page 30: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/30.jpg)
Only instrument: Innovation Actions
30
• Activities directly aiming at producing plans and arrangements or designs for new, altered or improved products, processes or services.
• Prototyping, testing, demonstrating, piloting, large-scale product validation and market replication.
![Page 31: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/31.jpg)
Innovation Actions (1/2)
31
A ‘demonstration or pilot’ :
• aims to validate the technical and economic viability of a new or improved technology, product, process, service or solution… (ie, validate innovation)
• in an operational (or near to operational) environment, whether industrial or otherwise…
• involving where appropriate a larger scale prototype or demonstrator.
![Page 32: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/32.jpg)
Innovation Actions (2/2)
32
• Projects may include limited research and development activities.
• Funding rate: 70% (except for non-profit legal entities, where the rate is 100%)
![Page 33: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/33.jpg)
Security: a societal challenge
33
• It concerns the protection of citizens, society and economy as well as Europe's assets, infrastructures and services, its prosperity, political stability and well-being. Any malfunction or disruption, intentional or accidental, can have a detrimental impact with high associated economic or societal costs.
Digital Security
• Address the economic and societal dimension of security and
privacy in the digital ecosystem.
• Secure and increase trust in the digital society.
• Demonstrate the viability and maturity of state-of-the-art solutions.
![Page 34: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/34.jpg)
Three Topics
34
• Privacy
• Access Control
• Risk Management & assurance models
• For each topic, in next slides:
Challenge
Scope
Expected Impact
Practical Info
![Page 35: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/35.jpg)
Privacy - Challenge
35
• Increasing privacy concerns.
• Complexity of data protection and privacy frameworks in Member States and Associated Countries.
• Data Transfers.
• Increase transparency, control, usability.
• Understand the value of personal information.
![Page 36: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/36.jpg)
Privacy - Scope
36
• Demonstrate solutions that protect individuals' privacy and assist them in making informed choices on the use of their data.
• Address privacy in varied contexts (big data, cloud services, IoT, criminal investigations).
• Apply privacy-by-design frameworks to promote the usage of privacy enhanced technology.
![Page 37: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/37.jpg)
Privacy – Expected Impact
37
• Privacy by design architectures.
• A practical, user friendly and economically viable implementation of relevant legal obligations related to personal data processing and/or prior consent.
• Increased user trust, resulting in a higher uptake of online services.
• Positive business cases for online privacy.
![Page 38: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/38.jpg)
Privacy – Practical Info
38
• Call identifier: H2020-DS-2014-1
• Topic: DS-01-2014
• Published: 11 Dec 2013
• New Call deadline: 28 August 2014, 17.00.00 CET
• Indicative budget: 19.04 million EURO
• "The Commission considers that proposals requesting a contribution from the EU of between €2m and €5m EURO would allow this topic to be addressed appropriately"
![Page 39: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/39.jpg)
Access Control - Challenge
39
• Currently the most widespread approach relies on passwords.
• Managing the passwords has its limits and poses a challenge to the user, which adds vulnerabilities.
• Common practice is to use the same or similar password, which increases significantly the risk should the password be broken.
![Page 40: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/40.jpg)
Access Control - Scope
40
• Development and testing of usable, economic and privacy preserving access control platforms based on the use of biometrics, smart cards, or other devices.
• Management of the access rights.
• Guarantee interoperability and portability between systems and services.
![Page 41: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/41.jpg)
Access Control – Expected Impact
41
• Deliver secure, but user-friendly, access to ICT systems, services and infrastructures.
• Consumerisation of devices for access control.
• Demonstrable increase in level of security.
• Support the creation of commercial services making use of electronic identification and authentication.
![Page 42: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/42.jpg)
Access Control – Practical Info
42
• Call identifier: H2020-DS-2014-1
• Topic: DS-02-2014
• Published: 11 Dec 2013
• New Call deadline: 28 August 2014, 17.00.00 CET
• Indicative budget: 18 million EURO
• "The Commission considers that proposals requesting a contribution from the EU of between €3m and €8m EURO would allow this topic to be addressed appropriately"
![Page 43: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/43.jpg)
Risk Management & assurance models Challenge
43
• Increased reliance on ICT leads to greater risk.
• The use of public communication networks and commercial off-the-shelf components in industrial environments.
• Complexity & massive interconnectivity
![Page 44: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/44.jpg)
Risk Management & assurance models Scope
44
• Demonstrate the viability and scalability of state-of-the-art risk management frameworks.
• Perform socio-economic assessment to evaluate the cost-benefit of implementing proposed framework.
• Main track - framework should addresses
real time risk assessment/mitigation,
dynamic threat landscape
on-demand composition of services and massive interconnectivity
![Page 45: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/45.jpg)
Risk Management & assurance models Scope
45
• Side tracks:
development of tools to evaluate the risks and its impact on business
tools providing a simple view and understanding of a complex system, and tools to detect social engineering attacks.
ICT supply chain.
Assurance models, control & audit frameworks.
"Cyber" Insurance
![Page 46: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/46.jpg)
Risk Management & assurance models Expected Impact
46
• all of the above...
• the comprehensive comparison between sector specific or national approaches to risk management.
• facilitate the implementation of existing and emerging requirements obligations on risk management.
![Page 47: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/47.jpg)
Risk Management & assurance models Practical Info
47
• Call identifier: H2020-DS-2014-1
• Topic: DS-06-2014
• Published: 11 Dec 2013
• New Call deadline: 28 August 2014, 17.00.00 (CET)
• Indicative budget: 10 million EURO
• "The Commission considers that proposals requesting a contribution from the EU of between €2m and €5m EURO would allow this topic to be addressed appropriately"
![Page 48: Digital Security R&D&I in Horizon 2020 - APRE · Access Control - Challenge 39 • Currently the most widespread approach relies on passwords. • Managing the passwords has its limits](https://reader031.fdocuments.in/reader031/viewer/2022011823/5ed50e33ab6e6a4761035713/html5/thumbnails/48.jpg)
@EU_TrustSec
http://ec.europa.eu/research/participants/portal/desktop/en/opportunities/h2020/calls
/h2020-ds-2014-1.html