Martine Lapierre - Security & Privacy trends for Urban & transport applications
1. Security & Privacy trends for Urban
& transport applications
Martine Lapierre
Vice President, Technical Director
Defense & Security C4I Systems
Division
23-27 November 2009
13-15 December 2010 ICSOC-ServiceWave 2009
2. Security and Privacy technologies
A key element for urban multi-modal transportation
23-27 November 2009
3. Agenda
• Future applications & services addressed
• What Security & Privacy issues face this
example?
• Bringing FI PPP project into context
• Approach toward Content Driven Security
23-27 November 2009
4. •Future Internet will enable the so called “Internet of Services”(IoS)
•New trends pushed by end-users:
•On demand intelligent/smart services
•Service personalization
•Increased QoS exigencies but also QoE (Quality of Experience!)
•Respect of Users right (new legislation..)
•Service provider in “Co-opetition” (collaboration and competition)
•Urban applications may use this : e.g. Urban Multi-Modal Transportation
•universally available geo-localisation
•universally available mobile communications
•fully individualized service offer
•Technology enablers are there as well
•Content-driven security and privacy enablers
become reality
23-27 November 2009
5. Future Internet - Urban transport Application exemple
• 17:11 : Bring me to my next meeting
•Your contact is Daniel Gidoin From Thales
•Verification of agendas
•Calculation of both positions
•Meeting point proposition
•17h12 : Multi-Modal travel Proposition
•Take Bus 126 in 4mn for 2 stops
•Take shared car xwz4 at bus stop in 7 mn
•Shared car will drop you at Velizy station in about 40 mn
•Walk with gps to final destination (10mn)
•Arrival around 18:07
23-27 November 2009
6. Future Internet - Urban transport Application exemple
• 17:11 : Bring me to my next meeting
•Your contact is Daniel Gidoin From Thales
•Verification of agendas
•Calculation of both positions
•Meeting point proposition
•17h12 : Multi-Modal travel Proposition
•Take Bus 126 in 4mn for 2 stops
•Take shared car xwz4 at bus stop in 7 mn
•Shared car will drop you at Velizy station in about 40 mn
•Walk with gps to final destination (10mn)
•Arrival around 18:07
•Automatic Update
•A Thales Employee declared a travel to Velizy
•Calculating travel optimization
•New arrival proposition 18:00 with direct car share
•Accept to switch car
•Travels achieved
•Automatic Payment
23-27 November 2009
8. Multimodal travel made easy, Itinerary updated in real time
•Online services offer
•a wide range of transports incl. walking
•Customized : Emphasis is on QoS and QoE
•shortest journey time and greatest convenience;
• Or / And best cost (minimal);
• Or /And greatest energy efficiency and reliability.
•Applications stakeholders are:
•multimodal travelers (any means to reach the target)
•public and other collective transport operators
•road operators and traffic managers
•Taxis, private fleets, car rentals, and sharing drivers
•The itinerary is continuously monitored in real-time and is adjusted
whenever conditions or options change.
• Various context-aware services are “pushed”
to the traveler just when needed:
•Monitoring, rentals, ticketless mobile fare payment…
23-27 November 2009
9. Efficient multimodal
travel : issues
•Challenges which apply
•To propagate the geo-localisation information in a time compatible with real-
time dynamic adaptation of multi-modal traveler : Localisation PRIVACY
•To process the collected information fast enough (e.g. using cloud technology)
in a context of massive simultaneous constrained and/or contradictory
requests, keeping CUSTOMER DATA PRIVACY & INTEGRITY
•To efficiently integrate user preferences and constraints so as to provide user
acceptable multi-modal proposal in all situations
• To ENSURE SAFETY of drivers & travellers as well as PAYMENT INTEGRITY &
CERTIFICATES- allowing proportional automatic contribution to journey
•(semi-)Automated and very effective negotiation functions between travelers
and drivers based on CERTIFIED cross-rating of participant, including geo-
localisation based rendez-vous (LOCATION ACCURACY & Perm. Of Service)
As a resume, Security functions ensuring the safety of all participants through a careful
set of preventive, en-route and forensics functions
23-27 November 2009
10. Security & privacy issues : more details
• 17:11 : Bring me to my next meeting
•Corporate data interaction •Mobile Identity
•Your contact is Daniel Gidoin From Thales federation
•Geo-localisation Privacy •Verification of agendas •Role Based Access
•Calculation of both positions Control
•Tier service activation •Meeting point proposition
•17h12 : Multi-Modal travel Proposition •Anonymization of data
•Take Bus 126 in 4mn for 2 stops before statistics
•Customization based on
private data (profile..) •Take shared car xwz4 at bus stop in 7 mn •Data lifecycle managed
•Private travel data anonymi- •Shared car will drop you at Velizy station by the user
sed for public traffic in about 40 mn •Sticky policies
regulation •Walk with gps to final destination (10mn)
•Security Video Recording •Arrival around 18:07 •Role-oriented data
•Automatic Update usage control
•Business Information •A Thales Employee declared a travel to •Accountability
recording
Velizy
•Cyber Attack •Calculating travel optimization
•realized service Certification •New arrival proposition 18:00 with direct •Claim based ID
•Financial Data exchange car share •Content Driven
•Accept to switch car Security
•Travels achieved & Automatic Payment
23-27 November 2009
11. Security & privacy issues
•Security and privacy issues and the consequences
of the strong contextual information collected
•Scalable and pervasive IPv6-based vehicle-to-vehicle (V2V)
communications / Security Video - Mobile Network permanence of service
•guarantee that the personal information provided by users will be
processed in accordance with the user rights and requirements and would
be erased afterwards
•protect commercial required information in case of delegate partial
execution to a third party service operated by another provider:
•PAYMENT integrity and security
• As a consequence : Content-driven security and privacy
•Tag datum elements with dedicated security and privacy meta-information
regarding traceability, propagation and divulgation.
•Such meta-information propagated along with the datum elements
•Technical and legal mechanism to guarantee the compliance of services with
the usage requirements (also legislation and regulation which may apply)
23-27 November 2009
12. Bringing FI PPP project into context
•Lot of expectations on this project …
•Indeed as per FI PPP Call Objective 1.7 the Core Platform project
will help
•design, develop and implement a generic, trusted and open network and service
Core Platform supporting generic enablers with standardized interfaces serving
multiple use cases, and making use of and integrating advanced Internet features.”
•Remember the aim to offer Core Platform functionalities that can
be generically reused in multiple usage contexts to support "smart
applications" of various natures there is no doubt that this project
would make happen new usages in a broad range of application
domains (e.g. Transport, Energy, …)
•Among others this project will deliver the Generic Security services (e.g.
IAM/AAA, Privacy, …) that will enable smart applications (e.g. Multimodal
Transport) to happen and be widely adopted since generating the necessary
Trust and Confidence people or organizations need to have it done.
23-27 November 2009
13. From Content Based to Content Driven Security:
What Thales can contribute?
•Content Based Security:
Security attached to the data (structured or unstructured)
•with fine-grained partitioning adapted to data owners requirements
•with trust established between services providers
•with trust established between services providers
•With multi-level ciphering at the datum level
•with traceability and accountability at
each step
Using open standards for ubiquitous protection and x-border interoperability
23-27 November 2009
14. Approach towards Content Driven security Example Claims
name
•As data travel across the Internet group
age
• It will pass through multiple services, processes and users
• It must be protected from misuses, unauthorized
disclosure and harmful aggregation
Usage and travel constraints
Data protection constraints
Data element
BANK PAYMENT
Bank
Clear text
account #
Amount to Cipher
• Secure
pay #1
Handshake
• Never
Propagate
• Report at
Account of Cipher
Security information and requirements should receiver #2
each step
travel along with data elements, to establish
Content Driven Security in flexible and
Bloc Signature
virtualized environments.
23-27 November 2009
15. Content Driven access rule
•CONFIA proposes a set of rules suitable for
controlling the access
• Grant rules: To provide the access to a user on
an object according to some requirements (e.g.
Conditions, obligations)
•Derived rules: To propagate access to a user
through the content and the kind of rights
defined.
•Forced rules: To solve any conflict between
different accesses sharing user and object.
•Non-vulnerability rules: To protect the whole
content of a document of intrusion by a non-
allowed access
23-27 November 2009