Trust in Digital Life - Mission statement TDL is a consortium of Industry, Academics andGovernment entities working together to set a research agenda for a Trustworthy ICT. Why Trust for ICT?To stimulate a broad adoption by citizens of e-services
TDL MembersIndustrial and Service SectorMicrosoftNokiaPhilipsGemaltoOberthurIrdetoNEC EuropeNokia Siemens NetworksNXPThalesKnowledge InstitutesFraunhofer Institute FokusGoethe University FrankfurtPrivacy InternationalUniversity of TwenteUniversity of MurciaUniversity of LuxembourgWaterford Institute of TechonologyKU LeuvenNorwegian Consumer CouncilDutch Police – Cybercrime programmeTNOUniversity of the Aegean More than 20 prospective members and observers !
TDL ambitions and expected performances1. Self sustainable inspiring TRUST community providing directions and development of knowledge and collaborative projects & frameworks for trustworthy ICT solutions2. Innovative but realistic research agenda recognized by industry, knowledge institutes, the European commission, local governments and other independent authorities3. Create possibilities for public funding for collaborative R&D and deployment projects4. Create industrial, political and legal awareness for removing barriers through an extensive demonstrations and pilots program.
Key Performance IndicatorsTDL is working on setting a Dash Board to measure Trust in ICTSuch KPIs can be:– Adoption rate (%age) of citizens using e-services– Number of ICT trust-related incidents reported– Number of new e-services launch– Consumers/Citizens surveys score cards
Trust in Digital Life at a glance• Gemalto, Microsoft, Nokia and Philips founded the Trust in Digital Life research and innovation consortium (TDL) in 2009 to stimulate the development of Trustworthy ICT solutions.• 22 parties already joined the consortium and TDL is growing steadily.• In 2012 the consortium will count more than 40 complementary members.• TDL will set out a vision and strategic research agenda for trustworthy products relating to ICT.• TDL will provide recommendations for research for the European frame work program (FP8).• TDL is financially supported by the European commission.
Trustworthy ICT solutions• Trust is an essential pre-requisite for connecting people in effective human and enterprise transactions.• Trust builds on elements like security, privacy, transparency, accountability and reputation.• There is no clear understanding on the sources of trustworthiness, nor is there an industry recommendation on implementing principles to generate trust in digital services.• European strategy must aim at a strong competitive position in producing innovative trustworthiness solutions accepted by citizens, business and governments.• Coordination effort goes across Member States, industrial and service sectors, academia, public authorities and representatives of citizens.• Essential is the recognition of the importance of the rule of law, security, and privacy and other core democratic freedoms in contributing to trustworthiness.
WG 1 use cases WG 2 Technology & Requirements WG 4 Business Cases WG 3 Law & Technology TDL Innovation lines Scale out different application domains Collaboration with projects and initiatives Execution TDL SRA & Innovation funnel Diverge Converge Consolidate Implement2010 2011 2012 2020 RESULTS WG1 & WG2 DEMONSTRATORS FIRST DRAFT SRA PILOTS WHITE PAPERS RESEARCH PROJECTS PRESS RELEASE RESULTS WG3 & WG4 REFINED SRA TDL INNOVATION FUNNEL PROPOSALS CALL 8 FP7
End-2-End Trust Landscape Data Lifecycle Trusted Management Service Stack IntegrityChampions: Champions: Champions:Gemalto & Philips Nokia & Thales Microsoft & NEC Innovation funnels
Themes Cloud IoT Privacy Social Mobile devices Impact Data Lifecycle Management E-Health Service Integrity Mobile Applications Trusted Stack Online Services E-Authentication Deployment Pilot validation Concept(fundamental) demonstratorsResearch
Innovation linesTrusted stack 1. building a “trusted stack,” with suitably strong authentication of hardware, software, people, and data 2. improving the ability to audit events to provide accountability 3. grant people better control over their digital personas to enhance privacy. This trusted stack, combined with better mechanisms to protect privacy, will enable End to End (E2E) TrustData Life Cycle Management 1. a broad set of technologies from secure authentication, access control, secure storage, revisions management, data archiving and data termination 2. port into the Digital world all the key attributes of assets in the physical world that people like and build their trust upon. Protecting Identities, protecting assets and protection transactions are the three pillars of a trustworthy eco-system
T r u s t F r a m e w o r k P r o v i d e r Attribute Providers User Identity Service Providers Agent Provider (Relying Parties) IP User Identity Agent AP AP 4. Obtain token(s) Commercial Government Cloud Services Consumer Sites Attribute Providers Attribute Providers Service IP 3. Evaluate IP AA Policy 6. Retu r n claim Identity Providers Identity Providers P P set Government Portal Client 2. Return Acce ss Policy 1. Request for Access e ss t o web sit 8. Acce 5. User 7. Validate consent token(s) Commercial Government Identity Providers Identity Providers Computing Relying Party STS Devices OnlinePhysical Authentication Device Providers World Identity “Proofing” Commercial Government Service Service User
Participating in working groups• Four interdependent working group charters develop relevant content for the strategic research agenda and project proposals: 1. Use cases 2. Technolgy & requirements 3. Law & technology 4. Business cases• Face-to–face working group meetings are held every quarter and teleconference meetings in between. Extensive interaction between working groups is organised.• Working groups produce papers and publications.• Parties can join one or more working groups.• Willingness to exchange knowledge and experience, sharing customer & market insights, commitments for joint research and cross sector development trajectories are key success factors.
Use Cases for Trust in Digital Life• Use cases will identify, group and describe the common characteristics of the services the industry finds the most potential.• Description of generic use cases and associated digital services will be enriched with scenario’s “user stories”.• Possible threats to a user’s information security and privacy will be derived from user stories and will be offered to Requirements and Technology Working Group for further analysing and defining a threat landscape.• Current use cases: – Cloud Computing – Online Gaming – Online Auction Fraud – Child Online safety – E-Healthcare – E-Nergy• Deliverables: White papers on several use cases and user stories
Working group charterRequirements & Technology
Roadmap of Trust• Technology and requirements WG addresses questions that relates to (unsatisfied) elements of trust and their requirements.• The role of technology and potential technical disruptive solutions for unsatisfied elements of trust are investigated and research areas are recommended.• A generic architecture and frameworks will be developed to support industry and government with guidelines and de facto standards for research and product development.• The approach is to analyse use cases, develop a threat landscape and create an overview of state-of-the art technology technology that support trustworthy products.• A technology roadmap covering the requirements is a key delivery.• Deliverables: Elements of trust Technical requirement for trust Roadmap of trust and authentication architecture
Technical challenges (WG2)Derived Threats • Not respecting co-ownership of data • Location threats • Unwanted retention of data • Copying of Information without consent • Authentication • User interaction through a compromised end-user device
Technical challenges (WG2)Research Questions Trusted computing platforms • Q1: How to protect end-user devices, networks and servers from malware? • Q2: How to make the trustworthiness of an end-user device transparent to the user? Trusted Identity • Q3: How can users better protect their credentials, achieving a balance between security, privacy, mobility, costs and user experience? • Q4: How can we increase user’s privacy by assuring users are unlinkable by default when presenting credentials to applications? Trusted Information • Q5: How to ensure the privacy of information? Trusted attributes • Q6: How to disclose only attributes that are necessary for an application? • Q7: How to prove attributes?
Democratic structures & European values are prerequisites• How can law and policy spur design of technology that: – enables democratic structures and – honors European values such as privacy, freedom of expression, protection of minorities, freedom of association, and freedom of belief.• Law and Technology WG will ask if accountability, transparency, and open competition are adequate for ensuring that ICT products do not oppose democratic structures and values and in fact promote them.• The exploration will delve into such topics as: – Accountability – third party beneficiaries in contracts; audits; ombudsmen; procedural due process; etc. – Transparency – average people knowing what law applies; objective and visible certification criteria; existence of contractual relationships and their terms; visibility into parties’ practices; market driven education campaigns; etc. – Open Competition – market structure concerns of concentration, product differentiation, ease of entry; trade-offs with open or closed systems; interoperability; etc.• Deliverables: Whitepaper on legal prerequisites for trustworthy ICT solutions
Value driven research• The impact of trustworthy ICT solutions – How can we measure the economic and societal impact – what are the business models that motivates the required research investments.• Business cases WG will develop business models and a portfolio of research project ideas for the development of Trustworthy ICT with scenario’s and sensitivity analyses to understand the economic and societal impact.• They approach is to identify market segments, market drivers and high level project description based on output of WG Technology & requirements. The expected value of research efforts is motivated.• Deliverables: Models for TDL business logic, addressable markets and technology roadmaps Portfolio of TDL research project ideas Motivation of expected quantitative value of TDL research
Governance TDL ConsortiumExperts from industry, Permanent seats for founding partners: government and Gemalto; Microsoft; Nokia and Philips knowledge institutes Elections at the general assembly Selection of 30 members Elections at the general assembly TDL Ambassadors anchoring Bicore: Secretary & membership mgt TDL in European research Editing vision and SRA community Use Cases WG Leader: University of Luxembourg Requirements and Technology WG Leader: Philips Law & Technology WG Leader: Nokia Business Cases WG Leader: Bicore
TDL membership objectives• A multidisciplinary open research community• Broad support to the research roadmaps• Active participation in the Working Group charters• Development & implementation of the SRA & Work plan• Development of a balanced research project portfolio• International recognition of TDL 30
5 reasons to join the TDL community1. Influence the European state-of-the-art vision on Trust in Digital Life.2. Share and enrich your knowledge and insights on law, markets and technology with complementary leading edge industry parties, knowledge institutes and policy makers.3. Create promising opportunities for public-private research projects in European frame work programs.4. Inside out: Identify yourselves with high quality content and papers.5. Outside in: Validate and improve your (business) strategy. TDL is an open community stimulating cross sector collaboration to enable development of trustworthy solutions
5 reasons to become a TDL member1. Actively contribute to the strategic research agenda, access to all information.2. Support continuation of the TDL partnership after project period in 2012.3. Receive funds for the development of demonstrators on trustworthy ICT solutions and execution of detailed expert studies on Law, Market and Technology.4. Become member of management board.5. Develop concrete public – private projects within frame work programs. TDL membership will create vast business opportunities and leverage your activities
How to become a member• Your application should include a written statement indicating your relevant expertise and a description of the your envisioned contribution to the effort.• Approving and signing the Consortium Agreement and Policies and Procedures• Receiving 2 sponsorship letters from current Executive Board members• To become a Working Group or Management Board Member, you must submit an application. Declarations of accession to the Management Board and the Working Groups are included in the Consortium Agreement.• Possibility to apply for an observer status. In this case you don’t benefit the additional advantages of TDL membership status• For more information, please visit the website at www.trustindigitallife.eu or contact the TDL Office at TDLOffice@bicore.nl
TDL Membership fee• The yearly fee for TDL membership: – € 10.000 for Industry and enabling members – € 5.000 for knowledge institutes• Reduction on fees for first two years Year Industry and enabling members Knowledge Institutes 2010 € 5.000,- € 0,- 2011 € 7.500,- € 2.500,- 2012 € 10.000,- € 5.000,-Use of membership fees:• The working groups can apply for budget for demonstrators and studies.• The executive board approves the yearly budget and applications.
Frequently Asked QuestionsWho are the founders of TDL?Gemalto, Microsoft, Nokia and Philips took the initiative for TDL and signed a consortium agreement in 2009.Can I participate in TDL without becoming a member?This is possible as long as the European commission financially support TDL and you must be prepared to exchange relevant knowledge. You must apply for an observer role and accept the policies and procedures.Can I use all information of TDL without limitation ?All parties that participate in TDL have to accept the rules for using information. The principle is that parties are free to use the information that is shared between parties.What type of parties are member of TDL?Members of TDL are ICT industry parties; knowledge institutes; trade associations; law firms.Are the results of TDL becoming public?TDL has a procedure for publishing results. The vision and Strategic Research Agenda will be made publicWho should I contact to become a member?TDLoffice@bicore.nl More frequently asked questions can be found on the website www.trustindigitallife.eu