This document provides an overview of the TRUSTLESS project, which aims to develop a complete computing platform and ecosystem for critical dual-use communications that provides unprecedented privacy and security. It will be based on existing open-source components and utilize a new thin handheld device. Key aspects include extremely open and verified hardware and software, citizen oversight of critical processes, and certification by an independent body according to strict paradigms. The project involves several core partners that are leaders in fields like secure processors, microkernels, cryptography, and hardware assurance.
Lightweight Distributed Attack Detection and Prevention for the Safe Internet...Vladimir Eliseev
The paper investigates the causes of widespread use by cybercriminals of the Internet of Things for organizing distributed network attacks including DDoS and other illegal use. An analysis of existing approaches and technologies for protecting network computer devices is presented, as well as the main factors that prevent their use in the world of Internet of Things. An original approach is suggested that ensures the integration of lightweight protective mechanisms directly into the construction of Smart Things with the defense on the side of a telecom operator. Variants of technology implementation are considered. Key aspects and potential ways of implementation of the proposed approach are noted. Advantages and disadvantages are discussed.
Lightweight Distributed Attack Detection and Prevention for the Safe Internet...Vladimir Eliseev
The paper investigates the causes of widespread use by cybercriminals of the Internet of Things for organizing distributed network attacks including DDoS and other illegal use. An analysis of existing approaches and technologies for protecting network computer devices is presented, as well as the main factors that prevent their use in the world of Internet of Things. An original approach is suggested that ensures the integration of lightweight protective mechanisms directly into the construction of Smart Things with the defense on the side of a telecom operator. Variants of technology implementation are considered. Key aspects and potential ways of implementation of the proposed approach are noted. Advantages and disadvantages are discussed.
The Next Generation Cognitive Security Operations Center: Network Flow Forens...Konstantinos Demertzis
A Security Operations Center (SOC) can be defined as an organized and highly skilled team that uses advanced computer forensics tools to prevent, detect and respond to cybersecurity incidents of an organization. The fundamental aspects of an effective SOC is related to the ability to examine and analyze the vast number of data flows and to correlate several other types of events from a cybersecurity perception. The supervision and categorization of network flow is an essential process not only for the scheduling, management, and regulation of the network’s services, but also for attacks identification and for the consequent forensics’ investigations. A serious potential disadvantage of the traditional software solutions used today for computer network monitoring, and specifically for the instances of effective categorization of the encrypted or obfuscated network flow, which enforces the rebuilding of messages packets in sophisticated underlying protocols, is the requirements of computational resources. In addition, an additional significant inability of these software packages is they create high false positive rates because they are deprived of accurate predicting mechanisms.
For all the reasons above, in most cases, the traditional software fails completely to recognize unidentified vulnerabilities and zero-day exploitations. This paper proposes a novel intelligence driven Network Flow Forensics Framework (NF3) which uses low utilization of computing power and resources, for the Next Generation Cognitive Computing SOC (NGC2SOC) that rely solely on advanced fully automated intelligence methods. It is an effective and accurate Ensemble Machine Learning forensics tool to Network Traffic Analysis, Demystification of Malware Traffic and Encrypted Traffic Identification.
Cyber Threat Intelligence - La rilevanza del dato per il businessFrancesco Faenzi
Scenario delle Cyber Threat
Cyber Threat Intelligence
CTI come fase della Cyber Defense
Intelligence & Cleverness
"In real life"
Rilevanza della CTI per il Business
Punti di attenzione per il CISO in un CTI Program
Cyber threat Intelligence and Incident Response by:-Sandeep SinghOWASP Delhi
The broad list of topics include (but not limited to):
- What is Threat Intelligence?
- Type of Threat Intelligence?
- Intelligence Lifecycle
- Threat Intelligence - Classification & Vendor Landscape
- Threat Intelligence Standards (STIX, TAXII, etc.)
- Open Source Threat Intel Tools
- Incident Response
- Role of Threat Intel in Incident Response
- Bonus Agenda
Recently, NTT published the Global Threat Intelligence Report 2016 (GTIR). This year’s report focused both on the changes in threat trends and on how security organizations around the world can use the kill chain to help defend the enterprise.
Turning threat intelligence data from multiple sources into actionable, contextual information is a challenge faced by many organizations today. The Global Threat Intelligence Platform provides increased efficiency, reduces risks and focuses on global coverage with accurate and up-to-date threat intelligence.
This presentation was given at Carnegie Mellon University by Kenji Takahashi, VP of Product Management, Security at NTT Innovation Institute.
Threat Intelligence Data Collection & AcquisitionEC-Council
In this slideshare, we’ll discuss threat data collection and methods. To discover more about threat intelligence, visit: www.eccouncil.org/cyber-threat-intelligence
As technology and software become more and more important to Portuguese society, it is time for Portugal to take them more seriously, and become a real player in that world.
The Internet of Things (IoT) is thriving network of smart objects where one physical object can exchange information with another physical object. In today’s Internet of Things (IoT) the interest is the concealment and security of data in a network. The obtrusion into Internet of Things (IoT) exposes the extent with which the internet of things is vulnerable to attacks and how such attack can be detected to prevent extreme damage. It emphasises on threats, vulnerability, attacks and possible methods of detecting intruders to stop the system from further destruction, this paper proposes a way out of the impending security situation of Internet of things using IPV6 Low -power wireless personal Area Network.
John Yessis is a sales director at EUS Networks. John Yessis is a professional in the telecom field. John Yessis specializes in providing Voice over IP (VoIP) systems and cloud technologies.
Intense and wide workshop on major voice encryption technologies for private, business, military, public safety and internet.
Strong review of wiretapping technical and political context.
IOT Security. Internet of Things impact is everywhere from your bedroom to office. Everyone should be aware about iot security to run it without any hassle and security risk.
Why you should take IOT security training course ?
Learn about risks of unsecured enterprise and home IoT devices connecting to the Internet and able to share the information they generate.
Iot security training covers these topics :
Device and platform vulnerabilities,
Authentication and authorization,
Web interface and software,
Transport encryption,
Management issues,
Privacy and security enhancements and other iot issues
Iot and security risks :
Most serious IoT security risks involve software. Software attacks can exploit entire systems, steal information, alter data, deny service and compromise or damage devices.
In a phishing attack, for example, Attackers also use malware, such as viruses, worms and Trojans, to damage or delete data, steal information, monitor users and disrupt key system functions.
Learn about:
IoT Principles
Principles of IoT Security
IoT Attack Areas
IoT Vulnerabilities
IoT Firmware Analysis
IoT Software Weaknesses
IoT Security Verification, Validation
Assessing IoT devices attack surfaces
Evaluation of IoT device firmware analysis, attack surface, vulnerabilities and exploiting the vulnerabilities
Request more information.
Visit tonex.com for iot security training course and workshop detail.
https://www.tonex.com/training-courses/iot-security-training-iot-security-awareness/
Cyber Threat Intelligence - It's not just about the feedsIain Dickson
Presented at BSides Perth 2019
Synopsis:
Although the practice of collecting and using intelligence has been studied and conducted by governments and the military for centuries, it’s relative application to Cyber Security has only recently been highlighted. This area of infosec has been termed Cyber Threat Intelligence, where the marriage of traditional intelligence techniques and analysis with deep technical understanding within the Cyber domain are used to predict future actions by threats through long term analysis and modelling. This approach is then used to support both proactive and reactive cyber security actions, from incident response to penetration testing. This presentation focuses on threat intelligence from a practical data perspective, moving away from just the commercial concept of threat intelligence feeds (although these form one part of the equation). This presentation will approach threat intelligence from an analysts perspective of what questions needs to be answered to effectively investigate an incident, using the Diamond Model and Cyber Kill Chain as framing devices. These questions will then lead to examples of the data that can be used to answer these questions. Although traditionally data collection has focused on external cyber information, more often than not however, it’s actions outside of those seen within an organisations network, or even outside cyberspace that can provide context to the actions a threat takes. Finally, we provide a number of use cases on which the results of threat intelligence processes can be applied within a Security Operations Centre, including Incident Response as well as traditional Penetration Testing and Red Teaming.
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)mike parks
Work-in-Progress!
IoT Cyber+Physical+Social Security
An encyclopedic compendium of tools, techniques, and practices to defend systems that sit at the intersection of the cyber and physical domains; chiefly building automation systems and the Internet of Things.
Intrusion detection and anomaly detection system using sequential pattern miningeSAT Journals
Abstract
Nowadays the security methods from password protected access up to firewalls which are used to secure the data as well as the networks from attackers. Several times these types of security methods are not enough to protect data. We can consider the use of Intrusion Detection Systems (IDS) is the one way to secure the data on critical systems. Most of the research work is going on the effectiveness and exactness of the intrusion detection, but these attempts are for the detection of the intrusions at the operating system and network level only. It is unable to detect the unexpected behavior of systems due to malicious transactions in databases. The method used for spotting any interferes on the information in the form of database known as database intrusion detection. It relies on enlisting the execution of a transaction. After that, if the recognized pattern is aside from those regular patterns actual is considered as an intrusion. But the identified problem with this process is that the accuracy algorithm which is used may not identify entire patterns. This type of challenges can affect in two ways. 1) Missing of the database with regular patterns. 2) The detection process neglects some new patterns. Therefore we proposed sequential data mining method by using new Modified Apriori Algorithm. The algorithm upturns the accurateness and rate of pattern detection by the process. The Apriori algorithm with modifications is used in the proposed model.
Keywords — Anomaly Detection, Modified Apriori Algorithm, Misuse detection, Sequential Pattern Mining
The Next Generation Cognitive Security Operations Center: Network Flow Forens...Konstantinos Demertzis
A Security Operations Center (SOC) can be defined as an organized and highly skilled team that uses advanced computer forensics tools to prevent, detect and respond to cybersecurity incidents of an organization. The fundamental aspects of an effective SOC is related to the ability to examine and analyze the vast number of data flows and to correlate several other types of events from a cybersecurity perception. The supervision and categorization of network flow is an essential process not only for the scheduling, management, and regulation of the network’s services, but also for attacks identification and for the consequent forensics’ investigations. A serious potential disadvantage of the traditional software solutions used today for computer network monitoring, and specifically for the instances of effective categorization of the encrypted or obfuscated network flow, which enforces the rebuilding of messages packets in sophisticated underlying protocols, is the requirements of computational resources. In addition, an additional significant inability of these software packages is they create high false positive rates because they are deprived of accurate predicting mechanisms.
For all the reasons above, in most cases, the traditional software fails completely to recognize unidentified vulnerabilities and zero-day exploitations. This paper proposes a novel intelligence driven Network Flow Forensics Framework (NF3) which uses low utilization of computing power and resources, for the Next Generation Cognitive Computing SOC (NGC2SOC) that rely solely on advanced fully automated intelligence methods. It is an effective and accurate Ensemble Machine Learning forensics tool to Network Traffic Analysis, Demystification of Malware Traffic and Encrypted Traffic Identification.
Cyber Threat Intelligence - La rilevanza del dato per il businessFrancesco Faenzi
Scenario delle Cyber Threat
Cyber Threat Intelligence
CTI come fase della Cyber Defense
Intelligence & Cleverness
"In real life"
Rilevanza della CTI per il Business
Punti di attenzione per il CISO in un CTI Program
Cyber threat Intelligence and Incident Response by:-Sandeep SinghOWASP Delhi
The broad list of topics include (but not limited to):
- What is Threat Intelligence?
- Type of Threat Intelligence?
- Intelligence Lifecycle
- Threat Intelligence - Classification & Vendor Landscape
- Threat Intelligence Standards (STIX, TAXII, etc.)
- Open Source Threat Intel Tools
- Incident Response
- Role of Threat Intel in Incident Response
- Bonus Agenda
Recently, NTT published the Global Threat Intelligence Report 2016 (GTIR). This year’s report focused both on the changes in threat trends and on how security organizations around the world can use the kill chain to help defend the enterprise.
Turning threat intelligence data from multiple sources into actionable, contextual information is a challenge faced by many organizations today. The Global Threat Intelligence Platform provides increased efficiency, reduces risks and focuses on global coverage with accurate and up-to-date threat intelligence.
This presentation was given at Carnegie Mellon University by Kenji Takahashi, VP of Product Management, Security at NTT Innovation Institute.
Threat Intelligence Data Collection & AcquisitionEC-Council
In this slideshare, we’ll discuss threat data collection and methods. To discover more about threat intelligence, visit: www.eccouncil.org/cyber-threat-intelligence
As technology and software become more and more important to Portuguese society, it is time for Portugal to take them more seriously, and become a real player in that world.
The Internet of Things (IoT) is thriving network of smart objects where one physical object can exchange information with another physical object. In today’s Internet of Things (IoT) the interest is the concealment and security of data in a network. The obtrusion into Internet of Things (IoT) exposes the extent with which the internet of things is vulnerable to attacks and how such attack can be detected to prevent extreme damage. It emphasises on threats, vulnerability, attacks and possible methods of detecting intruders to stop the system from further destruction, this paper proposes a way out of the impending security situation of Internet of things using IPV6 Low -power wireless personal Area Network.
John Yessis is a sales director at EUS Networks. John Yessis is a professional in the telecom field. John Yessis specializes in providing Voice over IP (VoIP) systems and cloud technologies.
Intense and wide workshop on major voice encryption technologies for private, business, military, public safety and internet.
Strong review of wiretapping technical and political context.
IOT Security. Internet of Things impact is everywhere from your bedroom to office. Everyone should be aware about iot security to run it without any hassle and security risk.
Why you should take IOT security training course ?
Learn about risks of unsecured enterprise and home IoT devices connecting to the Internet and able to share the information they generate.
Iot security training covers these topics :
Device and platform vulnerabilities,
Authentication and authorization,
Web interface and software,
Transport encryption,
Management issues,
Privacy and security enhancements and other iot issues
Iot and security risks :
Most serious IoT security risks involve software. Software attacks can exploit entire systems, steal information, alter data, deny service and compromise or damage devices.
In a phishing attack, for example, Attackers also use malware, such as viruses, worms and Trojans, to damage or delete data, steal information, monitor users and disrupt key system functions.
Learn about:
IoT Principles
Principles of IoT Security
IoT Attack Areas
IoT Vulnerabilities
IoT Firmware Analysis
IoT Software Weaknesses
IoT Security Verification, Validation
Assessing IoT devices attack surfaces
Evaluation of IoT device firmware analysis, attack surface, vulnerabilities and exploiting the vulnerabilities
Request more information.
Visit tonex.com for iot security training course and workshop detail.
https://www.tonex.com/training-courses/iot-security-training-iot-security-awareness/
Cyber Threat Intelligence - It's not just about the feedsIain Dickson
Presented at BSides Perth 2019
Synopsis:
Although the practice of collecting and using intelligence has been studied and conducted by governments and the military for centuries, it’s relative application to Cyber Security has only recently been highlighted. This area of infosec has been termed Cyber Threat Intelligence, where the marriage of traditional intelligence techniques and analysis with deep technical understanding within the Cyber domain are used to predict future actions by threats through long term analysis and modelling. This approach is then used to support both proactive and reactive cyber security actions, from incident response to penetration testing. This presentation focuses on threat intelligence from a practical data perspective, moving away from just the commercial concept of threat intelligence feeds (although these form one part of the equation). This presentation will approach threat intelligence from an analysts perspective of what questions needs to be answered to effectively investigate an incident, using the Diamond Model and Cyber Kill Chain as framing devices. These questions will then lead to examples of the data that can be used to answer these questions. Although traditionally data collection has focused on external cyber information, more often than not however, it’s actions outside of those seen within an organisations network, or even outside cyberspace that can provide context to the actions a threat takes. Finally, we provide a number of use cases on which the results of threat intelligence processes can be applied within a Security Operations Centre, including Incident Response as well as traditional Penetration Testing and Red Teaming.
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)mike parks
Work-in-Progress!
IoT Cyber+Physical+Social Security
An encyclopedic compendium of tools, techniques, and practices to defend systems that sit at the intersection of the cyber and physical domains; chiefly building automation systems and the Internet of Things.
Intrusion detection and anomaly detection system using sequential pattern miningeSAT Journals
Abstract
Nowadays the security methods from password protected access up to firewalls which are used to secure the data as well as the networks from attackers. Several times these types of security methods are not enough to protect data. We can consider the use of Intrusion Detection Systems (IDS) is the one way to secure the data on critical systems. Most of the research work is going on the effectiveness and exactness of the intrusion detection, but these attempts are for the detection of the intrusions at the operating system and network level only. It is unable to detect the unexpected behavior of systems due to malicious transactions in databases. The method used for spotting any interferes on the information in the form of database known as database intrusion detection. It relies on enlisting the execution of a transaction. After that, if the recognized pattern is aside from those regular patterns actual is considered as an intrusion. But the identified problem with this process is that the accuracy algorithm which is used may not identify entire patterns. This type of challenges can affect in two ways. 1) Missing of the database with regular patterns. 2) The detection process neglects some new patterns. Therefore we proposed sequential data mining method by using new Modified Apriori Algorithm. The algorithm upturns the accurateness and rate of pattern detection by the process. The Apriori algorithm with modifications is used in the proposed model.
Keywords — Anomaly Detection, Modified Apriori Algorithm, Misuse detection, Sequential Pattern Mining
White Paper: IoT Security – Protecting the Networked SocietyEricsson
The Internet of Things (IoT) is expanding rapidly, and is expected to comprise 18 billion connected devices by 2022. But the assumptions of trust which formed the backdrop to the early development of the internet no longer apply in the early stages of IoT development. Privacy and security concerns are ever increasing, especially given the growing significance of IoT in corporate, government, and critical infrastructure contexts. Likewise, the commodification of IoT components incorporated across diverse product ranges and deployed in both managed and unmanaged use cases brings significant security challenges and creates potential for novel types of attack. The proactive cooperation of all key stakeholders will be necessary to realize the considerable economic benefits of the IoT, while protecting security, safety, and privacy.
Inria - Cybersecurity: current challenges and Inria’s research directionsInria
Inria white books look at major current challenges in informatics and mathematics and show actions conducted by our project-teams to these challenges. Their goal is to describe the state-of-the-art of a given topic, showing its complexity, and to present existing, as well as emerging, research directions and their expected societal impact. This white book has been edited by Steve Kremer, Ludovic Mé, Didier Rémy and Vincent Roca. They coordinated the contributions from researchers of Inria teams (the complete list of contributors is given at the end of the book). Many thanks to Janet Bertot for proof-reading this document, as well as to François Pottier, Gabriel Scherrer, and Benjamin Smith who read parts of it.
Publication date: January 2019
At ITASEC17, the first italian conference on Cyber Security, Giorgio Mosca, Strategy and Technology Director of Leonardo's Security & Information Systems Division presented the company's approach to the cyber business
2013 Italian Report on Cyber Security - Critical Infrastructure and other sen...AmmLibera AL
RAPPORTO 2013 SULLA CYBER SECURITY
Il rapporto, realizzato dal Centro di ricerca per la Cyber intelligence and information security (CIS) della Sapienza, analizza lo stato della protezione delle infrastrutture critiche nazionali e dei settori economici sensibili da attacchi cibernetici. Si tratta di un tema di particolare rilevanza in questo momento storico, alla luce delle diverse vicende internazionali che hanno riguardato fughe di dati, intrusioni informatiche e intercettazioni del traffico internet, quali recentemente il caso Snowden e le attività realizzate dalla NSA americana.
The technology media and telecommunications (TMT) industry is a highly visible industry vertical where remaining competitive and building a recognizable brand typically requires a significant digital footprint. Exposure to the masses through websites, social media, and advertising to drive sales takes precedence as businesses attempt to grow customers and revenue. However, this often comes with increased risk posed by vulnerabilities, misconfigurations, and externally facing infrastructure that remains overlooked and under-prioritized. The dynamic and fast-moving market in which TMT companies must innovate and adapt within often leaves security as an after-thought.
Indian Market for Video Surveillance and Electronic SecurityNeil Dave
This presentation sheds light on some of the key trends witnessed across the video surveillance and electronic security market in India and mentions some of the top end-user infrastructure development segments which are expected to provide sales opportunities for security providers.
We are building a mass-market 2mm-thin handheld and a TV-connected boxthat, jointly, radically exceed state-of-the art in (A) the privacy and security of your communications, and (B) in the choice of content and quality of experience of your home entertainment.
2.Cellular Networks_The final stage of connectivity is achieved by segmenting...JeyaPerumal1
A cellular network, frequently referred to as a mobile network, is a type of communication system that enables wireless communication between mobile devices. The final stage of connectivity is achieved by segmenting the comprehensive service area into several compact zones, each called a cell.
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfFlorence Consulting
Quattordicesimo Meetup di Milano, tenutosi a Milano il 23 Maggio 2024 dalle ore 17:00 alle ore 18:30 in presenza e da remoto.
Abbiamo parlato di come Axpo Italia S.p.A. ha ridotto il technical debt migrando le proprie APIs da Mule 3.9 a Mule 4.4 passando anche da on-premises a CloudHub 1.0.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
1. TRUSTLESS
Trustless socio-technical systems for trustworthy
dual-use critical computing
This slides:
www.openmediacluster.com/EDA-11-2015
Proposal web page:
(with exec. summary & 34-pager proposal draft):
www.openmediacluster.com/trustless-extended-rd-proposal-to-ecsel-2016/
Contacts:
Rufo Guerreschi, Exec. Dir. Open Media Cluster
rg@openmediacluster.com
+393357545620
Intro slides to a TRUSTLESS-based
TRUSTLESS Extended & Dual-use R&D Proposal
to ECSEL 2016, Italian PNRM, and H2020
2. About Us: Open Media Cluster
● What: A micro non-profit R&D/innovation center in Rome, Italy, pursuing leading--
edge R&D on dual-use privacy- and security--enhancing ICT technologies for civilian
and dual-use markets.
● Single Focus: Together with uniquely-qualified global R&D partners and advisors,
attract R&D funding on the TRUSTLESS R&D project, and promote a related
certification body through a global event series, Free and Safe in Cyberspace.
● Expertise: Outcome of 15 years of expertise in e-voting, e-participation, free
software, and bleeding-edge privacy-enhancing technologies and solutions, through
NGO and SME work of exec. dir. and leading staff. World-class advisory boards.
● Mission: Enabling unprecedented and constitutionally-meaningful e-privacy for all,
while increasing public safety.
● History: Established in May 2011, to provide the core innovation center and R&D
project to provide industrial critical mass of the Open Media Park, a planned 47,000
sq.mts.140M€ ICT/media media/ICT park in Rome, Italy.
2
3. About Us: Open Media Cluster
● What. A micro non-profit R&D/innovation center in Rome, Italy, pursuing leading--
edge R&D on dual-use privacy- and security--enhancing ICT technologies for civilian
and dual-use markets
● Mission. Enabling unprecedented and constitutionally-meaningful e-privacy for all,
while increasing public safety.
● Expertise. 15 years of expertise in e-voting, e-participation, free software, and
bleeding-edge privacy-enhancing technologies and solutions.
● Focus. Attract R&D funding and world-wide consensus on the TRUSTLESS R&D
project and certification initiative, with uniquely-qualified global partners and
advisors, as the epitome of over 15 years of research.
● History. Established in May 2011, as the core innovation center to provide industrial
critical mass of the Open Media Park, a planned 47,000 sq.mts.140M€ ICT/media
tech park in Rome, Italy.
3
Open Media Cluster Center
A planned geolocated open media &
IT security with 7.000sq.mts and 12
partners, slated for 2018-2020
4. ● Aim: Develop, from existing open components, a complete computing platform,
ecosystem & certification body for critical dual-use IT communications, that provide
unprecedented and constitutionally-meaningful levels of information assurance,
while overall substantially increasing public safety.(based on the TRUSTLESS)
● How: Kick-start an extremely open and resilient ecosystem, a certification body,
and a complete critical SW/HW stack for an end-2-end computing platform, for
basic voice & text communications, that is devoid of the need or assumption of trust
in anyone or anything - except in the intrinsic resilience of all socio-technical
organizational processes critically involved in the entire lifecycle (from standards
setting to fabrication oversight) against decisive attacks of up to tens of M€s, as
assessable by an informed and moderately educated citizen.
● Key & unique concepts: (1) Complete verifiability, extreme compartmentation and
minimization and sufficiently extreme verification relative to complexity of all critical
HW&SW; (2) Citizen/peer-witness oversight of all critical service components,
including ICs fabrication, and server-room access, including for lawful access
requests; (3) Expert and user-accountable certification governance.
● Target Military Uses: Initially targeted to the most critical defensive and targeted-
offensive communications, it is extensible to high-availability dual-use IoT, M2M, and
semi-autonomous systems, and wide-scale consumer roll out.
● Overcoming Privacy/Safety Dichotomy & Reaching Critical Mass: TRUSTLESS
provides unique extreme safeguards for transparently reconciling lawful access and
personal confidentiality, which is crucial for legal sustainability of a critical mass of
dual-use investments for create a EU-domestic “trustworthy computing base”. 4
TRUSTLESS Extended & Dual Use
6. High-assurance IT Security Today
● While unbreakable encryption is everywhere, nearly
everything is scalably broken, mostly at birth
○ All or nearly all endpoints, both ordinary commercial systems and high-
trustworthiness IT systems, are broken beyond point of encryption, and
scalably exploitable by powerful nations and an undefined by relatively large
number of other mid- or high-level threat actors.
○ TOR is broken - except for very expert and selective uses - because of attacks
through traffic analysis, endpoints and/or other techniques by APTs.
○ If so broken, Why no news military hack?! Often because that’s a state secret
or because the whole point of advanced APTs is to stay undetected for years to
snoop and alter data at leisure.
● State-mandated and state-sanctioned backdoors are nearly
everywhere
○ Critical vulnerabilities, that make nearly everything broken, are nearly always
either state-mandated or state-sanctioned backdoors, because a few states
have either created, acquired or discovered them, while keeping that
knowledge hidden, legally or illegally.
○ A few states have all the tools they need to pursue criminals with due legal
process, except very few the most skilled and well-financed actors with access
to top techs and/ir top OpSec (digital and non-digital) such as top criminals,
billionaires, or highest state security officials. A huge asymmetry of power and
information superiority, that is self-reinforcing with incalculable consequences.
6
7. Military Cyber-Offence - Gaps
Needs: In an era of asymmetric and hybrid threats, and increasingly vulnerable critical IT
systems, information superiority is nearly everything.
Gaps:
1. Information sharing is hampered by lack of trust among among EU states, and
NATO members, in turn due to lack of inadequate socio-technical standards and
safeguards, against abuse of national or international laws and treaties. (Safe Harbor)
2. Reconnaissance and situational awareness systems are increasingly ineffective, as
more and more threats are: asymmetric; within our borders; or, outside borders, but
without troops on the ground or access to airspace. (Siria)
3. Bulk surveillance systems are increasingly proven ineffective; hard to turn into leads;
and increasingly prone to internal and external abuse (OPM hack, Snowden)
4. Endpoint surveillance systems have the side effect of:
a. increasing the vulnerability of our critical civilian and military assets, by the
spreading critical 0-days and management infrastructure (see Hacking Team);
b. being increasingly vulnerable to external and internal actors, because of the
insufficient audit relative to complexity of underlying low-level SW/HW and
lifecycle of the management infrastructure (see Inslaw’s Promis);
c. (and, therefore) are gravely increasing risks of privacy abuse and legal and
constitutional challenges, to their use abroad & at home. (Snowden, Safe
Harbor)
Solution: Re-center Information superiority on high complementarity of human intelligence
and a new generation of targeted surveillance socio-technical systems with intrinsic
democratic accountability, user-trustworthiness and effectiveness.
7
8. Military Cyber-Defense Gaps
● Nearly everything is broken. Nearly all highest-assurance military command IT
systems and standards can be rendered remotely and undetectably compromisable
by a large number actors, through the hacking, bribing or threatening of just one
person (or 2 rarely) in a critical role in its lifecycle or operation. No public or
“trustworthy independent” audit of “trusted” parts and/or are vulnerable to malware
in SW&HW stacks between the user’s interaction and the “trusted” components.
● Risks are increasingly beyond point of encryption and network nodes, through
endpoint lifecycle compromisation, via “memory-resident or fileless malware” sasy
Kaspersky
● Lack of trustworthy low-level computing base & life-cycle. EU MoDs and critical
civilian institutions lack access to end-2-end IT services and systems that are
independently and publicly verifiable and/or with critical HW components and
fabrication processes that are sufficiently verified relative to complexity, as well as
comprehensive and user-trustworthy high-assurance IT standards and certifications.
Such lack is most crucial in dual-use strategic communications where complete
compromisation can go undetected for years. US Defense Science Board: “Trust
cannot be added to integrated circuits after fabrications”.
● Consequences: Use of inadequate Intelligence and command IT systems exposes
EU and EU Member States military, institutions, citizens and assets to undetected
abuse by hostile or competing nations, and an increasing number of private actors.
● Root Causes: (a) Competitive pressures for increased performance in civilian IT
markets, (b) Protection of intellectual property and against vulnerability disclosure; 8
9. Some recent news on these Gaps
● Reuters said "A [US] presidential review committee concluded the [bulk]
surveillance regime did not lead to a single clear counter terrorism breakthrough that
could be directly attributed to the program”
● EU counter-terrorism coordinator said (min21.10): “Shared privacy safeguards is
a precondition to share terrorism intelligence data”
● On Nov 17th, the NATO Secretary General said: “It is essential that we work
together in several areas: improving our situational awareness, civil preparedness
and resilience, cyber defence, strategic communications, and joint training and
exercises”.**
● On the same day, Head of EDA and EEAS, Ms Mogherini, said “Military research
has reduced by over ⅓ over last few years. R&D is crucial … EDA allows MS to
acquire together what is out of reach individually”. “EDA support dual-use
technologies and the preparatory actions for CSDP-related research. The
preparatory actions will be a game changer, the 1st time that the EU budget is used
to fund defence research”.
● Italian Prime Minister Renzi recently said: “In respect of privacy, We’ll invest
additional 150M€ in cybersecurity”, outside EU spending caps. Many MS will follow.
● Italian Justice Minister Orlando recently said: “We need new, more advanced
endpoint surveillance”
9
10. TRUSTLESS Binding Paradigms
Certified TRUSTLESS computing services, devices, lifecycles and the certification body
would comply with the TRUSTLESS Binding Paradigms (here in full version)
1. assumes that extremely-skilled attackers are willing to devote even tens of millions
of Euros to compromise the supply chain or lifecycle, through legal and illegal
subversion of all kinds, including economic pressures.
2. provides extremely user-accountable and technically-proficient oversight of all
hardware, software and organizational processes critically involved in the entire
lifecycle and supply chains;
3. provides extreme levels of auditing intensity relative to system complexity, for all
critical components; and includes only publicly verifiable components, and strongly
minimizes use of non-Free/Open-source software and firmware.
4. includes only open innovations with clear and low long-term royalties (<15% of
end-user cost) from patent and licensing fees, to prevent undue intellectual property
right holders’ pressures, lock-ins, patent vetoes and ensure low-cost;
5. includes only highly-redundant hardware and/or software cryptosystems, whose
protocols, algorithms and implementations are open, long-standing, extensively-
verified and endorsed, and with significant and scalable post-quantum resistance
levels.
6. Is continuously certified by an extremely technically-proficient and user-
accountable independent standard/certification body.
10
11. Enabling Arch. & Client form-factor
● The technical architecture, from existing open components, is based on a
300Mhz CPU-based hardware platform which will have power-
consumption and form-factor that make it suitable for a new 2.0-2.5mm--
thin handheld end--user device class (or CivicPod) - integrated in or
“attached” to any user's ordinary smartphone, and interfaceable a user’s
desktop monitor - as well as for server, onion routing mid-points and
M2M/IoT devices,- albeit initially with minimal feature and performance.
● In a single highly-portable device, it integrates the features of a display
smart-card, a simple handheld device, a smart-card reader, and a
barebones desktop PC. Smartphones, now often 4.75-6.5mm thin, are
getting too thin to handle, creating a radical portability opportunity.
11
13. Service Architecture (1/2)
● CivicPod. A dedicated 2.0-2.5mm-thin touch-screen handheld device,
which used attached to the back of any user's mobile phone via a
smartphone hard case. Its backface exposes an external smart-card
reader, which can be used an alternative hard case that adds a 0.7mm slot
for non-RF CivicCards (or smartcards) to use for in EU border points,
multiple users, CivicKiosks at public offices; downward-compatibility and
interoperability eIDAS and EU/NATO SECRET.
● CivicDongle. Each CivicPod user will optionally receive, at cost, a paired
cheap TV-connected Wifi-enabled HDMI-Dongle (or CivicDongle) with
capability to act as secure onion routing node in order to create a network
of thousands (exit, relay, directory) to ensure metadata privacy, most likely
as a “private extension” of the Tor network.
13
14. Service Architecture (2/2)
● CivicLab & CivicRoom. CivicDevices are all assembled, verified, flashed,
and transferred to their users in dedicated custom--built street--facing lab
(or CivicLab), that contains a server room (or CivicRoom), where all
privacy--sensitive services, if offered, must be hosted, whose access
requires 5 randomly-selected peer--witnesses and dedicated servers (or
CivicServers).
● CivicFab. Fabrication and design of all critical hardware components will
be subject to citizen-witness-based oversight processes (or CivicFab) that
will substantially exceed in end--user- trustworthiness those of NSA
Trusted Foundry Program, at substantially lower costs. After a short initial
exclusivity for a post--R&D TRUSTLESS Consortium, TRUSTLESS
services can be extended and commercialized by any willing service
provider (or CivicProviders).
● TRUSTLESS Certification Body. Providers are continuously verified by a
to--be--established dedicated certification organization, according to
TRUSTLESS Paradigms and TRUSTLESS Specifications, updated by the
same.
14
16. TRUSTLESS Core Partners (1/2)
• Lfoundry. (Italy) Leading EU-located and EU-owned foundry with a 200mm plant, with
over 1700 staff, 110nm-capable, and with capacity of 40,000 wafers per month. The
only independent and economically-viable EU foundry with in the 60nm and 160nm
capabilities, suitable for high-assurance low-performance general-purpose end-user
computing. Historical expertise in high-assurance critical hardware components
production. EAL5+ certification for smart cards production is in progress.
• Kryptus (Brazil) Developed the first secure general-purpose CPU microprocessor in
the southern hemisphere, the SCuP, which uniquely provides open and verifiable
designs and FLOSS microcode; at the core of TRUSTLESS HW architecture.
Designed the 400.000 voting machines of Brazil, fighter-to-fighter communications
systems, and the HSM of core Root CA of the main Brazilian PKI.
• KernKonzept (Germany). Developers of the World’s most mature Free/Open Source
microkernel and runtime environment for high-assurance ICT, the L4Re. Deployed
globally by major Telcos and publicly audited for over 8 years.
• KU Leuven COSIC. (Belgium) Research group COSIC (Computer Security and
Industrial Cryptography) World leading expertise in digital security and strives for
innovative security solutions, in a broad range of application domains. It is lead by
Prof. Bart Preneel, President of the International Association for Cryptologic Research,
arguably EU foremost IT security expert
16
17. TRUSTLESS Core Partners (2/2)
● GSMK Cryptophone. (Germany) For over a decade the only publicly available
cryptophone maker with the full software stack publicly verifiable. Used by diplomats,
top executives and investigative journalists, including Laura Poitras and Glenn
Greenwald, the filmmaker and journalist primarily delegated by Edward Snowden with
the publishing of his revelations. Their CTO is spokesperson of Chaos Computer Club,
main EU hacker NGO.
● SCYTL Secure Electronic Voting S.A. (Spain) Global leader in e--voting and high--
assurance remote deliberation technologies. Present in over 20 countries. Has
pioneered innovative cryptographic techniques and socio-technical processes.
● Center for Cyber Intelligence and Information Security (Italy) The leading state
cyber-security academic research center in Italy, with ties with state security agencies.
● American Mini Foundry. (USA) US leader in highest_assurance IC foundry oversight).
World-class competencies in hardware fabrication assurance processes. Among the
team members that will be involved is their President Scadden, and Gerry Etzold,
Former Technical Director of NSA Trusted Access Program (2008-2009).
● Goethe University – DT Chair for Mobile Business and Multilateral Security
(Germany). Leads in research on privacy and security in mobile networks, and related
social and economical aspects. Lead: ABC4trsut, TresPass, PrivacyOS. Chair is Prof.
Rannenberg, member of NIS Platform for individual rights.
● ROtechnology. High-availability dual-use IoT systems.
● Security Brokers. Targeted lawful access and state-grade 0-days.
● ReaQta. Targeted lawful access and deep endpoint defence.
17
18. EU Institutions support to date
● On last Dec 2nd, we presented a 30 minute keynote at the “Cyber Defense Industry Day”,
organized by the EDA Project Team Cyber Defence (draft agenda .doc).
● On Oct 1st, we’ve met for 4 hours the head of the 2° Office of the Technological Innovation
Department of the Secretariat General of the Italian MoD C.V. Cappelletti, and 2 of his team
(C.V. Galasso and Ten.Col. Roggi), which handles R&D projects from TRL2-6 and EDA.
● On Sept 30th, we have submitted a 4M€ R&D proposal to H2020 FET-Open RIA with our
core technical partners.
● On Sept 24-25th in Brussels, we held the first event of the global event series Free and Safe
in Cyberspace, with world-class speakers including EDPS, ECSEL, DG Connect Trust and
Security Unit, EIT Digital Privacy Security and Trust Action Line, Richard Stallman, Bruce
Schneier, Bart Preneel, and EDA Head of Information Superiority, Michael Sieber. A LatAm
Edition was held in Oct 2015 in Iguazu, Brazil. A North American version is planned for 6/7
2016.
● On Sept 16th, we met for 3 hrs with Capo Reparto (Head) of VI Reparto Sistemi C4I e
Trasformazione of the Italian MoD Adm. Di Biase, and 12 senior officers team, who
manages the entire IT procurement and R&D (TRL7-9) of the Italian MoD.
● On July 3rd, we met extensively Ciocca the Deputy Director of the Italian DIS (Dipartimento
Informazioni per la Sicurezza) to discuss the public safety.
● On June 3rd, EDA Head of Microelectronics, Scheidler invited us to present our project in a
one hour keynote to 22 MoDs at the annual EDA CapTech meeting.
● We’ve been invited to a meeting at Italian Ministry of Economic Development (MISE) with 18
19. Alignment to EU strategies (1/2)
EU Cybersecurity Strategy says:
● “The same laws and norms that apply in other areas of our day-to-day lives apply
also in the cyber domain.Cybersecurity can only be sound and effective if it is based
on fundamental rights and freedoms as enshrined in the Charter of Fundamental
Rights of the European Union and EU core values. Reciprocally, individuals' rights
cannot be secured without safe networks and systems”.
● “.... promote cyberspace as an area of freedom and fundamental rights. Expanding
access to the Internet should advance democratic reform and its promotion
worldwide. Increased global connectivity should not be accompanied by censorship
or mass surveillance.”
● “The need for requirements for transparency, accountability and security is
becoming more and more prominent”.
● “..., as well as possibly establish voluntary EU-wide certification schemes building
on existing schemes in the EU and internationally.”
● “The EU will place a renewed emphasis on dialogue with third countries, with a
special focus on like-minded partners that share EU values.”.
● “There is a risk that Europe not only becomes excessively dependent on ICT
produced elsewhere, but also on security solutions developed outside its frontiers. It
is key to ensure that hardware and software components produced in the EU and
in third countries that are used in critical services and infrastructure and increasingly
in mobile devices are trustworthy, secure and guarantee the protection of personal
data.” 19
20. Alignment to EU strategies (2/2)
● EDA Head of Information Superiority, Michael Sieber, stated (m3.37) at our Free
and Safe in Cyberspace: “Among EU member states, it’s hilarious: they claim digital
sovereignty but they rely mostly on Chinese hardware, on US American software,
and they need a famous Russian to reveal the vulnerabilities"
● EU Cyber Defence Policy Framework states: “The development of strong
technological capacities in Europe to mitigate threats and vulnerabilities is essential.
Industry will remain the primary driver for cyber defence related technology and
innovation. So it will be crucial to maintain close cooperation with the private sector,
.... It is also important to foster an assured and competitive European industrial
cyber security supply chain by supporting the development of a robust European
cybersecurity sector including through involvement with SMEs”. “Contribute to
develop further and adapt public sector cyber security and defence organisational
and technical standards for use in the defence and security sector. Where
necessary, build on the ongoing work of ENISA and EDA”.
● The EU Digital Agenda Commissioner Oettinger recently stated “The debate
about technological sovereignty has arisen out of a realization that freedoms and
values that we cherish in Europe are at risk. There are some who do not respect
privacy of our citizens. Some do not want to play on fair terms with our businesses.
We need to safeguard our values and interests. It is in the interest of all citizens that
we ensure a prosperous and a secure European digital future. That means that we
have to be leaders in these technologies and support international standardization
efforts that ensure high levels of security, proven by certification where necessary.” 20
23. TRUSTLESS & EDA-SoC
TRUSTLESS pursues similar scope and ambitions as EDA SoC
project, except it: (1) Aims initially at communications; (2) Does
not rely on parts, providers or fabrication processes upfront
trusted; (3) Aims at much higher ecosystem resiliency and IP
openness; (4) Has a solid 12-months 3M€ post-R&D go to
market strategy
A TRUSTLESS binding MOU (pdf) signed among its core
technical participants ensures, sustainably in time, the radical
openness of the resulting platform in relation to both the public
verifiability of critical components, low and crystal-clear and low
overall IP royalties, an open competitive ecosystem.
23
24. A. Proposal to ECSEL 2016 (due in May)
a. 50% from ECSEL funds, allocated by the EU Commission
b. 25% from cumulative funding from Ministries of EU Member States where core
TRUSTLESS proposal technical partners are based, i.e. Italy, Germany or Spain:
i. One or 2 ECSEL-participating Ministries (see above)
ii. One to 2 other Ministries, such as Ministry of Defense or Ministry of
Economic Development, that enter in a “participation agreement” with the
ECSEL program. There have been 2 precedents already. (The Italian MIUR
may need to be renounced upfront, because of past delays of 5 years.)
c. 25% from private R&D partners, in terms of resources. Current TRUSTLESS
partners, which cover all the core technological and socio-technical areas.
(optional) additional leading dual-use IT system developer and integrator with a
global presence, from Italy, Germany or Spain.
B. EDA Cat-B proposal, coordinated with ECSEL 2016: Gather 2 EU Ministries of
Defense - among Italy, Germany and/or Spain, related national defense contractors,
TRUSTLESS partners an EDA Cat-B project, same as above. Unlike a typical EDA
Cat-B project (funded typically 50% by at least 2 MoDs and 50% in resources by
private), it will be “jointed” to a ECSEL proposal so that 50% of the costs would be
born by ECSEL EU funds.
C. Horizon 2020 proposals in 2016 and 201017 as per our roadmap.
See details on our funding section on the 34-pager draft proposal,
and on our roadmap webpage.
24
Funding Strategy
25. Prevention of Malevolent Use
● Mitigations at service level. As per binding agreement among TRUSTLESS
R&D participants, all certified TRUSTLESS services must include a voluntary
compliance - in addition of what’s required by law - to lawful access requests.
These request will be evaluated by a citizen-witness process, that is overseen
by an independent certification body,the TRUSTLESS Certification Body, so as
to guarantee the rights of users and the legit needs of the public security
agency.
● Mitigations at the fabrication level. The public availability of all TRUSTLESS
critical SW & HW source designs could enable malevolent users to produce
their own CivicPods for malevolent use. Such threat can be reduced extremely
by the current inability of malevolent states or groups to fully control a suitable
semiconductor foundry. In the rare case in which they may attempt to enter in
suitable agreements with suitable foundries, intelligence work can make sure to
either prevent it or, better, insert vulnerabilities in their fabrication processes to
acquire in the future extremely valuable intelligence.
See details at the Malevolent Use section of the 34-pager Draft Proposal
25
26. Commercial Exploitation
● Short Term (1 yr): Our conceptual business plan predicts the need for only 3-4M€
to enable participants consortium to go-to-market with 13.000 unit sets, catering to
the most critical civilian and military strategic communication, downward compatible
to mainstream military (EU/NATO SECRET) and civilian (eIDAS “high”) standards.
● Short-Medium (2-3 yrs):
○ Civilian: The guaranteed low royalty fees, open ecosystem, and highly-portable
client-side form factor will support deployment in the tens of millions in the
corporate, e-banking, government. The addition of substantial non-security
features (see civicdevices details), and reduction of unit cost at scale to tens of
euros, will support wide scale consumer roll out in the tens of millions.
○ Military: Added support for high-availability scenarios will enable to cater to
such as: critical infrastructure, cyber-physical systems, autonomous and semi-
autonomous IT systems, fixed and moveable, command & control systems for
military missions. Help EU/EDA lead within NATO in the development of a
strategic and emerging niche of foundational IT capabilities.
● Medium-Long term: Derivative of the results will spur ever more trustworthy IT
systems in numerous domains and wide market applications. The platform and
ecosystem will evolve to constitute a sufficiently trustworthy low-level computing
base, standard and a governance model for large democratically-accountable
advanced narrow and strong AI projects and systems, in critical sectors for the
economy and society, to substantially increase their safety, robustness and “value
alignment”.
26
27. Partners Sought & Funding Roadmap
PARTNERS BEING SOUGHT
Although the project is complete with all core technical and socio-technical expertises, we
are, nonetheless, substantially benefit, seeking additional partners, in order of priority:
1. One EU-based large global IT/ICT technology company - to add resiliency to the
ecosystem, provide IT integration and/or fill expertise gaps - which has:
a. Wide-ranging high-assurance IT expertises; and/or
b. Capacity to widely exploit the global commercial military and/or civilian
potential.
2. One or more EU Ministries of Defense (MoDs) to endorse and/or participate in the
project, especially from states of current core partner, such as Germany, Belgium,
Spain. The Italian MoD has already shown extensive interest in participating as
additional partner to the ECSEL 2016 program.
3. One or more SMEs/R&D entities, with core high-assurance expertises
complementary with those of current partners.
ROADMAP
http://www.openmediacluster.com/funding-opportunities/ 27
28. Tripartite TRUSTLESS path to disruption
1. Jump start of TRUSTLESS complete SW/HW platform and ecosystem. With a
profitable initial ecosystems that is extremely resilient to economic pressures and
determined lifecycle attacks.
2. Establish and widely promoted a Trustless Computing Group international
certification body, for both highest-assurance IT service and targeted lawful access
schemes. It is extremely technically-proficient & citizen-accountable and primarily non-
governmental. It provides voluntary (i.e. beyond law requirements) certification of Highest-
assurance IT services and lifecycles for:
a. Human IT communications that are suitable for the meaningful exercise of one’s civil
rights via IT;
b. Lawful and constitutional targeted access, that meaningfully guarantee both the user
and the investigating agency against abuse, by satisfying:
i. for centralized infrastructure: requirements a. above, plus additional
requirements for forensic and other specific requirements
ii. for state malware: an extended version of requirements and safeguards set
forth by the authoritative “Lawful Hacking“ report.
3. Progressive adoption by EU, UN and/or a few states of such standards -and related
certification body - as a voluntary or mandatory standard, by prescribing that:
a. Public security agencies must deploy lawful access services/schemes only in
compliance to TRUSTLESS certifications
b. Grave consequences should follow for illegal cracking, by state and non.state
authorities, of the individual use or entire lifecycle, of high-assurance IT providers
that offer voluntary lawful access compliance, as certified.
28
29. TRUSTLESS
Trustless socio-technical systems for trustworthy dual-use critical computing
This slides:
www.openmediacluster.com/EDA-11-2015
Proposal web page:
(with exec. summary & 34-pager proposal draft):
www.openmediacluster.com/trustless-extended-rd-proposal-to-ecsel-2016/
Contacts:
Rufo Guerreschi, Exec. Dir. Open Media Cluster
rg@openmediacluster.com
+393357545620
Thanks for you attention.