spacer back contents
ERCIM News No.49, April 2002


Information Security - Introduction

by Michael Waidner

Information security is one of the cornerstones of the Information Society. Integrity of financial transactions, accountability for electronic signatures, confidentiality within a virtual enterprise, privacy of personal information, dependability of critical infrastructure, all depend on the availability of strong, trustworthy security mechanisms. Ensuring the availability of these mechanisms requires solving several substantial R&D problems.

Security Engineering
Building secure systems has to evolve from an art to a security engineering discipline, with well-defined methods for constructing secure systems out of secure subsystems and basic components, and for assessing and formally validating security. Security-preserving notions of composability need to be developed, combining techniques from software engineering, secure hardware design, formal methods and cryptography. In particular European researchers have made a lot of progress in this direction, but nevertheless, security engineering is still closer to black magic than to science: the number of new vulnerabilities is still growing with a dreadful rate.

Protecting Privacy
Protecting privacy in the information society requires good security, but more than security is needed: tools that empower ordinary, non-technical users to control the information they reveal about themselves; business models and processes that balance the personal information they consume and customer value they generate; tools that enable enterprises to define and enforce their privacy practices, and to manage the identity and profile information given to them in a trustworthy and responsible way. In particular the development of enterprise privacy technologies has just started.

Intrusion Tolerance
One of the most important R&D topics is the development of intrusion tolerant systems: such systems work securely and safely even if some subsystems have been successfully attacked and maliciously corrupted – which is inevitably the case for most large systems. Such systems might even react on detected intrusions by reconfiguring themselves into a less corrupted state. Over the last few years a lot of work has been done on developing intrusion tolerant systems, in particular in the context of secure group communication and service replication. More work will be needed, in particular towards intrusion tolerance for systems based on large dynamic and ad-hoc groups. New trustworthy, intrusion tolerant means of authentication, authorization and management for such systems need to be developed.

Intrusion Detection
A very related topic is that of intrusion detection: How to detect intrusions, or more generally, high-risk situations? Many sensors have been developed that watch for specific situations, and tools to correlate alarms generated by different sensors in order to get a better picture. But still the main problems remain open: Intrusion detection systems generate by far too many false alarms, and rarely suggest effective reactions on true alarms. More R&D is needed that improves the quality and meaningfulness of alarms, eg, by considering semantically richer layers and specific applications.

This special issue points to some of the existing European R&D in information security. Although far from being a complete collection, it gives a good impression of where the European research community is putting its efforts today, and where one can expect, or at least hope for more results in the future.

Please contact:
Michael Waidner, IBM Zurich Research Lab
Tel: +41 1 724 8220