Security and Trust Management
Introduction to the Special Theme
by Fabio Martinelli and Jean-Jacques Quisquater
Modern society is increasingly reliant on the storage, processing and transmission of information. Ensuring the integrity, security and privacy of information is thus paramount, regardless of whether the information is at the level of the citizen or at a national or international level. Moreover, future trends (as outlined in the ISTAG report, for example) in the so-called Ambient Intelligent Space (AmI) will only increase the role of information and our reliance on it. This brings with it great opportunities to enhance our quality of life, but at the same time, presents major challenges in terms of the privacy and integrity of personal information.
There is a common understanding that achieving greater security in information and communications technology (ICT) would increase its development and diffusion, with concomitant benefits in many fields. While this technology is already spreading rapidly, it will only be possible to translate our physical interactions into electronic interactions if sufficient trust and confidence exist in the systems that process our information. The integrity, security and privacy of information and communication are thus paramount, in everything from personal information transfer to government and critical infrastructures. It is now widely agreed that lack of trust in systems will prevent their widespread adoption. As a consequence, the development and deployment of systems with strong effective security is vital.
In addition, modern ICT systems may consist of several (even thousands or more) computation and communication resources whose number dynamically changes and thus are getting closer to so-called virtual communities. In this new framework, the capability to represent, create, negotiate, monitor and evolve trust relationships in a secure way becomes mandatory.
ERCIM has recently established a WG on security and trust management to foster the research on these issues.
This special issue contains 29 articles on a variety of research topics within the area of security and trust management, authored by ERCIM members and other European research groups. Jacques Bus, head of the 'ICT for Trust and Security' unit within the Directorate-General of Information Society and Media, kindly agreed to provide a contribution on the strategic challenge that trust and security in the information society represents to European research. We also invited two contributions from well-known experts in the USA and Australia, to provide us with a rundown of the research being performed in these countries.
The articles describe research projects and results in the following areas:
- wireless network security in ubiquitous systems
- trust and reputation management in virtual coalitions/organizations
- identity management problems and privacy issues in virtual coalitions; an example of the integration of security technologies with biometric systems is also described
- the area of document security, and the problem of security mechanisms for documents that are platform- and server-independent
- the security of distributed applications, from mobile e-commerce to e-healthcare
- the use of rigorous techniques such as formal languages and automata theory to specify, verify and analyse complex systems
- access-control models, policies and mechanisms for exploiting well-established technology such as X.509 certificates, and new XML-based languages for describing policies and credentials
- research and development activities in cyber-crime protection and detection.
Overall, these articles illustrate current trends not only in ERCIM institutes, but in the whole European research community.
Fabio Martinelli, IIT-CNR, Italy
Jean-Jacques Quisquater, Université catholique de Louvain, Belgium