SCOTT:IoT-Cloud Certification Apr2018

From its-wiki.no

Revision as of 11:08, 14 March 2018 by Josef.Noll (Talk | contribs)

Jump to: navigation, search
IoT-Cloud Certification Apr2018
Home Meetings Publications Student corner Factpage
English-Language-icon.png


SCOTT:IoT-Cloud Certification Apr2018

Title IoT_Cloud_certification
Place Leidschendam
Date, Time 2018/04/26, 0900-1700
Contact Person Ewout Brandsma, Jelle Attema
Participants Ewout Brandsma, Wim Rullens, Bianca Smit, Jelle Attema, Roman Voll, Ramiro Robles, Michael Karner, Peter Priller, Lukasz Kulas, Peter Moertl
related to Project SCOTT
Keywords
this page was created by Special:FormEdit/Meeting, and can be edited by Special:FormEdit/Meeting/SCOTT:IoT-Cloud Certification Apr2018
Category:Meeting


Venue

Leidschendam, more info will follow

Goal of Meeting

  • Information on topics, open issues and future challenges
  • Building a partnership for the different domains
  • Support the discussion on more secure and safe hardware, software, devices and services
  • identify who takes the lead, such that the common interest get's promoted

Agenda

09:00 Registration
09:30 Welcome (Jelle)
09:40 Table Round incl update of Agenda
10:00 Introduction - 10 min each
Partnering Trust (Michiel)
Trusted Cloud (DE, xxx)
Zeker Online (NL, Thomas)
SCOTT (Michael Kaerner)
Safe-IoT reporting (NL, Michiel)
10:50 Session A: Security classes, what does it mean for cloud services
Intro Security classes (Josef Noll)
11:00 coffee
11:20 Discussion: 3 min intro (2 slides max), then discussion
ordering of IT infrastructure (can levels help?)
SW development, is agile killing security?
impact of IoT on cloud security
mapping Partnering Trust to security classes
enhancing security through monitoring and other mechanisms
12:00 lunch
12:45 Session B: Privacy label - more than GDPR compliance
Trust framework applied to
Privacy label (A-F)
13:50 coffee
14:00 continuation of discussion privacy label
14:30 Session C: European Perspective - discussion the approach for Europe
European Trust Label (DigitalEurope.org)
Our recommendations: software development
Network, our ambition
15:15 AOB
Results: IT week envisaged in the week of 17Apr2018 in Den Haag
opportunities for cooperation
Action Items, follow up: who
15:30 End of Meeting

Background

The physical meeting in Leidschendam is the follow up of the phone Meeting phone meeting on Certification, Security, Trust and Privacy in Jan2018. During the meeting, we identified topics for further discussion:

Work done by “Zeker Online” / “Partnering Trust” and the parties involved. "Partnering trust" and the "multi-layer framework" allows for trusted partner relations on different levels.

1.1 Future discussions might address to what degree IoT will put different requirements on the framework
1.2 One of the discussions on future developments is the need for continuous monitoring to elaborate potential security risks. Through SCOTT we collaborate with F-Secure (FI) on a monitoring service for the home, converting the F-Sense device into an SaaS.
1.3 we also discussed briefly the monitoring of traffic in the Norwegian Smart Grid network

is mapped into Session A

SCOTT and its key objectives in this field.

  • SCOTT is about secured connected and trustable things. About 25 demonstrators and use case mainly address the increase of security in wireless communications in the selected domains. In addition, SCOTT has introduced the following new concepts, as presented in Media:201801SCOTT-Privacy_Label.pdf
  • Measurable Security and Security Classes, addressing exposure and impact as compared to frequency and impact as in traditional risk analysis. The main reason is that IoT devices might only be attacked once (thus low frequency), but the risk remains all the time. Future discussions might address
  • Trust framework, combining technical and sociological parameters for enhancing trust. The trust framework is going to be applied to selected use cases.
  • Regarding Privacy Label (A-F), the idea is to make privacy visible to customers, and thus it part of the decision process when buying devices or services. Current discussions are on the understanding what the specific privacy labels address (see ongoing discussions in the presentation). Future discussions might address the understanding of the label (A-F), as well as the technical implementation and the audit regarding the devices.

Security aspects are mapped into Session A, privacy issues are mapped into Session B

Identify opportunities for further cooperation, especially regarding the European perspective.

  • Topics in security, trust and privacy build the basis for a higher perspective
  • SCOTT addresses potential solutions, the path to market and certification issues might be part of the future collaborations.
  • In addition, the alliance of projects working with the same objectives should be pursued.



 PresenterPresentation FileKeywords
Privacy labelling, enhancing the competitiveness of SMEs 2018/04/26Josef NollClick to Open
Secure COnnected Trustable Things (SCOTT) overview 2018/04/26Michael KarnerClick to OpenSCOTT
Trust
Security classes, relevance for cloud services 2018/04/26Josef NollClick to OpenSecurity Classes
Trust in Cloud Computing as a key to digitization 2018/04/26Thomas NiessenClick to OpenCloud security
Certification
Zeker online: Strengthening Trust in Cloud Services 2018/04/26Will ReijndersClick to OpenCloud security



some of the topics we discussed