ECoSP 2018

European projects Clustering workshop On Cybersecurity and Privacy
(ECoSP 2018)

to be held in conjunction with the 13 th International Conference on Availability, Reliability and Security
(ARES 2018 – http://www.ares-conference.eu)

August 27 – August 30, 2018, Hamburg, Germany

Cybersecurity and Privacy issues are becoming an important barrier for a trusted and dependable global digital society development. The European Union is addressing the challenge through different means, including the Horizon 2020 Research and Innovation program, thereby financing innovative projects that can cope with the increasing cyberthreat landscape. This workshop promotes international dialogue and cooperation among H2020 European research projects aimed to cope with digital security and privacy aspects, risks, threats and cybersecurity issues.

The ECOSP workshop intents to emphasize the interplay within relative European Research projects in the field of privacy and security as well as related cybersecurity issues and challenges (see topics in next section), and therefore, establishing tight connections among the EU projects.

This clustering workshop is organized by ARIES and LIGHTest H2020 projects and aims to coordinate several presentations from different EU R&D projects articulated around security and privacy fields. The workshop will have a final networking session, as a space where experts can present and exchange their views in the latest advances and challenges about security and privacy, giving the audience the opportunity to interact with the speakers.

Representatives of H2020 European research projects in the scope of Security and Privacy are invited to join this clustering event. The call for participation is twofold. On the one hand, it targets general presentations of European projects to the community of experts (mainly for projects in the first year of their lifetime). On the other hand, the workshop also aims to cover technical presentations about the latest research advances, techniques, outcomes, and evaluations achieved in the scope of EU projects.

European Projects (already confirmed):

ARIES will design and promote a framework that enables the setting up of a reliable electronic identity ecosystem for Europe which combines digital and traditional approaches (i.e. physical and electronic identity documents, virtual identities) in novel ways in order to increase and sustain high technical and procedural levels of quality of security documents and corresponding processes in both virtual and physical worlds. ARIES will propose new security features and harmonized identity lifecycle processes to allow the linkage of physical, officially accepted identities with possible virtual identities that can be derived from the former in order to cope the need of end users to be able to maintain level of privacy preserving but at the same time based on technologies for quality control and verification of such identities to allow law enforcement and mechanisms to allow efficient control and threats detection. Project Representative: Jorge Bernal (University of Murcia)

The objective of LIGHTest is to create a global cross-domain trust infrastructure that renders it transparent and easy for verifiers to evaluate electronic transactions. By querying different trust authorities’ world-wide and combining trust aspects related to identity, business, reputation etc. it will become possible to conduct domain-specific trust decisions. This is achieved by reusing existing governance, organization, infrastructure, standards, software, community, and know-how of the existing Domain Name System, combined with new innovative building blocks. This approach allows an efficient global rollout of a solution that assists decision makers in their trust decisions. By integrating mobile identities into the scheme, LIGHTest also enables domain-specific assessments on Levels of Assurance for these identities. Project representative: Jon Shamah, EEMA

The main objective of the ANASTACIA project is to address cyber-security concerns by researching, developing and demonstrating a holistic solution enabling trust and security by-design for Cyber Physical Systems (CPS) based on IoT and Cloud architectures. ANASTACIA will develop a trustworthy-by-design security framework which will address all the phases of the ICT Systems Development Lifecycle (SDL) and will be able to take autonomous decisions through the use of new networking technologies such as Software Defined Networking (SDN) and Network Function Virtualisation (NFV) and intelligent and dynamic security enforcement and monitoring methodologies and tools. Project Representative: Antonio Skarmeta Gomez (University of Murcia)

Complementary to this, CREDENTIAL aims at developing privacy friendly means for storing and sharing personal data in the cloud, and at realizing an “identity and access management as a service” system supporting publicly certified identity data. Project representative: Krenn Stephan (Austrian Institute of Technology)

YAKSHA aims at reinforcing EU-ASEAN cooperation & building partnerships in the cybersecurity domain by developing a solution tailored to specific user and national needs, leveraging EU Know-How and local expertise. YAKSHA will develop and introduce the innovative concept of honeypots-as-a-service which will greatly enhance the process of gathering threat intelligence. It will enhance cybersecurity readiness levels for end users, help prevent cyber-attacks, mitigate cyber risks and better govern the whole cybersecurity process. YAKSHA will contribute to enhancing cybersecurity skills in Europe and creating new positions for cybersecurity specialists in ASEAN. Moreover, the direct access to the all-important ASEAN market provided to partners will positively impact the competitiveness of European security industry. Project representative Constantinos Patsakis (University of Piraeus)

SISSDEN (Secure Information Sharing Sensor Delivery Event Network) is a H2020 project that will improve the cybersecurity posture of EU organisations and citizens through the development of increased situational awareness and the effective sharing of actionable information. SISSDEN builds on the experience of The Shadowserver Foundation, a non-profit organisation well known in the security community for its successful efforts in the mitigation of botnets and fighting malware propagation. SISSDEN will provide free-of-charge victim notification services, and work in close collaboration with Law Enforcement Agencies, national CERTs, network owners, service providers, small and medium-sized enterprises (SMEs) and individual citizens. Project Representative: Edgardo Montes de Oca – Montimage

SAINT (Systemic Analyzer In Network Threats) proposes to analyse and identify incentives to improve levels of collaboration between cooperative and regulatory approaches to information sharing. Analysis of the ecosystems of cybercriminal activity, associated markets and revenues will drive the development of a framework of business models appropriate for the fighting of cybercrime. Comparative analysis of cybercrime victims and stakeholders within a framework of qualitative social science methodologies will deliver valuable evidences and advance knowledge on privacy issues and Deep Web practices. Equally, comparative analysis of the failures of current cybersecurity solutions, products and models will underpin a model for greater effectiveness of applications and improved cost-benefits within the information security industry.

CYBECO – Supporting cyber insurance from a behavioural choice perspective

The CYBECO project aims at developing new tools for cybersecurity risk analysis that will help organisations in the selection of security measures against cyber attacks and insurance suppliers in the design of cyber insurance schemes, complementing such security measures. Project Representative: Aitor Couce Vieira (ICMAT).

LEPS “Leveraging eID in the Private Sector“

LEPS enable existing certified e-Delivery, e-Notifications and remote e-Signature services in the private sector to use the paneuropean elD infrastructure for cross-border electronic identification and authentication , while complying with elDAS specifications and rules. It aims to integrate eID DSI in existing eService platforms in a few selected business sectors presenting potential high volume cross-border transactions such as banking, electronic payment and financial services, insurance and aviation.

The FORTIKA project aims to provide SMEs with an embedded, smart and robust hardware security layer enhanced with an adaptive security service management ecosystem (FORTIKA marketplace). The project will explore the capabilities of the secure-by-design FPGA SoC platform, as a CPU enhancement module. The long-term goal of the FORTIKA project is to provide a low-cost, dynamic, security layer for small and medium-sized businesses, individually tailored to meet each beneficiary’s requirements. Project representative: Dr. Evangelos Markakis.

FutureTrust aims to support the practical implementation of the eIDAS regulation on electronic identification (eID) and trusted services for electronic transactions in the internal market and ease the utilization and proliferation of trustworthy eID and electronic signature technology in Europe and beyond in order to enable legally significant electronic transactions around the globe. FutureTrust will design and develop innovative Open Source components and services complementing the current eIDAS ecosystem. The project will show how practical eIDAS compliant applications can be constructed and utilized with the aid of the developed FutureTrust components. Project representative: Jon Shamah

CIPSEC aims to create a unified security framework that orchestrates state-of-the-art heterogeneous security products to offer high levels of protection in IT (information technology) and OT (operational technology) departments of Critical Infrastructures (CIs). As part of this framework CIPSEC will offer a complete security ecosystem of additional services that can support the proposed technical solutions to work reliably and at professional quality. These services include vulnerability tests and recommendations, key personnel training courses, standardization etc. All solutions and services will be validated in three pilots performed in three different CI environments (transportation, health, environment). CIPSEC will also develop a marketing strategy for optimal positioning of its solutions in the CI security market. Project representative: Christian Schlehuber ( Deutsche Bahn AG )

SPECIAL (Scalable Policy-aware Linked Data Architecture For Privacy, Transparency and Compliance) aims to reconcile Big Data and personal data protection via an innovative data handling solution and a transparency framework. Special develops this technology to ease industry’s difficulties with GDPR compliance and to enable respectful treatment of personal information. The SPECIAL platform supports: the acquisition of user consent at collection time and the recording of both data and metadata; caters for privacy-aware with secure workflows; demonstrates robustness in terms of performance, scalability and security; provides a dashboard with feedback and control features that make privacy in Big Data comprehensible and manageable. Project representative: Harald Zwingelberg (ULD).

CS-AWARE aims to be a simple and cost effective cybersecurity awareness solution that helps administrators to understand the cybersecurity situation within their systems. The solution relies heavily on cooperative cybersecurity, by utilizing information about problems that others have shared in order to detect and mitigate incidents within ones own systems. CS-AWARE protects against and detect attacks as well as offering sound and realizable solutions by: automatic incident detection and visualization; information exchange with national and EU level NIS authorities; system self-healing; multi-lingual semantic support. Project representative: Juha Röning (OULU)

TRUESSEC.EU (TRUst-Enhancing certified Solutions for SEcurity and protection of Citizens’ rights in digital Europe) is a CSA on certification and labelling of trustworthiness properties from a multidisciplinary (Social Science and Humanities) SSH-ICT perspective and with emphasis on human rights. The main objective of the TRUESSEC.EU project is to foster the emergence of trust and confidence in new and emerging ICT products and services throughout Europe by encouraging the adoption of appropriate assurance and certification processes that take into account multidisciplinary (SSH and ICT) aspects while paying due attention to the protection of Human Rights. Taking a multi-disciplinary study including ethics, law, sociology, business and technology, aim of the project is to define a Criteria Catalogue for Trustworthy ICT products and services including criteria, indicators and requirements for trustworthy and secure Internet services and technologies. Project representative: Manel Medina (UPC)

RED-Alert ( R eal-time E arly D etection and Alert system for online terrorist content) is a H2020 project that aims to develop new online content monitoring and analysis tools to fight terrorism. To fight the war against terror, Law Enforcement Agencies (LEAs) are increasingly relying on social media intelligence (SOCMINT), a new field of intelligence covering a wide range of applications, techniques and capabilities analysing social media data, such as Natural Language Processing (NLP), Social Network Analysis (SNA), Artificial Intelligence (AI) and Complex Event Processing (CEP). The RED-Alert solution will cover a wide range of social media channels, in particular new channels such as Telegram and Periscope, which are increasingly used by terrorist groups to disseminate their content. The RED-Alert solution will allow LEAs to take coordinated action in real-time while preserving the privacy of citizens. Dr. Syed Naqvi (BCU)

Topics of interest include, but are not limited to:
  • Authentication and Access Control
  • Security Architecture and Technologies
  • Security Management in Heterogeneous Networks
  • Cybersecurity, cyber-threats, cyber-crimes
  • Identity management
  • Privacy preservation and enhancement
  • Attacks & Threats Detection and mitigation
  • Security Protocols
  • Security Management and Orchestration
  • Physical Layer Security Networks
  • Wireless Communications and IoT networks Security
  • SDN/NFV Security
  • Terminal and Edge Computing Security
  • Malware Attack Detection and Prevention Techniques
  • Information Sharing and Data Protection in Networks
  • Big Data Security and Analytics
  • Cloud Technologies Security
  • Trust management in heterogeneous networks
Important Dates
Submission Deadline May 27, 2018
ARES EU Symposium August 27, 2018
Conference August 27 – August 30, 2018
Workshop Chairs

Antonio Skarmeta Gomez
University of Murcia

Jon Shamah
EEMA

Jorge Bernal Bernabé
University of Murcia

Submission Guidelines

The submission guidelines valid for the workshop are the same as for the ARES conference. It is necessary that all papers submitted to EasyChair are anonymized (no names or affiliations of authors should be visible in the paper) .
They can be found at https://www.ares-conference.eu/conference/submission/ .

Workshop Agenda