FIA Prague Preparation February 6, 2008. Scenario planning approach We cannot predict the future We cannot predict the future We do understand the drivers.

Download FIA Prague Preparation February 6, 2008. Scenario planning approach We cannot predict the future We cannot predict the future We do understand the drivers.

Post on 01-Apr-2015

217 views

Category:

Documents

0 download

TRANSCRIPT

Slide 1FIA Prague Preparation February 6, 2008 Slide 2 Scenario planning approach We cannot predict the future We cannot predict the future We do understand the drivers and influencers... We do understand the drivers and influencers... We aim to articulate the space of possibilities We aim to articulate the space of possibilities... to develop a strategy that is robust to many possible futures... to develop a strategy that is robust to many possible futures Slide 3 We are here Our approach for Trust, Security, Privacy in FI Identify key drivers Identify key drivers Describe high level scenario Describe high level scenario Illustrate possible outcomes Illustrate possible outcomes Describe TSP issues and challenges Describe TSP issues and challenges Develop technical roadmap Develop technical roadmap Slide 4 Trust & security scenarios What if all ICT infrastructure is shared and service oriented? What if business is dispersed to a global ecosystem of service providers deep process and information integration ? What if the Future Internet develops into and information economy? What if people trust devices they own and hold, not services? What if the future internet is subject to relentless attacks from cyber criminals? Slide 5 Infrastructure-centric scenario IT becomes a service or utility Cost reduction a driver Cost reduction a driver Green agenda Green agenda Business model issues? Business model issues? After bankruptcies of several IT utilities, companies realise these are business- critical functions Dependability Dependability Security of provision Security of provision Business model Business model Trusted in service provider Trusted in service provider Compartment- alisation Compartment- alisation Slide 6 Service-ecosystem scenario: Business moves into the cloud Entire service value chain is delivered through the Internet, via dynamic composition of ad-hoc services Entire service value chain is delivered through the Internet, via dynamic composition of ad-hoc services Deep integration of process and data Deep integration of process and data Dynamic service trading through exchanges Dynamic service trading through exchanges Accountability Accountability Transparency Transparency Responsibility Responsibility Where is my data? Who is liable? What is the jurisdictional state? Who controls exchanges? Real world devices? Slide 7 Information-centric scenario Information is the foundation of services Capture, management and exploitation of data and information is the foundation for services Capture, management and exploitation of data and information is the foundation for services Issues of privacy Digital trail User generated content Information sensed from the real world Information stewardship Information stewardship User centricity User centricity Revocability Revocability Scale Scale Interaction with real world Interaction with real world Slide 8 Client centric scenario Trust the physical, mistrust the virtual Personal information turned to personal devices, acting as mediator People trust devices not services reaction to years of breaches, information misuse, User centric position personal devices implement separation of concerns data minimisation concept (minimal disclosure) widely accepted by federation of services, social networks, Enabler of peer-peer interaction, real world client interaction Slide 9 Threat-centric scenario The Future Internet is an unsafe place,.. Dependence on ICT so critical (remember that even today hackers keep the networks running because it benefits them more than tearing these down) Dependence on ICT so critical (remember that even today hackers keep the networks running because it benefits them more than tearing these down) Dark scenario of what would happen if threats such as the Estonian scenario would take place future-proofing against known and currently unknown threats and vulnerabilities, future-proofing against known and currently unknown threats and vulnerabilities, assessing and managing risks, liabilities assessing and managing risks, liabilities managing oversight and control, including at a state level managing oversight and control, including at a state level evolutionary and predictive threat models, evolutionary and predictive threat models, self-organising and self- healing security mechanisms self-organising and self- healing security mechanisms...... Slide 10 Trust & security scenarios Slide 11 Next steps Identify Drivers Generate Many Scenarios Consolidate Scenarios Research Challenges and technologies We are here Slide 12

Recommended

View more >