Trust and security in pervasive networking (pervasivetrust 2005)

The twenty-first century is the era of the Internet. The Internet combines techniques of traditional industry and info-communication. Trustworthiness of communication is the key of healthy information society. Trust and associated security have become the important issues of all current discussions due to a variety of reasons, including data protection, economic dependency, national security and e-commerce. Trust has to be built among users for the usage of network infrastructure by protecting and providing for the confidentiality, integrity, availability and authentication of information and communication systems, including the data and information they transfer. Today there is a huge number of security technologies available on various layers of the protocol stack. All these different kinds of security technologies, which are partly already complex by themselves, make it difficult for the ordinary user to do the correct selection and configuration for his indiviual needs as well as the security requirements of the user's current ambience. The main focus of current research activities is to improve the userfriendliness for applying security technologies and therefore paving the way to a broader deployment of security in general and build trust. The workshop on ‘Trust and Security in pervasive networking’ provides a global overview of trust and security issues in pervasive communication networks. The workshop will cover an overview of existing and emerging security technologies and will describe their functionality and provide information about the threats and vulnerabilities they are defeating, their level of maturity and their complexity. The speakers are expected to address the well known solutions towards building trustworthy networks. The session also provides the limitations of current communication security in the rising multimedia communication age and the need for more complex/subtle security mechanisms and policies. The invited speakers will provide a short description of new security paradigms with the emergence of the ambient intelligence concept (infospheres and virtual paradigms) and new architectures (P2P, Virtual entities ...) and their application to sensor networks. The new environment (“always connected”, nomadic users, mobile infrastructures, heterogeneity ...) and the pregnant morphology of information systems that require a drastic change of our static vision of legislations and rules for security policies to be enforced, implemented and verified. The workshop will address new aspects of protection and security functions required for users, in a private infosphere (virtual identity, authentication with time and space, anonymity, non-observability, digital rights management, biometry), in a networked infosphere (virtual private networks, new firewalls, inter-network security), and in an open public infosphere. The invited speaker from the European Security initiative will also explain SEINIT's approach to shield the complexity of security from the user by deploying a virtual security architecture. It will explain the integration of various security technologies into this SEINIT architecture and describe the process of establishing security associations. The sessions will discuss emerging vulnerabilities and outlines a systemic approach to security aimed at protecting critical infrastructures and attenuating the risk of inter-