what is cyber security

Digital Broadcasting, Future Cyberspace & Cyber Security Eduard Babulak PhD DSc FRSA FBCS Professor of Computer Engineering and Science Responsible for International Affairs College of Information and Communication Engineering Sungkyunkwan University (SKKU) Suwon, South Korea E-mail: [email protected] Web: http://new.icc.skku.ac.kr/icc/main.do Copernicus: http://my.indexcopernicus.com/babulak

MAREW 2013 Faculty of Electrical Engineering & Informatics University of Pardubice Czech Republic, 16TH April 2013

AGENDA 1 INTRODUCTION: • MOORE’S LAW; • DATA TRAFFIC GROWTH; • USER EXPECTATIONS; • THE 21TH CENTURY ICT • IS FIVE ESSENTIAL KEY MANAGEMENT CHALLENGES THREE MAJOR TECHNOLOGICAL AREAS • RESEARCH FOCUS • UBIQUITY & PERVASIVE COMPUTINGBROADCASTING • TRANSITION FROM DIGITAL TV TO SMART TV – TRANSITION FROM SMART PHONES TO SMART TV – FUTURE TV – DIRECTIONS FOR NEXT GENERATION SMART TV – CONVERENCE MODEL, – CYBERSPACE & VIRTUAL REALITY – COPE: NEW DIGITAL PARADIGM – FUTURE WEB •

Professor Eduard Babulak

AGENDA 2 • CYBER SECURITY CHALLENGES – WHAT IS CYBER SECURITY – WHY CYBER SECURITY • COMPUTER EMERGENCY RESPONSE TEAM - CERT – MOBILE SECURITY: WHO IS LISTENING • DTV SECURITY & PRIVACY CHALLENGES – FUTURE CHALLENGES FOR SECURITY & PRIVACY • CONCLUSIONS & RECOMMENDATIONS • QUESTIONS & ANSWERS

Professor Eduard Babulak

INTRODUCTION •

•

•

•

The unprecedented outburst of advances and innovation in Internet and Information Communications Technology (ICT) drives the digital revolution today. The current trends in globalization create neither a level playing field nor a truly ‘‘Flat World.’’ Impact of Cyberspace on society today and tomorrow. Attempts to gain national competitive advantage while promoting creation of artificial walls that may trigger potential conflicts and disagreements. 2/17/2015 Professor Eduard Babulak

Moore’s Law

Credit to Prof. Fadi Kurdahi

Data Traffic Growth


Users Expectations

[Ref: Delagi ISSCC 2010]

Technology vs Consumption Feedback Loop Consumption grows

Technology advances

Density

Applications

Performance

Devices

Switching energy

Cost per function


Users

Revenue

THE 21TH CENTURY ICT •

•

•

•

Current challenges and dynamics in global business enterprise. ICT is a platform to conduct successful business globally. ICT facilitating management of knowledge assets and business intelligence. IS contributes to employees global mobility and management . 2/17/2015 Professor Eduard Babulak

Mobile Ubiquitous Service 7

6

Population in Billions 5

4

3

2

1

0


Five essential key management challenges in developing & using information systems today: • Obtaining business value from information systems; • Providing appropriate complementary assets to use information technology effectively; • Understanding the system requirements of a global business environment; • Creating an information technology infrastructure that is flexible enough to support changing organizational goals;

• Designing systems that people can control, understand, and use in a socially and ethically responsible manner. 2/17/2015 Professor Eduard Babulak

Three major technological areas • • •

Smart: Intelligent Devices and Sensor Networks, Analytics: Distributed Intelligence , Humanoid Computing: Human to Computer Interaction and Integration.

Research focus on: •

•

•

•

Intelligent Device Integration: As devices gain in diversity, density and intelligence, so does the opportunity to gather knowledge. Analytics and Insight: Exploiting emerging data sources for high performance. Human Computer Interaction: The impact of emerging technologies and new business needs on workforce productivity and business performance. Systems Integration: Exploring tomorrow's enterprise ICT systems. 2/17/2015 Professor Eduard Babulak

Future Autonomic Computing will foster technologies such as: •

Self-healing Software;

•

Root-cause Discovery;

•

Correction, and Self-healing Hardware;

•

General-purpose Grid Computing

2/17/2015 Professor Eduard Babulak

Ubiquitous and Pervasive Computing There is burgeoning population of 'effectively invisible' computers around us, embedded in the fabric of our homes, shops, vehicles, farms and some even in our bodies. They are invisible in that they are part of the environment and we can interact with them as we go about our normal activities. However they can range in size from large Plasma displays on the walls of buildings to microchips implanted in the human body. They help us command, control, communicate, do business, travel and entertain ourselves, and these 'invisible‘ computers are far more numerous than their desktop cousins. 2/17/2015 Prof. Eduard Babulak

Ubiquity ANY NETWORK

ANY DEVICE Mobile

Enterprise

SEAMLESS CONNECTIVITY Any device, Any where, Any time, Any network

Home

ANY WHERE

ANY TIME Bringing together…

Communications and Entertainment

2/17/2015 Credit: Dr. Rick Wietfeldt Texas Instruments

Prof. Eduard Babulak

Three Principal Directions of Computer Development • Miniaturization: • Everything has become smaller. • ENIAC’s old-fashioned radio-style vacuum tubes gave way after 1947 to the smaller, faster, more reliable transistor. • Speed: • Due to enormous large volume of transaction and information processes the highest processing and communication speed is essential in all sectors. • Affordability: • The cost is critical to all business worldwide. 2/17/2015 Professor Eduard Babulak

MOBILE SYSTEMS EVOLUTION IN KOREA Analog 1st Stage

AMPS

Digital 2nd Stage

IS-95

2.5G

3rd Stage

1x EVDO WCDMA

4G DMB/ WiBro AMPS: Advanced Mobile Phone System (http://en.wikipedia.org/wiki/Advanced_Mobile_Phone_System ) IS-95: Interim Standard-95 (http://www.sis.pitt.edu/~dtipper/2720/2720_Slides9.pdf ) 1xEV-DO is a "3G" CDMA standard. EV-DO originally stood for "EVolution, Data-Only“ (http://www.phonescoop.com/glossary/term.php?gid=151 ) W-CDMA: Wide-Band Code Division Multiple Access (http://www.etsi.org/website/technologies/wcdma.aspx & http://www.3gpp.org/Technologies/Keywords-Acronyms/article/w-cdma ) DMB: Digital Media Broadcasting (http://www.telecomabc.com/d/dmb.html ) WiBro: Mobile WiMAX/WiBro (IEEE 802.16e): 2.3GHZ based mobile WiMAX (http://www.telecomabc.com/numbers/80216.html & http://csi.usc.edu/news/slides/WiBroSlides.pdf ) 4G: 4rd Generation system for mobile communications (http://www.telecomabc.com/numbers/4g.html )

Credit to KOREA TELECOM

제 7 정보 혁명 BROADCASTING & INTERNET 방송통신 융합 모델 Version 1.1 INDOOR

Broadcast Network

Multicast Service

HD TV • T-commerce • Home Banking • Internet Access

Integrated Multimedia Terminal

Internet

Phone Network

Unicast Service

OUTDOOR PDA/Smart Phone • Handheld PC • Cyber Wallet • Mobile Phone • Internet Access • Portable DTV

T-commerce: TV commerce (http://www.capitaine-commerce.com/2012/06/06/31619-et-maintenant-le-t-commerce/ )


Convergence Model Version 1.2 CONVERGENCE MODEL V.1.2

Internet

Convergence Media ? Phone Network

Broadcast Network


NEW CONVERGENCE NETWORK Mobility 3G Mobile

DMB

WiBro DBS SkyLife

Broadband

Interactivity

IPTV Samsung 32 inch LCD TV Korean direct broadcast satellite (DBS) broadcaster SkyLife launched in 2002 (http://spacejournal.ohio.edu/issue6/signal2.html ) DBDM: Digital Broadcasting Device Manager (http://www.software-data-solutions.com/dbdm.htm ) 3G Mobile: 3rd Generation of Mobile Communication (http://www.telecomabc.com/i/imt-2000.html ) IPTV: Delivery of television and other video and audio services over a broadband data network (http://www.telecomabc.com/i/iptv.html )

Source: www.32inch-lcd-tv.com


TRANSITION FORM SPART PHONE TO SMART TV 2009


2011

2012

SNS: Social Networking Service N Screen: Multiple TV Screens

SMART SCHOOLS & SMART HOMES & SMART SOCIETY

FUTURE TELEVISION 201X

Credit to UNISAT

DIRECTIONS FOR NEXT GENERATION SMART TV 1. 2. 3. 4. 5. 6. 7. 8. 9. Credit to: Jeff Jaffe

Multimedia, multi-device delivery and interaction Multiple screens scenarios Adaptive streaming of content Enhanced viewer experience Home networking (example: home security surveillance cameras incorporated in Smart TV) E-commerce (example: social networking and shopping during program) Content protection Testing Accessibility

CYBERSPACE VIRTUAL REALITY Registrational

Personalization Me TV

Home Banking

Cyber Wallet

Home Shopping

ID Card

Mobility

Mobile Phone Hand-held PC

New Convergence Network

Interactivity

Conversational E-mail IM Instant messaging

LBS Location Based Services

i-Content

ContextAwareness

Broadband

Game Quiz

Conferencing Target Marketing

Transmissional

VOD

Digital TV

Movie

Datacasting

Music

Value-added EPG Electronic program guides

PVR personal video recorder




Home Banking

Cyber Wallet

Home Shopping

ID Card

Mobility



Interactivity

Conversational E-mail IM

LBS

DMB + WiBro+ 3G

ContextAwareness

Broadband

Game Quiz


i-Content

Transmissional

VOD

Value-added

Digital TV

Movie

EPG

Datacasting

Music

PVR Credit to KOREA TELECOM



Home Banking

Cyber Wallet

Home Shopping

ID Card

Mobility



Interactivity

Conversational E-mail IM

LBS

CONVERGENCE MEDIA

ContextAwareness

Broadband

Game Quiz


i-Content

Transmissional

VOD

Value-added

Digital TV

Movie

EPG

Datacasting

Music

PVR Credit to KOREA TELECOM

COPE: CREATE ONCE – PUBISHED EVERYWHERE

POP

Analog TV

DTV Broadband

CarPC

In Flight

Consumer

eTV

DMB

Internet G3 WAP

PDA


NEW DIGITAL PARADIGM DTV

Production

IPTV

MAM Media COPE Asset Management

3G

Wireless

WiBro

DBS

Distribution

DMB

Entertainment Information

Game

Education

Cyber Nomad

Shopping VoIP GPS

VOD

Digital Nomad

Music

E-Mail Banking

Movie

Future IT Infrastructure Convergence

Ubiquitous

Digital Home

Digital Nomand: someone who uses technology, especially a laptop and a wireless network, to work remotely from anywhere in the world Source: http://www.macmillandictionary.com/open-dictionary/entries/digital-nomad.htm Credit to KOREA TELECOM

FUTURE WEB

Credit to: Jeff Jaffe

VIDEO WILL CREATE MOST OF THE INTERNET TRAFFIC

Cisco

Ixia

Credit to: Roger Watt

Cyber Security Challenges • The current and future dynamic development and innovation in the field of Information Communications Technologies (ICT) create a platform for the ubiquitous connectivity via Cyberspace for anywhere at any time for anyone worldwide. • Today, the Cyberspace is a daily part of life for organisations, governments and general public of all ages all over the world. • Globalisation and human factor have become essential to the Cyberspace proper use and application policies;


31

What is Cyber? Anything related to the Internet is grouped in cyber category. Cyberspac e is the non-physical terrain originated from the computer systems.

Source: http://www.webopedia.com/TERM/C/cyber.html

What is Security? 1) Security is the degree of protection: to safeguard a nation, union of nations, persons or person against danger, damage, loss, and crime Source: http://en.wikipedia.org/wiki/Security

2) Cyber Security: Is Your Company Protected? Source: http://pingler.com/blog/cyber-security-is-your-company-prote cted/

WHAT IS CYBER SECURITY • Cyber security is a branch of computer security known as information security as applied to computers and networks worldwide; • When a computer or any computational device(s) connect to a network and establish communication channel with other computational device(s) in the Cyberspace, they are essentially subject to possible risks . • Cyber security involves the protection of integrity of a computer's Internet accounts and files from intrusion of an unknown user. • http://www.whitehouse.gov/cybersecurity • Homeland Security: http://www.dhs.gov/cybersecurity Source: http://whatis.techtarget.com/definition/cybersecurity Prof. Eduard Babulak

34

Seven Cyber Scenarios To Keep You Awake At Night Scenario 1. Collateral damage from cyberwar; Scenario 2. Political protestors enlist social media to target attacks; Scenario 3. An insider uses privileged access to steal customer data; Scenario 4. Malicious software updates; Scenario 5. Hardware backdoors; Scenario 6. Insider abuse; Scenario 7. State sponsored spying; What does this mean? It is hard to propose a Cyber Security scenario that has not already occurred somewhere in the world. While doomsday scenarios of economic devastation and complete loss of critical infrastructure for extended periods is highly unlikely it is still important to be cognizant of past incidents and thus become better armed to think about how these scenarios could play out in your own organization. Source: http://www.forbes.com/sites/firewall/2010/04/29/seven-cyber-scenarios-to-k eep-you-awake-at-night/

WHY CYBER SECURITY 1 • Activities such as, communication (email, cellphones), entertainment (digital cable, mp3s), transportation (car engine systems, airplane navigation), shopping (online stores, credit cards), medicine (equipment, medical records), are all computer, Internet and Cyberspace dependent; • How much of our daily life relies on computers? • How much of our personal information is stored either on your own computer or on someone else's system? • Cyber security is essential anyone, any organisation or government to protect, prevent, detect, and respond to all possible attacks from internal and/or outside source(s).


36

WHY CYBER SECURITY 2 • Having millions of people all over the planet, connected to the Internet via his/her PC, laptop, or any portable mobile device create opportunities for communication all kind of information and content which may or may not be always contributing to the betterment of mankind. • Among thousands of different interest groups and social networks in countries worldwide, there are also groups that may wish to create, distribute or promote the information that may put state security, national economy and society in danger. Prof. Eduard Babulak

37

WHY CYBER SECURITY 3 • Evidence: http://www.securitydirectornews.com/topic/Publ ic-Sector • Tennessee nuclear plant guards suspected of cheating on security tests: http://www.y12.doe.gov/ • Idaho National Laboratory staff on how to avoid industrial attacks: http://www.itworld.com/security/211093/idahonational-laboratory-staff-how-avoid-industrialattacks?source=itwsidebar Prof. Eduard Babulak

38

POSSIBLE RISKS 1 • Hardware: – Connectivity; – Reliability;

• Software: – Malware(s) and/or spam(s); – Configuration; – Interoperability;


39

POSSIBLE RISKS 2 • Human factor: – Terrorist driven attack(s); – Politically and Economically driven attack(s); – War(s), etc.;

• Natural disasters: – Flooding; – Earthquake(s); – Volcanic explosion(s), etc.


40

MOBILE SECURITY: WHO'S LISTENING?

Source: Trend Micro Mobile Security Credit to: Karen McDowell

Credit to: Aaron Isaki

DTV SECURITY & PRIVACY CHALLENGES 1. 2.

3.

4.

5.

Digital television (DTV) provides a critical broadband broadcast resource for interoperable public safety and homeland security applications. DTV is a resource to public safety, existing DTV stations are providing megabits per second of encrypted data, including Internet Protocol (IP) video, geospatial visualization, data files, text messages, and any digital media. The concerns have moved from trade journals and policy gatherings to the front page of every newspaper with the advent of social networking, behavioural tracking These datacasts, not available to the public, can be targeted to one or any number of selected receivers or groups of receivers in the broadcast area with no congestion effects, unlike cellular systems; DTV ensures all subscribers receive the full bandwidth available.

ELECTRONIC WARFARE, CENSORSHIP, WEB SHUTDOWNS, DENIAL OF SERVICE • •

Cross-site scripting, request forgery It must become easier to build secure yet powerful apps

Credit to: Mark O’Brien, Robert I Desourdis and Jeff Jaffe

FUTURE CHALLENGES FOR SECURITY AND PRIVACY ‣ Tracking

It also can lead to unwanted intrusion into personal lives The tools to mitigate intrusion are confusing to novices and inconsistent Tracking and profiling of users can lead to beneficial value-added services The balance between these are hotly debated, poorly understood, and vary by culture

๏ ๏ ๏ ๏

‣ Identity ๏

Identity now part of core web architecture. Need for consistent experience through browser.

‣ Security ๏

in general

WebApps, HTML5

Credit to: Jeff Jaffe

YouTube Cyber Security Links: 1. Thomas Graham on Cyber Security (MacMillan Report) http://www.youtube.com/watch?v=Abq8QGBRGm8 2. RSA Security Management http://www.youtube.com/watch?v=AJfDnwcFQZw 3. MacMillan Report Homepage (Many interview on variety of subjects) http://www.yale.edu/macmillanreport/

WHAT IS COMPUTER EMERGENCY RESPONSE TEAM (CERT) • The regional CERTs coordinate and monitor the Internet in collaboration with the regional network service providers, security vendors, government agencies, as well as the industry associations. • All across the globe, there are many professional groups of experts working together to make sure that the Internet and ICT function properly. • There number of the Computer Emergency Response Teams (CERTs) that operate and cover a specific region on the planet, such as Australian CERT [1], Japanese CERT [2], US CERT [3], APCERT [4] and PacCERT [5]. Prof. Eduard Babulak

45

KOREAN & US CERTs • Korea National Computer Emergency Response Team: http://www.first.org/members/teams/kn-cert • Korean National Security Masterplan: http://service1.nis.go.kr/ go at: http://service1.nis.go.kr/eng/120802_masterplan_eng.pdf • Why is Cyber Security a Problem?: http://www.uscert.gov/cas/tips/ST04-001.html • Hacker, attacker, or intruder • Malicious code, sometimes called malware, is a broad category that includes any code that could be used to attack your computer. • Vulnerability - In most cases, vulnerabilities are caused by programming errors in software. Prof. Eduard Babulak

46

WHY CERT(S) 1 • Given the current complexity of the Internet and the ICT hardware and software infrastructures, in conjunction with the human factor, establish four basic categories that may trigger malfunction of the Internet and ultimately a cyberspace worldwide. • Anonymous hacks Japanese govt sites: http://www.zdnet.com/anonymous-hacks-japanesegovt-sites-2062305268/ • Japan to set up cyberdefense unit by 2013: http://www.zdnet.com/japan-to-set-up-cyberdefenseunit-by-2013-7000003941/ Prof. Eduard Babulak

47

CONCLUSIONS & DISCUSSION • Cyber Security is essential for the Global Internet and Cyberspace Infrastructure(s) that facilitate communication platform for current and future Digital Broadcasting and Smart TV technologies. • Provided the camera and microphone being an integrated part of the Smart TV, the privacy and security issues are becoming a new challenge for research and industry community. 48

RECOMMENDATIONS 1. Continue research in Cyber Security and Quality of Service Provision for Future Internet and DMB Infrastructures; 2. Develop new technologies and standards to design tools to secure Smart Devices & DTV hardware, smart cards and Pay TV chips; 3. To secure hardware and software for future embedded systems connected to cyber physical systems; 4. To develop unique security chips and cores on a system on chip, that will be protected against any cyber or hardware attacks; 5. To develop strategies, countermeasures and standards to deal with the future scenarios of any form of cyber attacks on Future Smart Devices, TV, at any time and from anywhere.

COMMUNICATION IS THE ECONOMY

Because communications – which in the end is what the digital technology and media are all about – is not just a sector of the economy. Communications is the economy. The new economy is about communications, deep and wide. ……………………………………………. Kevin Kelly in “New Rules for the New Economy”

Questions & Answers