background image

D10.1 Intermediate report about all external

cooperation and activities

Project number

IST-027635

Project acronym

OpenTC

Project title

Open Trusted Computing

Deliverable type

Report 

Deliverable reference number

IST-027635/D10.1/FINAL

Deliverable title

Intermediate report about all external
cooperation and activities

WP contributing to the deliverable

WP10

Due date

Apr 2006 - M06

Actual submission date

Jun 12 2006

Responsible Organisation

RHUL

Authors

RHUL (Stéphane Lo Presti, Chris Mitchell),
TEC (Angelika Holzweber)

Abstract

This  deliverable  summarises  the  external
cooperation and activities undertaken by the
OpenTC partners during the first six months
of the project, and planned for the remainder
of the project.

Keywords

external cooperation, external activities

Dissemination level

Public

Revision

FINAL

Instrument

IP

Start date of the
project

1

st

 November 2005

Thematic Priority

IST

Duration

42 months

background image

FINAL

If you need further information, please visit our website 

www.opentc.net

 or contact

the coordinator:

Technikon Forschungs-und Planungsgesellschaft mbH
Richard-Wagner-Strasse 7, 9500 Villach, AUSTRIA
Tel.+43 4242 23355 –0
Fax. +43 4242 23355 –77
Email 

coordination@opentc.net

The information in this document is provided “as is”, and no guarantee

or warranty is given that the information is fit for any particular purpose.

The user thereof uses the information at its sole risk and liability.

OpenTC Deliverable 10.1

2

background image

FINAL

Table of Contents

1  Introduction ..............................................................................................................4

1.1 Technikon's coordination task................................................................................4
1.2 Structure of this document.....................................................................................4
1.3 Conferences or public discussions and talks..........................................................4

1.3.1 Active role (speaker, presenter, moderator)......................................................5
1.3.2 Passive role (attendee)......................................................................................5

1.4 Articles in journals and magazines, papers, electronic publications.......................5
1.5 Cooperation with external organisations................................................................5

2  Dissemination activities in the first six months..........................................................6

2.1 Conferences or public discussions and talks..........................................................6

2.1.1 Active role (speaker, presenter, moderator)......................................................6
2.1.2 Passive role (attendee)....................................................................................11

2.2 Articles in journals and magazines, papers, electronic publications.....................11
2.3 Cooperation with external organisations..............................................................14

3  Participation in other projects..................................................................................19

3.1 Participation in running/labelled complementary EU/IST projects, Eureka...........19
3.2 Participation in national projects..........................................................................21

4  Planned dissemination activities..............................................................................23

4.1 Partners' plans for dissemination.........................................................................23
4.2 Conferences or public discussions/talks...............................................................24

4.2.1 Active role (speaker, presenter, moderator)....................................................24
4.2.2 Passive role (attendee)....................................................................................28

4.3 Articles in journals and magazines, papers, electronic publications.....................29
4.4 Cooperations with external organisations............................................................31

5  List of Abbreviations ...............................................................................................33

OpenTC Deliverable 10.1

3

background image

FINAL

Introduction 

The ambitious goals and the critical role of the OpenTC project makes cooperation
with  external  bodies  and  organisations,  and  participation  in  public  and  scientific
events, essential in order to ensure its success. The following cooperation activities
have been identified:

 

Interaction  with  and  contribution  to  standardisation  bodies  to  help  in  the

establishment of new standards;

 

Dissemination of project activities and the innovative solutions developed within the

project to expert and non-expert audiences;

 

Development of training concepts and materials to ensure direct know-how transfer

to the users;

 

Organisation  and  maintenance  of  an  informed  dialogue  about  the  benefits  and

drawbacks of Trusted Computing (TC), and the OpenTC approach in particular, and of
its applications such as DRM, with stakeholders, a variety of different user groups, and
citizens.

1.1 Technikon's coordination task

Technikon,  as  the  coordinator  of  the  project,  has  performed  a  wide  variety  of
dissemination activities during the first  six months. Technikon prepared the  official
press release for the OpenTC project, correlate it with all partners and published it on
the  project  website.  Furthermore  Technikon  set  up  the  public  project  website
(

www.opentc.net

), including a secured internal section to facilitate cooperation and

communication. The project website has been designed to be easily accessible and
give an introduction to the project. It provides information for interested visitors and
can also be used for project-internal communication and cooperation.  Technikon has
also provided templates for presentations made by the partners as well as a general
presentation about the OpenTC project which can be used by all the partners.
Technikon personnel also established links with the newly labelled Medea+ project
Trusted Secure Computing (TSC, Label number 2A502), and have participated as the
OpenTC liaison in the first TSC correlation meeting in Paris in January 2006.

1.2 Structure of this document

Section  2 of  Deliverable  D10.1  lists the dissemination  activities  undertaken by  the
OpenTC partners during the first six months of the project. A review of collaboration
with  other  projects  is  provided  in  Section  3,  and  collaborations  planned  for  the
remainder of the project are given in Section 4. Section 5 gives a list of abbreviated
partner names, used throughout this document.

The  various  activities  have  been  divided  into  four  groups  and  each  activity  is
described in the form of a table. The tables used for each group are described in the
subsequent sections.

1.3 Conferences or public discussions and talks

Two types of tables are used to describe involvement in conferences and other fora.
One is used where a member of the project team is actively involved (e.g. providing a
talk, participating in a panel session, etc.), and is presented in Section 1.3.1. The other
type is where the team member is taking a more passive role (e.g. as an attender),
presented in Section 1.3.2.

OpenTC Deliverable 10.1

4

background image

FINAL

1.3.1 Active role (speaker, presenter, moderator)

Name of the event

<official name>

Date
Place

<Name and country>

Organisation and number of
participants

<short name, number of participants>

Content of presentation/talk

<short abstract>

Hyperlink to conference
website
Outcome 

<press release, cooperation etc.>

1.3.2 Passive role (attendee)

Name of the event

<official name>

Date
Place

<Name and country>

Partner

<short name>

1.4 Articles in journals and magazines, papers, electronic publications

The following form is used to report publications by members of the project team.

Date
Name
Spread

<regional, national, international>

Content

<interview about..., official OTC press
release, press release about...>

Partner

<short name>

1.5 Cooperation with external organisations

The following form is used to report collaborations with external organisations.

Workpackages
OpenTC partner
External organisation(s)
Type of activity, date and
duration

< meeting, workshop >

Objectives
Resources
Actions
Outcome

OpenTC Deliverable 10.1

5

background image

FINAL

Dissemination activities in the first six months

Following the categorisation presented in section 1, we list hereafter the dissemination
activities undertaken by the project partners during the first six months of the project.

2.1 Conferences or public discussions and talks

Public presentations given by partners of the OpenTC are described below.

2.1.1 Active role (speaker, presenter, moderator)

Name of the event

Free Software and Open Source Days

Date

09/02/2006

Place

Bigli University, Turkey

Organisation and number of
participants

PORT (Bora Güngören)

Content of presentation/talk

This 1-hour presentation was given in Turkish and
discussed  issues  of  privacy  and  anonymity,  with
details  on  Direct  Anonymous  Attestation  and
Enforcable Policies. Questions were asked mainly
about TPM-based user identification, and roots of
trust.

Bilgi  University  "Free  Days"  is  one  of  the  two
largest  open  source  events  in  Turkey.  It  hosts
international contributions and this year's invited
guests were Ian Murdock (founder of Debian Linux
distribution)  and  Branden  Robinson  (current
Debian project leader).

Hyperlink to conference
website

http://open.bilgi.edu.tr/freedays/program.php?lang
=en

Official   photos   from   the   event   can   be   seen   at:

http://open.bilgi.edu.tr/freedays/photos/album0/

Outcome 

Raised  awareness  about  Trusted  Computed  and
corrected  misconceptions  about  TC  and  DRM  in
the Turkish Open Source community

Name of the event

Computer Center Executives Conference

Date

06-09/04/2006

Place

Antalya, Turkey

Organisation and number of
participants

TUB (Görkem Çetin)

Content of presentation/talk

A  20  minute  seminar  about  3  promising  and
upcoming  new  technologies,  including  Trusted
Computing and Linux

OpenTC Deliverable 10.1

6

background image

FINAL

Hyperlink to conference
website

http://bimy.tbd.org.tr

Outcome 

Awareness  of  OpenTC  among  business  partners
(including  Microsoft,  Fujitsu-Siemens,  IBM  and
Oracle), attendance was around 400 people

Name of the event

Workshop  “Fostering  a  European  academic
research  environment  for  Trusted  Computing”
organised by the British CESG and German BSI

Date

20-21/02/2006

Place

Bonn, Germany

Organisation and number of
participants

RHUL, RUB, TUD, HP, CUCL, 9 people

Content of presentation/talk

HP took part in the organisation of the workshop,
while  presentations  were  given  by  RHUL  (Using
mobile devices in a secure environment), RUB (A
Security Architecture for Enforcement and Transfer
of Licenses) and CUCL (The Xen Project)

Hyperlink to conference
website
Outcome 

Knowledge  of  the  public  sector  requirements
regarding  TC,  dissemination  of  OpenTC  work,
participation in a European working group on TC

First  European  summer  school  on  Trusted
Infrastructure technologies  in Oxford (see Section
4.4)

Name of the event

1

st

 Workshop on the Advance in Trusted

Computing

Date

09/03/2006

Place

Tokyo, Japan

Organisation and number of
participants

IBM (Matthias Schunter)

Content of presentation/talk

Trusted Computing and Open TC

Hyperlink to conference
website

http://www.research.ibm.com/trl/news/workshop/in
dex_en.html

Outcome 

Both  projects  aim  at  Open  Source  trusted
computing  solutions.  As  a  consequence,  we
agreed  that  we  will  try  to  set  up  a  closer
collaboration.  We  plan  to  exchange  technical
specifications and we have issued an invitation to

OpenTC Deliverable 10.1

7

background image

FINAL

the  Japanese  researchers  to  join  our  September
general assembly

Name of the event

Infosecurity Europe

Date

26/04/2006

Place

London, UK

Organisation and number of
participants

HP (1)

Content of presentation/talk

Open Trusted Computing

Hyperlink to conference
website

http://www.infosec.co.uk

Outcome 

Conference for information security professionals

Name of the event

Linux Users Association, Internet Association

Date

09-11/02/2006

Place

Pamukkale University, Turkey

Organisation and number of
participants

PORT (Bora Güngören)

Content of presentation/talk

1-hour  presentation  (in  Turkish)  on  Trusted
Computing and Linux.

The Academic Computing Conference is one of the
major   academic   IT   events   in   Turkey.   It   is   not
dominated  by  product  presentations  but  by
universities.

Hyperlink to conference
website

http://ab.org.tr/ab06/

 

    

Outcome 

Awareness  of  Trusted  Computing  and  OpenTC
among  external  entities,  around  50-60  people
mainly from government offices and universities

Name of the event

Linux Users Association

Date

08/04/06

Place

Yeditepe University, Turkey

Organisation and number of
participants

PORT (Bora Güngören)

Content of presentation/talk

This 1-hour presentation was given (in Turkish) on
how   security   products   would   evolve   to   make

OpenTC Deliverable 10.1

8

background image

FINAL

further   use   of   TC   in   their   design   and
implementation.

Hyperlink to conference
website

http://open.yuenc.org/

 

Outcome 

Awareness  of  OpenTC  among  external  entities,
around 30 people, mostly open source developers,
Linux based firms (UEKAE, Gelecek, Novell Turkey,
IBM   Turkey,   Armador   OS)   and   computer   science
students

Name of the event

Informatik Kolloquium

Date

11/11/2005

Place

Koblenz University, Germany

Organisation and number of
participants

TUD (1)

Content of presentation/talk

Overview of the Nizza Security Architecture

Hyperlink to conference
website

http://www.uni-koblenz.de/ifi/kolloquium/

Outcome 

Name of the event

CollaborateCom

Date

19-21/12/2005

Place

San Jose, USA

Organisation and number of
participants

TUD (1)

Content of presentation/talk

Presented the paper “The Nizza Security
Architecture”

Hyperlink to conference
website

http://www.collaboratecom.org/2005/

Outcome 

Name of the event

EuroSys

Date

18-21/04/2006

Place

Leuven, Belgium

Organisation and number of
participants

TUD (3)

Content of presentation/talk

Presented the paper “Reducing TCB Complexity for
Security-Sensitive Applications”

OpenTC Deliverable 10.1

9

background image

FINAL

Hyperlink to conference
website

http://www.cs.kuleuven.ac.be/conference/EuroSys
2006/

Outcome 

Name of the event

Brainshare 2006

Date

March 19-24

Place

Salt Lake City, Utah

Organisation and number of
participants

SUSE (1)

Content of presentation/talk

Introduction into the OpenTC project, its goals,
technical principles, and the consortium

Hyperlink to conference
website

http://www.novell.com/brainshare

Outcome 

Awareness of OpenTC among representatives from
the broad Novell partnership landscape

Name of the event

ISESTORM

Date

07/04/2006

Place

Barcelona, Spain

Organisation and number of
participants

ISE, BSI, La Salle University

Content of presentation/talk

Open  Trusted  Computing  as  part  of  Security
Analysis certification background knowledge

Hyperlink to conference
website

http://www.isestorm.org/

 

Outcome 

Found 2 volunteers and workers for the project

Name of the event

2nd International Conference on Global e-Security

Date

20/04/2006

Place

London, UK

Organisation and number of
participants

University of East London (Docklands)

Content of presentation/talk

Open  Trusted  Computing  as  part  of  ISECOM
solutions for present day problems

Hyperlink to conference
website

http://www.isestorm.org/

 

Outcome 

Found 2 volunteers and workers for the project

OpenTC Deliverable 10.1

10

background image

FINAL

2.1.2 Passive role (attendee)

Name of the event

XEN Summit

Date

17-18/01/2006

Place

Austin, Texas, USA

Partner

AMD

Hyperlink to conference website

http://www.xensource.com/company/xens
ummit.html

 

2.2 Articles in journals and magazines, papers, electronic publications

Date

24/02/2006 and 01/03/2006

Name

Newsletter  “Monitor”  of  the  EU-funded
project Indicare available at indicare.org

Spread

International

Content

Analysis  and  discussion  of  TC,  and
presentation of OpenTC views

Partner

Articles  have  been  written  by  TUM
(Schreiner  et  al.),  HP  (Kuhlmann)  and
ITAS (Weber/Weber)

Date

29/03/2006

Name

Security Focus

http://www.securityfocus.com/columnists/
395

 

Spread

International

Content

“Open  source  security  testing
methodology“ Interview where OpenTC is
explained as an ISECOM project

Partner

ISE (Pete Herzog)

Date

24/03/2006

Name

Turkish Linux Journal “Penguence”

Spread

National (Turkey)

Content

The article was requested to clear out TC
and DRM related issues.   The article has

OpenTC Deliverable 10.1

11

background image

FINAL

been  read  online  more  than  150  times
and  downloaded  more  than  1000  times,
see 

http://penguence.linux.org.tr

Partner

PORT (Bora Güngören)

Date

10/2005

Name

Wirtschaftsnachrichten Süd (News Paper)

Spread

National (Germany)

Content

Press article about the content of the
OpenTC project

Partner

TEC

Date

02/2006

Name

Kleine Zeitung (Newspaper)

Spread

Regional (Austria/Carinthia)

Content

Press article about the content of the
OpenTC project

Partner

TEC

Date

02/2006

Name

Kärntner Wirtschaftskammer (Electronic
publication)

Spread

Regional (Austria/Carinthia)

Content

Press article about the content of the
OpenTC project

Partner

TEC

Date

02/2006

Name

Advantage (Electronic publication) 

Spread

Regional (Austria/Carinthia)

Content

Press article about the content of the
OpenTC project

Partner

TEC

Date

02/2006

Name

Economy (Magazine)

OpenTC Deliverable 10.1

12

background image

FINAL

Spread

Regional (Austria/Carinthia)

Content

Press article about the content of the
OpenTC project

Partner

TEC

Date

03/2006

Name

Kärntner Woche (Newspaper and
electronic publication)

Spread

Regional (Austria/Carinthia)

Content

Press article about the content of the
OpenTC project

Partner

TEC

Date

03/2006

Name

New Business (Magazine)

Spread

National (Austria)

Content

Press article about the content of the
OpenTC project

Partner

TEC

Date

03/2006

Name

it&t business (Magazine and electronic
publication)

Spread

National (Austria)

Content

Press article about the content of the
OpenTC project

Partner

TEC

Date

04/2006

Name

First European Conference on Systems
(EuroSys2006) 

Spread

International

Content

Practical Taint Based Protection

Partner

CUCL

OpenTC Deliverable 10.1

13

background image

FINAL

Date

13/03/2006

Name

TUDOS Demo CD

Spread

International

Content

Contains Demo Scenarios of an L4 based
secure system.

Partner

TUD

Date

29/03/2006

Name

The Register

http://www.theregister.co.uk/2006/03/30/
pete_herzog_interview/

 

Spread

International

Content

“The man behind OSSTMM”
Syndication of SecurityFocus article

Partner

ISE

Date

Monthly starting 01/2006

Content

OpenTC project details

Media / Spread

ISECOM News List / International (5000
members)

Partner

ISE

Date

08/03/2006

Content

OpenTC project announcement

Media / Spread

Professional Security Testers Mailing List /
International (60000 members)

Partner

ISE

2.3 Cooperation with external organisations

Workpackage(s)

8

OpenTC partner

RHUL

External organisation(s)

Software Define Radio Forum (SDRF)
SDR Security Working Group

Type of activity, date and
duration

Discussions, 4 2-hour telephone conferences

OpenTC Deliverable 10.1

14

background image

FINAL

Objectives

Developing a security architecture for software defined
radio

Resources

1 person (Eimear Gallery)

Actions

Specification  of  secure  download  and  attestation
architecture components

Outcome

Input  to  SDR  Architecture  Specification  -  A  security
architecture  for  SDR  which  incorporates  trusted
computing  functionality/architectural  components
which leverage trusted computing functionality

Workpackage(s)

8

OpenTC partner

RHUL

External organisation(s)

Vodafone, TCG MPWG (Mobile Phone Work Group)

Type of activity, date and
duration

Discussions, 10 2-hour telephone conferences and half
a day meeting

Objectives

Mapping   of   Trusted   Computing   Group’s   Mobile   Phone
Computing  Group  (TCG  MPWG)  use  cases  to  trusted
computing functionality

Resources

1 person (Eimear Gallery)

Actions

Complete  mapping  of  2/3  priority  use  cases  to  begin
with

Outcome

Input of mappings to TCG MPWG

Workpackage(s)

8

OpenTC partner

IFX, RUB, TUD, RHUL

External organisation(s)

European Commission, eMobility Group

Type of activity, date and
duration

Wrote an addon to the eMobility workplan, several
emails between February and March 2006

Objectives

Contributing to and extending the future Workplan for
eMobility as a major part of research targeting for the
7FP for the whole field of mobility. eMobility shall
continue with the results from OpenTC WP in the future

Resources

About 1 person

Actions

Submitted 

Outcome

Participate with FP7 on security for mobile platforms

Workpackages

4,5

OpenTC partner

HP Laboratories

OpenTC Deliverable 10.1

15

background image

FINAL

External organisation(s)

Univ. of Auckland, Dept. of Computer Science

,

Prof. Clark Thomborson

Type of activity, date and
duration

Meeting, 24/04/2006

Objectives

Mutual  information  about  TC-related  work,  exploring
potential for co-operation

Resources
Actions

Presentation to HPL Bristol

Outcome

Tbd.

Workpackages

3,4,5

OpenTC partner

RUB, IFX

External organisation(s)

Univ. of Auckland, Dept. of Computer Science

,

Prof. Clark Thomborson

Type of activity, date and
duration

Meeting and common research seminar, 21/04/2006

Objectives

Mutual information about TC-related work, exploring
potential for co-operation

University

 

of Auckland

 

is leading Computerscience

organisation in NZ and also national Comptence-
Center for computer security

Resources

Whole group

Actions

Presentation to HPL BristolSeminar about Trusted
computing at RUB, Bochum

Outcome

Intensifying Cooperation

Workpackages

All

OpenTC partner

IFX

External organisation(s)

Berkeley Trust, a large US research project also
targeting on Trusted Computing but on a more basic
approach. 

http://trust.eecs.berkeley.edu

Type of activity, date and
duration

Full Cooperation, IFX is member since January 2006

Objectives

Mutual information about TC-related work, exploring
potential for co-operation

Resources

1-5 persons, depending on activity

Actions

Full participation within the project, Individual
partnerships with some of the related universities

OpenTC Deliverable 10.1

16

background image

FINAL

Outcome

Exchange of information and cooperations

Workpackages

1

OpenTC partner

TEC

External organisation(s)

TSC consortium: 
Axalto (FR),  Bertin Technologies (FR), Bull (FR), EADS
DS  and  EADS  SN  (FR),  FTRD/Orange  (FR),
STMicroelectronics (FR and IT), Giesecke and Devrient
(DE), ICT Economic Impact (DE), Philips SC (DE), Philips
AT (NL), ESI (ES), SGI (ES), TB-Solutions (ES)

Type of activity, date and
duration

Workshop, 18/01/2006, 1 day

Objectives

Cooperation between OpenTC and TSC members

Resources

1 person

Actions

Workshop

Outcome

Liaison with TSC

Workpackages

10

OpenTC partner

IFX, HP, IBM, AMD, POLITO, IAIK

External organisation(s)

TCG

Type of activity, date and
duration

Participating in the standardisation work of the Trusted
Computing Group (TCG); bringing current TCG pre
standard activities early into the OpenTC work and
activities

Objectives

Holding the results of OpenTC up to date and according
to the TCG industry standard. Testing the TCG
standards by implementation within the project and
deliver feedback

Resources

2 MM

Actions

Active participation in TCG standardisation and
management meetings

Outcome

Project results according to standards; Feedback from
early adoption

The 

Trusted Computing Group 

is the internationally accepted standardization board

which sets all relevant issues on the basic layers of our targeted activities. Open_TC is
complements the TCG work by building a open source trusted system. It is therefore
important  to  exchange  continuously  standardization  and  background  information
between the TCG and Open_TC. Open_TC partners are regular members of the TCG
(e.g. HP, IBM) or just joining the TCG liaison programme. Therefore the consortium has
direct access and exchanges ideas and information with the TCG.

OpenTC Deliverable 10.1

17

background image

FINAL

Memberships:

The  

industrial  project  members

  (HP,  IBM,  AMD  and  IFX)  where  already  regular

members of the TCG and also members of the board of directors of the TCG. IFX has
been elected by the TCG members on the board in January 2006. The deputy board
member  of  IFX  is  an  active  participant  within OpenTC  as  the  leader  of WP03  and
WP08.  So  there  is  a  very  direct  connection  between  OpenTC  and  the  TCG  on  the
technical as well as the organisational level.

TCG Liaison Program

This  program  allows  academic  institutions,  industry  standards  bodies,  government
agencies and special interest groups with a stake in computing security to participate
in   TCG   Work   Groups.   Members   in   this   program   are   anticipated   to   help   TCG   stay
current with research, standards and concerns studied by other important institutions
working in the security field. Liaison program members can participate in all TCG work
groups, thus getting first hand results from the standardisation work and being able to
influence the standards. During the first half year of the project IAIK and POLITO joined
the liaison program, other OpenTC members are planning to follow.

Activities:

OpenTC members participated in the TCG work groups for transfer of information and
also  informed  the  groups  about  the  OpenTC  project  and  its  objectives.  One  main
technical  activity  was  the  provision  of  the  work  concerning  TPM  and  TSS
standardisation  within WP03.  The  basic  TSS stack  package  provided  by  WP03  also
contains  elements  (like  the  inclusion  of  SOAP  interface  technology)  relative  to  the
latest TCG standardisation discussions.

OpenTC Deliverable 10.1

18

background image

FINAL

Participation in other projects

We list in this Section the participation from OpenTC partners to other projects. These
relationships create opportunities of dissemination of the OpenTC results and make
sure that we are aware of the latest results and developments in related areas.

3.1 Participation in running/labelled complementary EU/IST projects, Eureka

MEDEA+

TSC 

Trusted  Secure  Computing was  recently labeled  with
2A502 by the public authorities for contract. TSC deals
with the deployment of PC oriented Trusted Computing
use  and  applications.  It  will  also  sponsor  the
compliance testing of realised TC HW and SW against
the TCG specification to give the users trust into the
correctness of their application. 

TEC, IFX, RUB

ITEA

€-confidential 

Trusted SW execution based on COTS. 
Trusted  Security  Platform  to  secure  multi  kind  of
application  and  to  provide  a  trustworthy  execution
environment; Develop a safe and trustworthy security
platform that will allow to control and to ensure a trust
execution  of  security  services  (authentication,
ciphering, …) for sensitive applications (PMR, e-vote, e-
bank, …) running on COTS.

CEA (labeled but
waiting for
financing)

NGCC 

New C Compiler

CEA (labeled but
waiting for
financing)

TECOM

R&D  of  a  family  of  HW/embedded  SW  silicon
components   enforcing   secure   and   trusted   computing
for  the  areas  of  Consumer,  Computer,
Telecommunications

 and

 Wireless.

Development  of  a  trust  concept  and  architecture
elements usable in other European industrial segments
such as automotive, industrial, aeronautics (especially
in their content acquisition and payment, ticketing and
DRM

 aspects)

Relevant  European  contributions  related  to  Trusted
Computing  standards  while  keeping  inter-operability
with existing US-led or Asian initiatives.  

IFX, TEC

IST FP6 

IPs

DESEREC 

Dependability  and  Security  by  Enhanced
Reconfigurability
DESEREC will respond efficiently to the three families
of  incidents  which  can  occurs  on  a  critical  system:
Attacks  from  the  outside,  Intrinsic  failures  and
Misbehavior or malicious internal use. 

POL (scientific
leader), BME

PRIME 

Privacy and Identity Management for Europe
To research and develop approaches and solutions for
privacy-enhancing  identity  management  that  can

HP, KUL, TUD, IBM

OpenTC Deliverable 10.1

19

background image

FINAL

make  the  European  citizens  empowered  to  exercise
their privacy rights, and thus enable them to gain trust
and confidence in the information society

 

SECOQC 

Development  of  a  Global  Network  for  Secure
Communication based on Quantum Cryptography

HP

STREPS

HIDENETS 

HIghly DEpendable ip-based NETworks and Services
The aim of HIDENETS is to develop and analyze end-to-
end resilience solutions for distributed applications and
mobility-aware  services  in  ubiquitous  communication
scenarios.  Technical  solutions  will  be  developed  for
applications with critical dependability requirements in
the context of selected use-cases of ad-hoc car-to-car
communication with infrastructure service support. 

BME

POSITIF

Policy-based  Security  Tools  and  Framework.  POSITIF
will  develop  a  framework  and  tools  for  policy-based
protection  of  networked  systems  and  applications.  A
multi-level policy language will be used to describe the
desired security policy (high-level requirements and/or
detailed controls) while a system language will be used
to  describe  the  target  system  (interconnection
topology, functional and security capabilities). 

POL (coordinator)

NOE

FIDIS 

The Future of Identity in the Information Society
To shape the requirements for the future management
of identity in the European information
society  and  contributing  to  the  technologies  and
infrastructures needed.

KUL, IBM

ECRYPT 

To ensure a durable integration of European research
in  both  academia  and  industry  and  to  maintain  and
strengthen the European excellence in these areas 

KUL, RHUL, IBM

ReSIST

ReSIST is a Network of Excellence that integrates
leading researchers active in the multidisciplinary
domains of Dependability, Security, and Human
Factors, in order that Europe will have a well-focused
coherent set of research activities aimed at ensuring
that future “ubiquitous computing systems” (the
immense systems of ever-evolving networks of
computers and mobile devices which are needed to
support and provide Ambient Intelligence), have the
necessary resilience and survivability, despite any
residual development and physical faults, interaction
mistakes, or malicious attacks and disruptions.

IBM

CA

ESFORS 

European  Security  Forum for web  services,  software,
and systems
ESFORS is a Coordination Action that aims at bringing
together  the  European  stakeholders  for  security  and
dependability  Information  and  Communication
Technologies  (ICTs)  to  address  the  security  and
dependability  requirements  of  emerging  software
service platforms. 

HP

PASR

ROBIN

Open Robust Infrastructure

TUD

OpenTC Deliverable 10.1

20

background image

FINAL

The objective of this Preparatory Action is to explore
key technologies for a small, robust platform that can
host legacy operating systems and their applications,
but  that  is  small  enough  to  undergo  formal  analysis
and construction techniques.

SES

DERlab

This project is oriented to establish new testing
facilities for distributed energy resources (DER) in
Europe and other parts of the world. The objectives of
this project are to identify relevant laboratories
working in this field and to support networking and
information exchange between the involved
institutions.

TUS

NNE

REMPLI

The Real-time Energy Management via Powerlines and
Internet project aims at creating a distributed
infrastructure suitable for real-time data collection,
data processing for billing, statistics and planning (as
well as tariff management), management of the
distribution network (supervision, control, quality),
energy loss detection and fault control and inclusion of
add-on services (domotics, security).

TUS

3.2 Participation in national projects

France

System@Tic
project PFC
(Plate-Forme de
Confiance)

The competitiveness pole System@Tic deals with
complex hardware and software systems and is
financed by the Paris area. PFC proposes to develop a
platform that allows companies, administrations and
citizen to build reliable and trusted information
systems and associated processes. More generally, the
aim is to increase the control of all the technological,
legal and societal aspects bound to the development of
e-activities.

CEA (labelled and
waiting for
financing)

RNTL project CAT

Static analysis tools for the C language.

CEA (labelled and
waiting for
financing)

Germany

EMSCB 

European Multi-lateral Secure Computing Base
This is a German national project, started on October
2004  and  sponsored  by  the  German  Ministry  of
Economics. The project target the acquisition of a first
Trusted  Computing  experience  through  the
development of some Trusted Components, including
Tamper  devices,  HDD  encryption,  DRM  viewers.
Relation with TSC will be established through Infineon
and Ruhr University Bochum, EMSCB partners 

RUB, TUD, IFX

OpenTC Deliverable 10.1

21

background image

FINAL

VFiasco

A  DFG  Project  that  aims  to  verify  some  security
relevant properties of a complete µ-kernel.
See: 

http://os.inf.tu-dresden.de/vfiasco/

 for details.

TUD

Hungary

CCLAB

Project for establishing an accredited Common Criteria
evaluation laboratory

BME

United Kingdom

XenSE

Xen:  Security  Enhanced.  EPSRC  national  research
project involving CUCL, Intel Research Cambridge and
CESG.  This  will  build  a  prototype  system  for  trusted
computing which aims to be architecturally compatible
with the output of the OpenTC project work. Particular
focus on usability and desktop aspects. 

CUCL

Trust
Establishment  in
Mobile
Distributed
Computing
Platforms

The  goal  of  this  EPSRC-funded  3-year  project  are  to
establish  a  secure  association  between  a  mobile
wireless device (or network) and the grid. It will study
the  problem  of  the  applicability  of  TC-elements  to
distributed systems, and grid in particular. The use of
DRM  techniques  to  protect  data  on  the  grid  will  be
investigated.

RHUL

OpenTC Deliverable 10.1

22

background image

FINAL

Planned dissemination activities

The plan for this project is to get the non-expert public informed about the challenges
and research on IST related topics. All project partners are planning to continue to
raise public awareness via newspapers, magazines and Internet platforms. Section 4.1
gives information on the current dissemination plans among partners, while Section
4.2 presents the dissemination activities already planned.

4.1 Partners' plans for dissemination

All the OpenTC partners will be invited to and will attend conferences and workshops
outside the consortium, where they will be able to present the OpenTC project as well
as  our  knowledge  about  the  EC  project  management.  Intense  communication  of
progress  and  achievements  to  external  organisations  as  industry  companies,
standardisation bodies, research communities and the European Union will continue as
it was undertaken during the first six months.

Partners involved in WP10 will also continue to develop training concepts and material
for existing and potential costumers. Technikon will support the other partners and a
major  outcome  at  the  end  of  the  project  will  be  training  documents  for  the  Open
Trusted Linux Platform and Modules. 

As the coordinator of the OpenTC project, Technikon will continue to contribute an
essential  part  of  its  work  to  the  project  management  (administration,  risk
management  and  innovation  management),  to  the  self-assessment  and  to  the
dissemination activities in the project. Technikon will develop a dissemination plan in
the next few months. Therefore all partners will have to identify target groups and
appropriate  dissemination  channels  (e.g.  Identification  of  relevant  conferences,
journals etc.). This deliverable also contributes to the dissemination planning thanks to
information about further dissemination activities (upcoming conferences, workshops
etc.) provided by the partners. 

Technikon  also  continues  to  work  on  a  leaflet  which  will  be  provided  within  the
consortium and will be distributed widespread at conferences and other public events.
Furthermore  Technikon  will  participate  in  national  conferences  and  workshops  to
impart  the  knowledge  of  coordinating  European  projects  and  it  will  spread  in  the
course of these conferences the information about the OpenTC project.

Technikon  has  a  strong  background  in  normalization  work,  contributing  to  ÖVE,
ÖNORM,   IEEE,   ETSI,   CEN,   CENELEC   and   ISO.   Technikon   will   strive   to   foster
standardization  activities  and  the  exchange  of  knowledge  between  standardization
bodies  and  the  OpenTC  consortium.  Furthermore  Technikon  will  encourage  the
organisation of workshops with other projects dealing with security, and will promote
research in all areas OpenTC addresses.

CEA is already  planing  to disseminate  the  knowledge  of  the  OpenTC project  using
various channels, namely:

web pages on the CEA extranet, allowing other researchers and industries to be
aware of the project

web pages on the CEA intranet, allowing company-wide awareness of the project.

OpenTC Deliverable 10.1

23

background image

FINAL

These pages address other departments (such as LETI, Laboratory for Electronics
and Instrumentation Techniques)

references  to  the  OpenTC  project  at  the  occasion  of  new  national  project
submissions

internal presentations at laboratory, department and company meetings.

Later,   the   results   of   this   project   can   be   used   for   training   purposes,   integrated   to
software engineering and security courses at INSTN, the french institute devoted to
post-graduate education and professional training in nuclear science and technology
within CEA. See also 

http://www-instn.cea.fr/.

 In this manner, recent results concerning

software security can be taught to our future engineers and technicians, making them
fully aware about the risks incurred to software in nuclear applications.

ISECOM  is  a  standardization  body  referred  to  by  multiple  government  and  private
sources including other standardization bodies. ISECOM provides a monthly newsletter
which reaches approximately 5000 people internationally and are further carried in
additional  mailing  lists:  cccure.org  directed  at  CISSPs,  and  ccc_emails  directed  to
compliance officers reaching an approximate total of 30,000  people internationally.
ISECOM will also use other forms of electronic press (e-mail, website, blogs, and lists).
With electronic media our goal is to gain the confidence of the security and privacy
professionals.   With traditional  media,  we would like  to take  the  issues  of  Trusted
Computing to the masses.

A radio/tv/newspaper press conference for Spain is in development to introduce the
project and new project team once assembled completely. ISECOM has designed a
project collaboration  workspace  for  the  OpenTC project at  

www.isecom.info/moodle

and has opened it up to the ISECOM project team.  An administrator and a technician
have been hired to handle the further development.

ISECOM wrote a paper for LinuxTag in Germany which had been rejected. The paper
has been re-written as a press release regarding the ISECOM OpenTC methodology
project for release when all of the project team has been hired. A request for a project
manager and assistant have been sent to through the ISECOM News and Partner
channels however no one of proper qualifications has yet been found, but the search
will continue.

4.2 Conferences or public discussions/talks

4.2.1 Active role (speaker, presenter, moderator)

Name of the event

Linux and Free Software Festival

Date

11-14/05/2006

Place

Middle East Technical University, Ankara, Turkey

Organisation and number of
participants

PORT (Bora Güngören)

Content of presentation/talk

1-hour  Encrypted  File  Service  seminar  for  Linux
Festival,   and   4   days   of   OpenTC   and   EFS
presentation on the OpenTC stand

OpenTC Deliverable 10.1

24

background image

FINAL

Hyperlink to conference
website

http://senlik.linux.org.tr/2006/

This  is  the  largest  Linux  conference  in  Turkey.
Each  seminar  has  an  average  audience  of  more
than  100  Linux  users  and  developers  and
government representatives.

Outcome 

Increase awareness and interest of developers in
Open TC project and its public deliverables 

Name of the event

IBM Future Business Summit 2006

Date

02/05/06

Place

Sheraton Convention Center, Ankara, Turkey

Organisation and number of
participants

PORT (Bora Güngören)

Content of presentation/talk

Open TC Project and its effects on Enterprise Linux

Hyperlink to conference
website

TBD as a followup of press release

Outcome 

Raise  awareness  about  Open  TC  project  among
Turkish  IT  decision  makers  in  industry  and  in
government, more than 50 people

Name of the event

EMO Linux Day

Date

09/2006

Place

Ankara, Turkey

Organisation and number of
participants

PORT (Baran Erdo

ğ

an)

Content of presentation/talk

Panelist on the topic “Linux and Security”

Hyperlink to conference
website
Outcome 

Increase awareness and establish connections for
future  collaboration  in  Turkish  engineering
community

Name of the event

Cebit Bili

ş

im Eurasia Fair and Conference

Date

09/2006 

Place

İ

stanbul, Turkey

Organisation and number of
participants

PORT (Bora Güngören)

Content of presentation/talk

Trusted   Computing   and   Next   Generation   Linux
Security 

OpenTC Deliverable 10.1

25

background image

FINAL

Hyperlink to conference
website

http://www.cebitbilisim.com/

 

Outcome 

Increase awareness and establish connections for
future  collaboration  in  Turkish  engineering
community

Name of the event

IEEE International Conference on Technologies for
Homeland Security and Safety

Date

09-13/10/2006

Place

İ

stanbul, Turkey

Organisation and number of
participants

PORT (Bora Güngören, Baran Erdo

ğ

an)

Content of presentation/talk

Presentation  of  the  Encrypted  File  System  (EFS)
(paper is not yet officially accepted, presentation
is being communicated seperately) 

Hyperlink to conference
website

http://www.tehoss2006.org/

 

Outcome 

Introduce  EFS  and  establish  contacts  for  further
collaboration in academia

Name of the event

Chamber of Electrical Engineers (EMO) 
Monthly Technical Seminar

Date

11/2006 

Place

Ankara, Turkey

Organisation and number of
participants

PORT (Baran Erdo

ğ

an)

Content of presentation/talk

Open Trusted Computing project and EFS

Hyperlink to conference
website

http://www.emo.org.tr/

 

(monthly announcement TBD)

Outcome 

Introduce Open TC and EFS and establish contacts
for further  collaboration in industry 

Name of the event

LinuxTag 

Date

03-04/05/2006  (2  presentations  at  different
events)

Place

Wiesbaden, Germany

Organisation and number of
participants

HP (1)

Content of presentation/talk

OpenTC  Introduction  (similar  to  the  Indicare

OpenTC Deliverable 10.1

26

background image

FINAL

articles, see Section 2.2)

Hyperlink to conference
website

http://www.linuxtag.org/2006/

Outcome 

Major Linux expo and Conference
Tbd.

Name of the event

LinuxTag

Date

06/05/2006

Place

Weisbaden, Germany

Organisation and number of
participants

CUCL (1)

Content of presentation/talk

Overview of Xen 3.0 and architecture

Hyperlink to conference
website

http://www.linuxtag.org/2006/

Outcome 

TBD

Name of the event

Grazer Linux Tag 06

Date

20/05/2006

Place

Graz, Austria

Organisation and number of
participants

IAIK (1)

Content of presentation/talk

OpenTC  Introduction,  Overview  of  available  TC
Infrastructure for Linux

Hyperlink to conference
website

http://www.linuxtage.at

Outcome 

Awareness of OpenTC among developers

Name of the event

High-level workshop about project management of
European  research  projects  of  the  6

th

 framework

program organised by Austrian Administrative

Date

01/07/2006

Place

Vienna, Austria

Organisation and number of
participants

TEC (1)

Content of presentation/talk

Presentation  about  the  management  of  an
European  research  project  in  the  6

th

 framework

program with OpenTC as example

OpenTC Deliverable 10.1

27

background image

FINAL

Hyperlink to conference
website

http://www.ffg.at/index.php?cid=1075

Outcome 

The workshop will raise public awareness

Name of the event

I-NetSec 2006 in conjunction with IFIP TC 11's
SEC'2006

Date

22/05/2006

Place

Karlstad, Sweden

Organisation and number of
participants

BME

Content of presentation/talk

Anonymity issues of secure networks

Hyperlink to conference
website

http://www.sec2006.org/index.php?INETWS=true

Outcome 

Awareness of OpenTC

Name of the event

CISO Summit

Date

15/06/2006

Place

Barcelona, Spain

Organisation and number of
participants

MISTI Europe

Content of presentation/talk

As part of discussion within "Legal & 
Compliance  Challenges  for  Today's  CISO  -
Obstacles & Overlaps”

Hyperlink to conference
website

http://www.misti.com

 

Outcome 

Tbd.

4.2.2 Passive role (attendee)

Name of the event

ARTEMIS annual conference 2006

Date

22–24/05/2006

Place

Graz, Austria

Partner

TEC

Hyperlink to conference website

http://www.artemis-office.org

OpenTC Deliverable 10.1

28

background image

FINAL

Name of the event

Austrian  Presidency  Conference  on
European Technology Platforms

Date

04–05/05/2006

Place

Vienna, Austria

Partner

TEC

Hyperlink to conference website

http://www.eu2006-
technologyplatforms.at/

Name of the event

Fourth iTrust International Conference  on
Trust Management

Date

16-19/05/2006

Place

Pisa, Italy

Partner

RHUL

Hyperlink to conference website

http://www.iit.cnr.it/iTrust2006/

 

    

Name of the event

Usenix Security

Date

31/07/2006 to 04/09/2006

Place

Vancouver, Canada

Partner

CUCL

Hyperlink to conference website

http://www.usenix.org/events/sec06/

Name of the event

LinuxTag

Date

06/05/2006

Place

Weisbaden, Germany

Partner

SUSE

Hyperlink to conference website

http://www.linuxtag.org/2006/

4.3 Articles in journals and magazines, papers, electronic publications

Date
Name

Official magazine of Chamber of Electrical
Engineers (EMO) “Elektrik Mühendisli

ğ

i”

Spread

National (more than 30.000 engineers)

Content

5-10  page  Open  Trusted  Computing
article  to  reflect  Trusted  Computing  and

OpenTC Deliverable 10.1

29

background image

FINAL

Open_TC specifications as to be published
on the project web site. 

Partner

PORT

Date

03-04/05/2006

Name

LinuxTag Conference CD

Spread

International

Content

Outline of OpenTC (why Open Source and
Trusted

 Computing,

 architectural

approach, outlook)

Partner

HP (Dirk Kuhlman)

Date
Name

13th  International  Static  Analysis
Symposium (SAS06)

Spread

International

Content

Paper on the C code static analysis tool

Partner

CEA

Date

Planned Q3 2006

Name

Protecting OS with Immutable Memory

Spread

International

Content

Academic paper

Partner

CUCL

Date

01/05/2006 (to be published 12/2006)

Name

Hacking Exposed Linux 3

rd

 Edition

Spread

International

Content

Trusted Computing and Linux

Partner

ISE

OpenTC Deliverable 10.1

30

background image

FINAL

4.4 Cooperations with external organisations

Workpackages

4, 6, 8

OpenTC partner

RHUL, RUB, HP, CUCL, TUD

External organisation(s)

CESG (UK), BSI (DE)

Type of activity, date and
duration

European  summer  school  on  Trusted  Infrastructure
technologies, 19-25/08/2006, 4 days

Objectives

Fostering a European academic research environment
for Trusted Computing

Resources
Actions

See 

http://www.softeng.ox.ac.uk/trusted/

 

Outcome

Workpackages

1

OpenTC partner

TEC

External organisation(s)

University of Innsbruck

Type of activity, date and
duration

Correlation with national security activities

Objectives

TEC will become a member of the IGIS (syndicate about
information security) group

Resources

2-3 Person days 

Actions

Attending  correlation  meetings  and  exchanging
information

Outcome

Be a member of the IGIS group to get access to their
platform  and  to  exchange  the  knowledge  about
information security

Workpackages

4

OpenTC partner

CUCL

External organisation(s)

IBM USA, Intel USA, Intel Cambridge

Type of activity, date and
duration

Meeting planned for 04/2006.

Objectives

Interchange of ideas and plans

Resources
Actions
Outcome

OpenTC Deliverable 10.1

31

background image

FINAL

Workpackages

8

OpenTC partner

IFX

External organisation(s)

OMTP

Type of activity, date and
duration

Email contact via David Jennings

Objectives

Take part in OMTP conference calls and meetings  on
hardware security, and check that the WP8 OpenTC
documents are consistent with OMTP specifications and
proposals as they become available

Resources
Actions
Outcome

OpenTC Deliverable 10.1

32

background image

FINAL

List of Abbreviations 

TEC

Technikon Forschungs- und Planungsgesellschaft mbH (AT)

IFX

Infineon Technologies AG (DE)

HP

Hewlett-Packard (UK)

IAIK

IAIK, Graz University of Technology (AT)

LDV

Lehrstuhl für Datenverarbeitung, Technische Universität München
(DE)

SUSE

SUSE Linux Products GmbH (DE)

RHUL

Royal Holloway and Bedford New College (UK)

ITAS

ITAS, Forschungszentrum Karlsruhe GmbH (DE)

TUB

TUBITAK, National Research Institute of Electronics & Cryptology (TR)

POL

Politecnico di Torino (IT)

BME

Budapest University of Technology and Economics (HU)

CEA

Commissariat à l’Energie Atomique-LIST (FR)

RUB

Horst Goertz Institute for IT Security, Ruhr-University Bochum (DE)

TUD

Technische Universitaet Dresden (DE)

CUCL

University of Cambridge Computer Laboratory, University of
Cambridge (UK)

IBM

IBM Research GmbH (CH)

ISE

Institute for Security and Open Methodologies (ES)

AMD

Advanced Micro Devices (DE)

PORT

Portakal Teknoloji Egitim Danismanlik Yazilim Turizm Taahhut (TR)

INTEK

INTEK (RUS)

TUS

Technical University of Sofia (BG)

KUL

Katholieke Universiteit Leuven (BE)

COM

Comneon GmbH & CoOHG (DE)

OpenTC Deliverable 10.1

33