Introduction of the SECurity and Trust concepts in the EO exploitation chain INSECT Executive Summary Version 1.

0 15/09/2009

A project funded by contract: project: reference: issue: revision: status: date of issue: document type: authors: approved: ESRIN/Contract No. 21768/08/I-EC INSECT INSECT-HTC.TN-FR 1.0 0 Released 15/09/2009 Executive Summary W. Croi / LuxSpace (croi@luxspace.lu) F. Foeteler / LuxTrust (frederic.foeteler@luxtrust.lu) H. Linke / HITEC Luxembourg (Harold.Linke@hitec.lu) H. Linke, INSECT Project Manager

All rights reserved.

INSECT
Executive Summary

Doc N: Issue: Page

INSECT-HTC-FR 1.0 2
Date: of

15/09/2009 5

1.
1.1

SCOPE OF THIS DOCUMENT

SCOPE OF THE DOCUMENT

The present Executive Summary is the summary of the ESA project INSECT (reference ESRIN/Contract No. 21768/08/I-EC).

2.
2.1

APPLICABLE AND REFERENCE DOCUMENTS

APPLICABLE DOCUMENTS

[AD01] European Space Agency (2008): Statement of Work INtroduction of SECurity and Trust in the EO exploitation chain.- Issue 1, revision 0, April 2008 (Doc ref GSTPRTDA-EOPG-SW-08-00019, Frascati

2.2

REFERENCE DOCUMENTS

[RD01] INSECT Project, Requirements baseline, version 2.5, Ref INSECT-LXS.TN-RB [RD02] INSECT Project, Architecture Technical Note, version 1.4, Ref INSECT-LXS.TN-AR [RD03] INSECT Project, Technical Implementation Note, version 1.0, Ref INSECT-LXS.TNTIN [RD04] INSECT Project, Requirements Baseline for Demonstrator, version 1.6, Ref INSECT-LXS.TN-RBD

3.

DEFINITIONS AND ACRONYMS

Directorate General Agriculture Directorate General Environment European Commission European Environment Agency Earth Observation European Space Agency Global Monitoring for Environment and Security INtroduction of SECurity and Trust in the EO exploitation chain Joint Research Centre Institute for Security and Protection of the Citizens Trusted Third Party Trusted TimeStamps
Table 1: List of Acronyms

DG AGRI DG ENV EC EEA EO ESA GMES INSECT JRC-ISPC TTP TTS

All rights reserved.

INSECT
Executive Summary

Doc N: Issue: Page

INSECT-HTC-FR 1.0 3
Date: of

15/09/2009 5

4.

EXECUTIVE SUMMARY

Security and Trust are the most important and the most discussed topics in todays Internet based communication. Securing documents and transactions transmitted over the Internet is a must in applications like Internet banking and electronic commerce. But when it comes to Earth Observation, no firm concepts for securely dealing with valuable data over the Internet exist yet. In analogy to these Internet transactions the best way to ensure the integrity of EO data is to add a legally recognized digital signature and a Trusted Time Stamp (TTS) onto the document in order to prove the original date of the document. With the TTS, a Trusted Third Party (TTP) certifies the existence of a given document at the indicated date and time. The objectives of the INSECT study were to show how security and trust concepts could be introduced into the EO exploitation chain. After an analysis and definition of the requirements for digitally signing and timestamping EO products and their derived information the study showed how these mechanisms and concepts can be introduced into relevant data flows as well as infrastructures and processes The Development of a demonstrator showing an example of how digital signatures and timestamping could be integrated into the existing EO ground segment environment. The study was executed by HITEC Luxembourg S.A. (coordinator), LuxSpace S..r.l. and LuxTrust S.A. (the three parties are also referred to as the Consortium). The Requirements Analysis showed that a big interest in this topic already exists. Several international organizations like the United Nations, the European Union (EC Directorates General and Agencies, namely DG ENV, DG AGRI, EEA, JRC-ISPC) as well as private institutions (e.g. insurance companies) and others start to use EO data to monitor enforcement of policies, to manage funds and subsidies and to respond to emergencies. But whenever EO data is intended to be used in courts or for policy and regulation enforcement, the integrity of the EO data and the integrity of the entire data processing chain must be ensured which results in the following key requirements: It must be possible to reproduce the results based on the original data at all times. It must be possible to verify the integrity of the original data and the results produced in each processing step, to ensure that the data has not been changed. A common timestamp that is based on a central trusted service for all EO-data would be very interesting.

For the introduction of the signing technologies two criteria are vital and essential in order to guarantee an acceptance by all concerned EO business actors: Neither the original image data nor its corresponding metadata may ever be diminished by adding the signature and timestamp. It must at all times be possible to interpret the original image data for third parties that are not in possession of specific signature or timestamping skills and tools.

A synthesis of the EO data exploitation chain shows the potential steps in which the method of signing and timestamping EO data and the derived products increases security. Figure 1:

All rights reserved.

INSECT
Executive Summary

Doc N: Issue: Page

INSECT-HTC-FR 1.0 4
Date: of

15/09/2009 5

EO exploitation chain introducing Digital Signatures / Time Stamps provides a quick overview on these different milestones where the introduction of an advanced security mechanism is recommended.

Figure 1: EO exploitation chain introducing Digital Signatures / Time Stamps

Five use cases have been identified footing on and reflecting the above mentioned requirements, illustrating the various modes of creating digital signatures (manual vs automated), timestamps and their respective validation offerings. The business interaction between a single EO data user and multiple EO data providers have also been highlighted such as the coordinated handling of EO data by means of a trusted party when it comes to a GMES repository. In the Architecture and Process Definition task, a general architecture and process for the introduction of timestamping and digital signatures mechanisms into the EO data chain was defined, based on the outcomes of the Requirements Analysis. This architecture is based on seven building blocks: BB1 Manual Signature - Creation of a digital signature by a digital certificate connected to the operators computer; BB2 Automated Signature - digital signing based on the automated Mass Signature service; BB3 Timestamp Creation - Requests online a digital timestamp; BB4 Signature Validation - Validates the integrity of a digital signature; BB5 Timestamp Validation - Validates the integrity of a digital timestamp; BB6 Certificate Validation - Verifies the certificate validity; BB7 Author Identification - Allows identification of the certificate owner.

All rights reserved.

INSECT
Executive Summary

Doc N: Issue: Page

INSECT-HTC-FR 1.0 5
Date: of

15/09/2009 5

The implementation of the seven building blocks is based on the existing services of the study partner LuxTrust S.A., the Luxembourg based certification authority delivering electronic certificates for people authentication and secure electronic signatures with legal value. To validate and evaluate the architecture a Demonstrator application implementing all building blocks for timestamping and signing processes was developed. This demonstrator was tested together with and approved by an EO data & service provider. To avoid interference with the existing processes of the EO data & service provider the signing and timestamping of the EO products was done when the products were ready for transmission to the customer (see star 4 of Error! Reference source not found.). This was achieved by monitoring a special output directory of the transmission FTP server. All new products stored in this output directory were automatically digitally signed and timestamped by the Demonstrator. No manual interaction was necessary. The user can download a simple JAVA application that allows him to validate the signatures and timestamps and identify the author of the signature. The INSECT study demonstrated that using digital signatures and timestamping are useful for EO data & service providers and for the ESA. The Demonstrator showed that the concept can be realised with existing (and future) solutions provided by LuxTrust. The performance was good and the user friendliness of the automatic signing solution was accepted. As the overall costs for implementing this service are relatively low the barrier is not very high. As next steps are proposed: Implement the concept of digital signatures and timestamps into the ESA GMES coordinated data access system. Further analyse the legal framework and propose actions to make the usage of digital signatures a pre-requisite for EO data handling at a large scale (even in space). Start studies or further analysis how to implement an Audit trail using digital signature and timestamping.

All rights reserved.