VesselSat

LM-4B Launch

PSLV Launch

News Details

Project INSECT (INtroduction of SECurity and Trust in the EO data chain) kicked off at ESRIN

2008-10-27

LuxSpace together with its partners HITEC and LUXTRUST has been entrusted by ESA to study the "Introduction of Security and Trust in the EO data chain". The study was kicked-off at ESRIN on 27 October 2008.

Security and Trust are the most important and the most discussed topics in today's Internet based communication world. Securing documents and transactions transmitted over the internet is a must in applications like Internet Banking and e-commerce. The deployment of digital signatures and trusted time stamping to ensure the integrity of documents is just starting.

When it comes to Earth Observation, such a security does not yet exist. Several international organizations like the UN, the European Union (EC Directorates General) and European Agencies as well as private sector entities (e.g. insurance companies) and others are using EO data to support the enforcement of policies, management of funds and subsidies and emergencies. Whenever EO data may be used in courts or for policy and regulation enforcement, the integrity of the EO data and the integrity of the whole process for processing the data and extracting the information shall be ensured. It must be possible at all time to reproduce the results on the original data.

The best way to ensure the integrity of documents is to sign the document with a trusted timestamp and a digital signature. With a trusted timestamp, a trusted third party certifies the existence of the given document since the date and time that is indicated in the timestamp response. In addition to that, the document can be digitally signed by the creator or issuer of the document. This digital signature should be based on a user certificate issued by a trust center. Using qualified certificates is of even greater benefit as these certificates are accepted by all European countries as legally binding digital signature.

The aim of this 6-month study is analyse and define the requirements for signing and time-stamping EO products and derived information, show how they can be introduced into the data flow(s) and infrastructure(s) and processing, and show with a demonstrator an example how signatures and timestamping could be integrated into the existing EO ground segment.
The work program of this study is divided into 3 work packages:

    * Requirements Analysis
    * Architecture and Process Definition
    * Demonstrator Development

The Requirements Analysis led by LuxSpace Sarl defines the requirements baseline for security and trust mechanism in the Earth Observation data exploitation chain. Information collection with the compilation and review of relevant documentation, personal interviews with a selected number of representatives of the stakeholder groups will be carried out. Representatives of these groups are for example members or users of GMES projects. The results of this user requirements survey will be the baseline for the further work.

The Architecture and Process Definition task led by LuxTrust aims to define a general architecture and process for the introduction of timestamping and digital signatures into the EO chain. The overall architecture will be defined based on the requirements baseline. In addition the scenario for a demonstrator will be selected and the design and interfaces specified.

The Demonstrator Development led by HITEC Luxembourg validates and evaluates the architecture by implementing a timestamping and signing application for a specific scenario selected in the previous work. This application will allow the signing and timestamping of EO data files and the verification of the integrity of the files. The result of this work is a demonstrator, showing an example how trust concepts could be introduced into the EO process.

For further information please contact Luxspace.

Go back