Data Privacy Week kicked off in the EU with a pledge from the industry to defend encryption in 2024.

Some of the companies using this technology to develop security software, including VPN services, and secure email and messaging apps, are now calling EU ministers to defend their citizens' privacy and withdraw a worrying proposed regulation.

Deemed by critics as Chat Control, the EU Child Sexual Abuse Material (CSAM)Scanning Proposal could allow authorities to scan people's private and encrypted chats for dangerous content as a way to halt child sexual abuse (CSA) online.Yet, experts argue that going down this route rather endangers users (children included) instead.

"We all agree that ensuring children are safe online is one of the most important duties of tech companies and for this reason, we find the European Commissions proposed Regulation extremely worrying. If it were implemented as proposed, it would negatively impact childrens privacy and security online, while also having dramatic unforeseen consequences on the EU cybersecurity landscape, creating an ineffective administrative burden," wrote the experts in an open letter.

The group, composed of trade associations, and small and medium-sized tech companies, especially pointed out the risk of having a "backdoor" to allow authorities to scan messages in end-to-end encrypted environments.

So-called client-side scanning may help fight online crime, but, they argue, "it would also quickly be used by criminals themselves, putting citizens and businesses more at risk online by creating vulnerabilities for all users alike."

Among the signatories (22 in total) are popular VPN provider Surfshark, Swiss-based security software firm Proton, secure email service Tuta (formerly known as Tutanota), and encrypted messaging app developer Element.

The recent attack on encryption and the concept of client-side scanning began filling the news last year as tech companies raised the alarm on similar proposed legislation in the UK. While the Online Safety Act is now law, the messaging scanning requirement has been postponed until "it's technically feasible to do so" without breaking encryptiona solution that delays the issue rather than solving it.

In October the EU Parliament reached a historical agreement, though, asking for the removal of the Chat Control clause in order to safeguard online security and encryption. Now, it's the time for each EU Member State to agree on their own position.

"We call on our ministers, specifically on Nancy Faeser (SPD, Germany), to choose the right side in this discussion: uphold strong encryption and protect the human right to privacy of millions of EU citizens and businesses," said Matthias Pfau, founder of German secure email provider Tuta Mail.

According to Pfau, Europe cannot pride itself on the progress made with GDPR legislation while simultaneously promoting client-side scanning. "Such a move would destroy any credibility the EU currently holds in matters of privacy and cybersecurity," he said.

Did you know?

One of the most secure VPN providers out there, Mullvad VPN got vocal last year to raise awareness of the risks of the EU Chat Control law. It sends hundreds of emails to both journalists and politicians, while even putting giant banners across airports and the streets of some European cities. "Mullvad is usually a very silent company. This is probably the first time we really got mad enough to speak out," Jan Jonsson, CEO at Mullvad, told me when the company began its campaign in March last year.

EU State members are expected to vote on the proposed CSA regulation in the next few weeks and they hope to reach an agreement by March. Romain Digneaux, Public Policy Specialist at Proton, explained that only after that trilogue negotiations will be able to start. With EU Parliament elections happening in June, though, time is everything.

"We hope that the Belgian Presidency will act as an honest broker and take inspiration from the European Parliament to make sure that children are adequately protected, as well as everyone's right to privacy and security online," Digneaux told me. "However it looks like deep divisions still remain between member states."

All in all, experts are calling for finding a balanced approach alongside technically feasible solutions that could enhance child protection rather than undermine it. Specific requests include preserving the confidentiality of correspondence, refraining from forcing tech companies to perform mass surveillance and minimizing the administrative burden of the proposalby finding alternatives to mass scanning.

Commenting on the latter point, Digneaux told me: "There are many methods for combating crime online, as has been proven time and time again, which dont compromise privacy and security. While we cant publish the exact methods that we use (as that would play into the hands of the bad actors), at Proton we have a large team who work 24/7 to identify and remove bad actors and we cooperate with law enforcement within the framework of Swiss law.

"To sound horribly pragmatic, there is zero benefit to us to turn a blind eye to this behavior. In fact, the opposite, criminal behavior presents a huge threat to our entire business."

Read the original post:
EU ministers urged to defend citizens' right to data privacy - TechRadar

The future of data privacy is the end of compromise. With the world producing data at astounding rates, we need ways to put data to the best use while protecting against breaches and ensuring privacy, data protection and access control.

These principles are foundational to attribute-based encryption (ABE)a novel form of encryption that after years of study is now beginning to be commercially deployed.

Compared to the prevailing coarse-grained access model of legacy encryption technologies, in which giving out a secret key essentially amounts to giving access to all the encrypted data, ABE is a more finely tuned approach that grants prescribed access of encrypted data to someone with a matching set of traits.

The paradigm is thus shifting from all-or-nothing to both-and. Both access to critical data for those with an authorized need-to-know and sustained encryption for all other data to be kept protected. The use cases for this policy-based approach are compelling, and behind them lies a distinguished theoretical foundation.

The history of ABE goes back to a ground-breaking 2005 paper titled Fuzzy Identity-Based Encryption. Fifteen years later, recognizing the papers significance, the International Association for Cryptologic Research (IACR) gave it a 2020 Test of Time Award. One of its co-authors, Dr. Brent Waters, later said the paper has had a three-fold impact.

First, there has been the concept of ABE as its own application with distinctive new use cases, several of which are discussed below. Second, the cryptographic research community not only has spent years studying ABE, but also used ABE as a building block, leveraging it to obtain new results in work on other problems. Third, according to Dr. Waters, the work in ABE inspired us to rethink encryption in even bigger and grander ways. One such overflow has been functional encryption, which allows a user to learn only a function of a data set.

For ABE, the end goal is fine-grained access to the data itself. On its own, thats a revolution. An ABE scheme can provide the right user with a key to very specific data. Not to an entire file cabinet, so to speak, but to a single line item within a category of filed documents. The elegance of this approach is that it protects the data through encryption, and by embedding access control mechanisms directly into the data, it ensures proper protection at all times, regardless of the system or environment. This unique advantage significantly enhances traditional system-based access control.

So how does this play out in practice? An ABE hackathon hosted by NTT Research in late 2022 provided several examples. The hackathon winner was an ingenious application of ABE to surveillance video, with advanced privacy protection.

Motivated by an incident involving leaked footage that revealed faces in a crowd, the data scientist and implementation engineer who created this app realized that they could use ABE to protect privacy and to make certain data (e.g., images of a criminal suspect) available to authorized personnel. Their hackathon demo extended privacy to a broader range of data, including building logos and license plates, as well as metadata containing GPS information.

This winning demo used a combination of artificial intelligence (AI), network edge processing, encryption, policy and data storage. First, using video they had shot in San Francisco, the site of the hackathon, they detected and labeled objects, through an edge-based convolutional neural network. Then they encrypted images, mapping between labels and ABE policies, such as allowing only an authenticated user with certain attributes to decrypt an object labeled face. Finally, they stored the video, including blurred images and encrypted metadata, in a database.

Demos from other hackathon participants illustrated more use cases, such as: ticketing and physical access to a transportation service; owner-control of data derived from a vehicles electronic sensors; employer access to employees personal mobile numbers; and a banking systems migration from single-factor, role-based access control (RBAC) to ABEs more granular control.

Another area ripe for ABE is the medical field. Two drivers are the acceleration of e-health and the demands of regulation, such as the U.S. Health Insurance Portability and Accountability Act (HIPPA). Back in 2011, the Johns Hopkins team had already explored the utilization of ABE to secure Electronic Medical Records (EMR).

Since then, numerous additional works have been conducted in this field.

While academics continue their research, deployments have begun. The hackathon winners, for example, are at work on several actual client projects. These include the monitoring of people in a hospital, surveillance in a manufacturing plant and the use of smart cameras while complying with the EU General Data Protection Regulation (GDPR).

The concept of the hackathon has evolved significantly. It now includes the processing of video and live-streaming content as well as still images. It is now possible to freely restrict privacy information visible to multiple recipients with different levels of security in a single real-time encrypted video. These innovative applications were introduced at the NTT R&D Forum 2023 and attracted great attention. The development is being tailored to a variety of use cases.

Another venue for vetting and rolling out ABE is at the intersection of academia, government and the private sector. A case in point is the University of Technology Sydney (UTS) Vault, a purpose-built, secure facility in New South Wales (NSW), Australia that enables collaboration between private sector tenants and a public university. In August 2023, UTS Vault announced an agreement to work with NTT DATA, an affiliate company of NTT, to validate ABE and co-develop use cases in cloud computing, healthcare, and IoT.

The world faces many conflicts today. One that has seemed intractable is the tension between data proliferation and demands for privacy. Introduced conceptually more than 15 years ago, ABE has become a plausible solution. ABE offers a compromise between data protection and access, and its a category that bears watching.

See the original post:
Attribute-based encryption could spell the end of data compromise - Help Net Security

The anticipation around forthcoming IT and networking trends is high as we enter 2024. There is a lot of talk about Generative AI, sustainable computing and networking, and tightening regulatory landscapes. As bandwidth requirements grow and customer expectations increase, we predict heightened focus on network optimization and personalized QoE. We also expect HD video and immersive content to dominate our digital experiences more than ever. Most important of all, we think 2024 will be the year of next-gen DPI, and heres why:

#1: The rise of big tech and hyperscalers

The top six big tech companies, namely Apple, Amazon, Microsoft, Netflix, Alphabet and Meta are responsible for almost 50% of todays network traffic [1]. These, along with hyperscalers such as Google Cloud Platform, Azure, and AWS herald the era of infinite data, where networks must continuously scale up capacity, security and performance. However, to achieve this, networks need deep traffic visibility. Deep packet inspection (DPI), a cutting-edge traffic detection technology for IP networks, delivers real-time application and threat awareness. ipoque's OEM DPI engine R&SPACE 2 and its VPP-based counterpart R&SvPACE, enable granular detection and classification of applications, protocols and services and support advanced traffic metrics (e.g. application speed, container startup latency and VM data receive and transmit rates). Big tech and hyperscalers can leverage R&SPACE 2 to monitor traditional computing stacks, while R&SvPACE can be used to support VNFs and CNFs such as 5G UPFs, enabling players in this space to optimize workloads and traffic flows, secure applications and infrastructure, and shape content trends.

#2: The AI and machine learning boom

The global market for AI in telecoms is expected to reach USD 38.8 billion by 2031 [2] as operators adopt AI and automation for service improvements and cost reductions. However, increasingly stringent encryption protocols as well as the widespread use of traffic obfuscation and anonymization, challenges AIs efficiency and accuracy by impairing the quality of training data. This subsequently affects the efficacy of AI algorithms in analyzing and predicting network behavior. This is why we think that 2024 will be a big year for next-gen DPI. Next-gen DPI incorporates encrypted traffic intelligence (ETI) which combines ML and DL techniques and advanced caching methods to classify encrypted flows. Next-gen DPI with ETI enables operators to classify traffic, even across emerging encryption protocols and techniques such as TLS 1.3, QUIC and ESNI or when tunneling or when VPN is deployed. With next-gen DPI, operators can execute traffic-aware network management, for example dynamic path selection, intelligent resource allocation for latency-sensitive applications and flexible billing based on individuals resource consumption and QoE requirements.

#3: High-bandwidth mobile services to continue growing

GSMAs annual European Mobile Economy report [3] predicts a surge in demand among 5G subscribers for high-bandwidth services such as high quality gaming, XR and video content, entailing over EUR 198 billion in investments in the region, by year 2030. Most of these emerging applications have begun adopting latest encryption protocols. Again, this calls for next-gen DPI with ETI. With next-gen DPI, operators can gather new and more detailed analyses of encrypted traffic. For example, operators can distinguish on-demand streaming activity from OTT video downloading, and hence optimize routing of video traffic, reducing network costs while keeping tabs on subscriber QoE. Visibility into encrypted video traffic will become even more pertinent as the share of video traffic tops 80% [4] in not so distant future.

#4: Emergence of 5G non-terrestrial network (NTN)

5G experienced rapid rollouts throughout 2023 with around 1.6 billion [5] projected subscriptions worldwide. In 2024, chips compatible with the 3GPPs Release-17, which supports the integration of non-terrestrial network (NTN) technology into the 3GPP's 5G new radio (NR) standard, will become commercially available. This will enable ubiquitous 5G connectivity on standard unmodified smartphones and IoT devices, expanding 5G for rural users and powering various IoT / IIoT use cases in mining, agriculture, logistics, environmental monitoring and disaster response.

The introduction of NTN-NR will need DPI-enabled end-to-end visibility to establish situational and contextual awareness that is needed for seamless handoffs between operator and satellite networks and for applying QoS/QoE policies and improving network adaptability through self-optimizing capabilities. Next-gen DPI will remain indispensable for 5G NTN deployments in identifying underlying applications accurately and reliably to support real-time virtual instances spanning different connectivity technologies and to proactively monitor the performance of each session and application.

#5: Growing appetite for B2B2X offerings

The growing enterprise demand for end-to-end connectivity solutions has fostered operator B2B2X portfolios where players across the value chain - hardware manufacturers, system integrators, security vendors, analytics providers, payment intermediaries - co-create revenues. This however, has its own challenges. Mediating a diverse service portfolio spanning different industries, each characterized by unique customer needs, resource requirements and billing models, requires real-time traffic insights.

Again, next-gen DPI comes into play. Next-gen DPI enables accurate and granular analysis and accounting of operator resources (e.g. bandwidth) and vendor applications, services and hardware (e.g. cloud platform). It also speeds up diagnostics and issue resolution, especially for critical use cases. In smart manufacturing for example, R&SPACE 2, by distinguishing IIoT protocols such as Modbus, Profibus, EtherNet/IP or MQTT, and traffic patterns such as periodicity and low data rates, enable network administrators to prioritize and secure critical machine-to-server communications. Similarly, DPI in fintech can help identify behavioral characteristics such as specific transactional sequences or predictable communication flows between financial servers and clients, before these transactions are routed over low latency, secure pathways.

#6: AI to reimagine network security

In 2024, security vendors will be harnessing the power of AI for threat identification through next-gen DPI. This will help in tackling emerging exploits, for example RDP-related threats, identity-based attacks, spear-phishing and social engineering techniques that largely fly under the radar of traditional security defenses. For instance, last years massive MGM breach saw cybercriminals impersonating as employees and downloading over six terabytes of data from MGMs systems [6]. Next-gen DPI with advanced ML / DL algorithms would have averted the USD 100 million attack by identifying irregularities in application and user behavior. Similarly, in another major breach involving 23andMe [7], attackers used credential stuffing, which could have been detected by DPIs monitoring of unusual locations, devices and patterns of access. Whether it is suspicious traffic from remote C&C centers, or legitimate users accessing malicious domains, 2024 will see next-gen DPI becoming a crucial addition to networks AI-based security artillery.

Data and more data: Why we will always need DPI for network visibility

Complex communication protocols, rise in traffic diversity and the need to keep networks optimized, will all drive the need for real-time traffic visibility, and hence DPI. It is not surprising that the global DPI market will reach USD 6.58 billion by 2028, from just USD 1.32 billion in 2022 [8]. As we usher in 2024, there is no doubt that DPI will continue being at the core of major shifts in the telecom and networking space, delivering unparalleled visibility into every application and service, and keeping players traffic-aware at all times.

References

[1] What Percentage of Internet Traffic Do Technology Giants Generate?: https://senalnews.com/en/research/what-percentage-of-internet-traffic-do-technology-giants-generate

[2] AI in Telecommunication Market Research, 2031: https://www.alliedmarketresearch.com/ai-in-telecommunication-market-A09352

[3] The Mobile Economy Europe 2023 - https://www.gsma.com/mobileeconomy/wp-content/uploads/2023/11/GSMA-Mobile-Economy-Europe-2023.pdf

[4] Ericsson Mobility Report, November 2023 - https://www.ericsson.com/en/reports-and-papers/mobility-report/dataforecasts/traffic-by-application

[5] Ericsson Mobility Report, November 2023 - https://www.ericsson.com/en/reports-and-papers/mobility-report/reports

[6] Casino Giant MGM Expects $100 Million Hit from Hack That Led to Data Breach - https://edition.cnn.com/2023/10/05/business/mgm-100-million-hit-data-breach/index.html

[7] What the 23andMe Data Breach Reveals About Credential Stuffing - https://healthitsecurity.com/features/what-the-23andme-data-breach-reveals-about-credential-stuffing

[8] Deep Packet Inspection (DPI) Market Size & Trends 2023-2030 - https://www.barchart.com/story/news/19496317/deep-packet-inspection-dpi-market-size-trends-2023-2030-360-market-updates

Originally posted here:
Breaking Barriers in 2024: Next-Gen DPI, AI, and Encrypted Traffic Intelligence to Redefine Network Visibility Featured - The Fast Mode

ANNAPOLIS, Md., Jan. 23, 2024 /PRNewswire/ -- Cyber Intell Solution, LLC, a pioneer in software-defined network solutions, announced that the U.S. Patent and Trademark Office has issued patent No 0412583, for their ground breaking encrypted communication platform and related systems and methods, further strengthening the Company's intellectual property position in the cyber technology industry.

CISEN-SDN (Software Defined Network) is a dynamic, flexible solution that supports various network configurations and answers diverse implementation requirements. Agnostic in nature, the SDN networks can be configured as an end-to-end Post Quantum Cryptography (PQC) environment or a fusion PQC environment compatible with standard encryption protocols found in most commercially available hardware.

InventorAlexander Purta is recognized for his extensive experience developing, evaluating, and operating innovative cyber technology and encryption protocols to enhance secure digital communication, data exchange, and cyber obfuscation. I am thrilled to be living in an age where every day we have the opportunity to positively impact our society by developing divergent solutions through an indirect and creative approach utilizing innovative cyber technology and encryption protocols, said Alex Purta.

AboutCIS

Cyber Intell Solution (CIS) LLC is a cyber security business created by a former member of the UnitedStates Special Operations Command (USSOCOM). CIS offers proprietary hardware and software Cyber Security suite with dynamic, portable commercial off-the-shelf randomized, anonymous solutions for Data-in-Transit, Data-at-Rest, and secure communication to deliver unrivaled protection through multi-dimensional security.

Foundedin2015byAlexanderPurta, CIShasgrownexponentiallyoverthepastfewyears in supportofthe U.S. Military, Department of Defense (DoD), large and small businesses, and humanitarianorganizations worldwide. The issuance of the encrypted network patent represents a noteworthyachievementinthecompany's pursuitofadvancing scientificinnovations.

CISisproudtobeaCertifiedService-DisabledVeteran-OwnedSmallBusiness.

Contact

Ashley Kindig[emailprotected]Source: CyberIntell Solution

SOURCE Cyber Intell Solution

Go here to read the rest:
Cyber Intell Solution (CIS) Announces the Issuance of a Patent for Groundbreaking a Proprietary Randomized ... - PR Newswire