Secure Unplanned Provisioning of High Integrity Communications across Europe

SUPHICE is Secure Unplanned Provisioning of High Integrity Communications for Europe. SUPHICE was one of seven projects undertaken on behalf of the European Union under the Preparatory Action for Security Research 2004 (PASR 2004).The preparatory action is a three year precursor to a full European programme of security research (ESRP) expected to be undertaken by the Commission from 2007 onwards.

The SUPHICE project was a research programme funded by the EU that was working to help resolve the rapid deployment of communications systems that are either classified or where the obligation to handle information such as personal details is strongly controlled by multiple legislative frameworks.

SUPHICE set out to achieve progress in a number of areas:

1. to demonstrate the implementation of an algorithm suitable for EU use in a SECRET environment and the evaluation and certification of that implementation under the EU's CISPS process.
2. SUPHICE was conscious that many members of the EU are also members of NATO and thus need to find ways to protect the information of each organisation in their national systems that are consistent in each case with the policy requirements of the organisation in question. SUPHICE sought to demonstrate that it is possible to achieve this with the same cryptographic product without contravening EU or NATO policy or Directives.
3. SUPHICE was also conscious that one of the impediments to a European market for cryptos is the need of individual member state authorities to validate equipment for their national use. Accordingly the consortium sought to remove this impediment by exploring how far it is possible to deliver a product the overall design of which is unclassified and not the property of one nation.
4. to demonstrate the deployment of High Integrity communications security using policy based management and web based techniques including UDDI and WSDL. As part of this exercise it was the intention of the consortium to develop XML based standards that would be applicable to the rapid deployment of crypto systems across national borders.
5. to provide a forum for the National Technical Infosec Authorities of Member States to explore the practical applicability of these approaches and how they might achieve approval. As part of this, the consortium sought to facilitate the active involvement of Member States' Technical Infosec Authorities in the formulation of European Security Research programmes and thus their ability to influence them.

To view the results of the SUPHICE project see Achievements

Further information on the European Union security programme can be found at http://europa.eu.int/comm/enterprise/security/faqs_en.htm