DOCSLIB.ORG

Cybersecurity Initiative Flanders Strategic Research Programme

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cybersecurity Initiative Flanders Strategic Research Programme VR 2019 1312 DOC.1235/5 Cybersecurity Initiative Flanders Strategic Research Programme July 2019 Contributing Authors: Bart De Decker, Bart Jacobs, Bart Preneel, Benedikt Gierlichs, Bert Lagaisse, Bjorn De Sutter, Bruno Crispo, Claudia Diaz, Coen De Roover, Cyprien Delpech de Saint Guilhem, Danny De Cock, Danny Hughes, Dave Singelee, Davy Preuveneers, Dimitri Van Landuyt, Dominique Devriese, Elena Andreeva, Elisa Gonzales Boix , Els Kindt, Emmanuela Orsini, Enrique Argones Rua, Frank Piessens, Frederik Vercauteren, Ingrid Verbauwhede, Jan Tobias Mühlberg, Koen Yskout, Lieven Desmet, Nele Mentens, Nigel Smart, Peggy Valcke, Pieter Maene, Sam Michiels, Stijn Volckaert, Svetla Nikova, Vincent Naessens, Vincent Rijmen, Wolfgang De Meuter, Wouter Castryck, Wouter Joosen Cybersecurity Initiative Flanders- Strategic Research Programme Page 2 | Introduction Cybersecurity Initiative Flanders - Strategic Research Programme 1. Introduction Context and Motivation: Cybersecurity, Challenge and Opportunity While the digital transformation has a strongly increasing and positive impact on our society and our economy, the lack of adequate cybersecurity in our systems, platforms and services can lead to major dangers, risks and problems. More and more information is being collected and analyzed, leading to significant efficiency gains and new applications. In cyber-physical systems, this results in far-reaching automation with, among other things, autonomous robots, cars and drones. The entire infrastructure of society is also being transformed; we get smarter cities (smart cities), smart transport systems (smart transport) and smart electricity grids (smart grids), smarter hospital facilities, etc. This transformation affects all sectors, both within the government (general policy, education and health, infrastructure, police, defense) and within the private industry: critical infrastructure, transport, manufacturing, financial sector, media, health sector. They are and will all be more competitive and strengthened thanks to digital transformations, but they are also vulnerable. In addition to the far-reaching and limitless possibilities, this digital transformation indeed brings important new risks. Addressing these cybersecurity risks will be essential for economic success in the forthcoming decades. The cybersecurity risks continuously increase because of the following evolution: (1) As cybercrime becomes more and more attractive and rewarding for malicious organizations, its impact grows with the size of the digital economy. Consequently, the attacks and attackers become more specialized. The cybercrime threat has evolved from break-ins carried out by individuals with simple tools, to sophisticated attacks carried out by organized crime, hacktivists, specialized companies, and nation states. This is not restricted to the passive collection of information (for industrial espionage, among other things) but also actively hacking into systems and creating physical damage (e.g., Wannacry, and attacks on the electricity network in Ukraine in 2015), as well as global hybrid threats. A complex ecosystem has developed in which malicious actors specialize in various aspects of cybercrime. 2) Cybercriminals exploit large scale attack infrastructures. By using networks and mechanisms for automatic distribution, it becomes feasible to attack a large number of systems from any location (e.g., the 2016 Mirai botnet). Attribution is very complex. There is also an important problem of proliferation: attacks with sophisticated malware executed by nation states may leave traces. Subsequently, organized crime or other nation states can exploit such malware. (3) The digital platforms, services and assets that we need to protect also increase in complexity – which obviously makes protection more difficult. Modern digital services are very complex and interdependent systems, created through a complex and international supply chain. This means that it is impossible to make such systems perfectly secure: due to the complexity and the dynamism there are always minor errors, which necessitates regular updates that require a complex governance. At the same time, many systems contain deliberate loopholes. (4) The societal challenge goes far beyond the battle between attackers and defenders/guardians. The explosion of the use of computer systems and networks (smartphones, smart cameras, industrial IoT, implantable medical devices, ...) and the sharply decreasing cost of collecting and processing information result in important new privacy risks. For example, the number of data leaks increases exponentially1. These risks are not only a threat to human rights (the right to privacy is recognized by Article 8 of the European Convention on Human Rights and Article 7 of the Charter of Fundamental Rights of the European Union), but also the democracy and the rule of law (interference of nation states in elections via social media). In addition, they also pose a security problem: data protection is essential to guarantee safety for citizens as well as governments. 1 http://informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/ Introduction|Page 3 Cybersecurity Initiative Flanders- Strategic Research Programme Internationally leading cybersecurity competence is available in Flanders (see Annex 1). Flanders can therefore meet this challenge, also in the context of a growing international competition. Fortunately, cybersecurity does not only present a challenge, but it also creates an opportunity with economic benefits. As a starting point, the creation of a secure infrastructure (for transport, communication, data storage, etc.) is essential for the economic development of Flanders and becomes an important competitive advantage. The industry is increasingly evolving towards a model that strongly relies on the combination of online services, software and hardware: cybersecurity becomes an essential component of all products and services, but it is also of great importance to prevent the theft of intellectual property. To meet the complex challenges, there is a need for intensive cooperation according to the triple helix innovation model: academia, government and industry each have an important role to play. The challenges mentioned above necessitate investments in research, development and implementation, application, innovation and valorization – the entire chain from basic research to effective services in the market – and far beyond common practice. This is illustrated by the realizations and policy decisions in our neighboring countries. Specifically for this case of cybersecurity, there are a number of important elements: 1) Studies have shown that there are major market failures2 in the area of cybersecurity and privacy: this means that technology users are not prepared to pay more for more secure solutions and the industry investments are insufficient. This implies that the government must intervene, or at least play a supporting and leading role, by playing an active role in stimulating advanced research and innovation. A Cybersecurity Programme for Flanders must therefore further develop, manage, distribute and share high- level competence in cybersecurity. In an advanced research program, specialized and critical cybersecurity knowledge must be continuously enhanced and maintained, transformed and proven applicable in collaboration with industry, and disseminated with specialized stakeholders. 2) The cybersecurity problem is an international phenomenon. The Flemish economy relies for a large part on hardware, software and ICT services that are produced abroad. We cannot solve the problems locally / regionally – but we can be a strong player and play a central role in the larger European picture. A Cybersecurity Programme for Flanders must strengthen the core competences, stay comprehensive (“we leave no flank unprotected”) while reaching out to industry to ensure applicability of knowledge and technology, and to operate with an up-to-date prioritization of topics in cybersecurity. At the same time, collaboration and synchronization with other leading labs in Europe will ensure that Flanders invests in its strengths in cybersecurity, while creating synergy and collaboration with other leading centers in Europe thus avoiding unproductive duplication of efforts. 3) A number of studies show that there is an important shortage of experts in cybersecurity in all countries. This seems only the beginning of a dangerous evolution. Where this is a (possibly personal) economic opportunity for the limited group of experts in the short term, this will represent a dramatic social and economic risk in the long term. That is why we advocate strengthening knowledge and expertise in an environment where education and training are part of the core business. A Cybersecurity Programme for Flanders will therefore invest in a rich portfolio of cybersecurity trainings building an offering for different audiences in terms of existing competence levels, as well as focus areas. This training must be backed by state-of-the-art knowledge and competence made available by the top-level academic groups that are present in Flanders. The aim of this document is to present at a high-level, the Strategic Programme for Cybersecurity Research in Flanders. This Programme has to deliver impactful solutions to real-world challenges, while starting from and building upon academic excellence. The execution of the Programme has to strengthen existing core competences in cybersecurity
Load more

Recommended publications
  • Applp: a Dialogue on Applications of Logic Programming
    AppLP: A Dialogue on Applications of Logic Programming David S. Warren Yanhong A. Liu Stony Brook University This document describes the contributions of the 2016 Applications of Logic Programming Workshop (AppLP), which was held on October 17 and associated with the International Conference on Logic Programming (ICLP) in Flushing, New York City. Focus and scope The focus of the workshop was applications of logic programming, i.e., application problems, in whole or in part, that are solved by using logic programming languages and systems. A particular theme of interest was to explore the ease of development and maintenance, clarity, performance, and tradeoffs among these features, brought about by programming using a logic paradigm. The goal was to help provide directions for future research advances and application development. Real-world problems increasingly involve complex data and logic, making the use of logic pro- gramming more and more beneficial for such complex applications. Despite the diverse areas of application, their common underlying requirements are centered around ease of development and maintenance, clarity, performance, integration with other tools, and tradeoffs among these prop- erties. Better understanding of these important principles will help advance logic programming research and lead to benefits for logic programming applications. The workshop was organized around four main areas of application: Enterprise Software, Con- trol Systems, Intelligent Agents, and Deep Analysis. These general areas included topics such as business intelligence, ontology management, text processing, program analysis, model checking, access control, network programming, resource allocation, system optimization, decision making, and policy administration. The issues proposed for discussion included language features, imple- mentation efficiency, tool support and integration, evaluation methods, as well as teaching and training.
    [Show full text]
  • 2Nd USENIX Conference on Web Application Development (Webapps ’11)
    conference proceedings Proceedings of the 2nd USENIX Conference Application on Web Development 2nd USENIX Conference on Web Application Development (WebApps ’11) Portland, OR, USA Portland, OR, USA June 15–16, 2011 Sponsored by June 15–16, 2011 © 2011 by The USENIX Association All Rights Reserved This volume is published as a collective work. Rights to individual papers remain with the author or the author’s employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. Permission is granted to print, primarily for one person’s exclusive use, a single copy of these Proceedings. USENIX acknowledges all trademarks herein. ISBN 978-931971-86-7 USENIX Association Proceedings of the 2nd USENIX Conference on Web Application Development June 15–16, 2011 Portland, OR, USA Conference Organizers Program Chair Armando Fox, University of California, Berkeley Program Committee Adam Barth, Google Inc. Abdur Chowdhury, Twitter Jon Howell, Microsoft Research Collin Jackson, Carnegie Mellon University Bobby Johnson, Facebook Emre Kıcıman, Microsoft Research Michael E. Maximilien, IBM Research Owen O’Malley, Yahoo! Research John Ousterhout, Stanford University Swami Sivasubramanian, Amazon Web Services Geoffrey M. Voelker, University of California, San Diego Nickolai Zeldovich, Massachusetts Institute of Technology The USENIX Association Staff WebApps ’11: 2nd USENIX Conference on Web Application Development June 15–16, 2011 Portland, OR, USA Message from the Program Chair . v Wednesday, June 15 10:30–Noon GuardRails: A Data-Centric Web Application Security Framework . 1 Jonathan Burket, Patrick Mutchler, Michael Weaver, Muzzammil Zaveri, and David Evans, University of Virginia PHP Aspis: Using Partial Taint Tracking to Protect Against Injection Attacks .
    [Show full text]
  • Automated Security Analysis of Virtualized Infrastructures
    Automated Security Analysis of Virtualized Infrastructures Zur Erlangung des akademischen Grades Doktor-Ingenieur (Dr.-Ing.) genehmigte Dissertation von Sören Bleikertz, M.Sc. aus Leverkusen Tag der Einreichung: 15.02.2017, Tag der Prüfung: 17.05.2017 2017 — Darmstadt — D 17 1. Gutachten: Prof. Dr. Michael Waidner 2. Gutachten: Dr. Thomas Groß, University of Newcastle upon Tyne Security in Information Technology Fachbereich Informatik Automated Security Analysis of Virtualized Infrastructures Genehmigte Dissertation von Sören Bleikertz, M.Sc. aus Leverkusen 1. Gutachten: Prof. Dr. Michael Waidner 2. Gutachten: Dr. Thomas Groß, University of Newcastle upon Tyne Tag der Einreichung: 15.02.2017 Tag der Prüfung: 17.05.2017 Darmstadt — D 17 Erklärung zur Dissertation Hiermit versichere ich, die vorliegende Dissertation ohne Hilfe Dritter nur mit den an- gegebenen Quellen und Hilfsmitteln angefertigt zu haben. Alle Stellen, die aus Quellen entnommen wurden, sind als solche kenntlich gemacht. Diese Arbeit hat in gleicher oder ähnlicher Form noch keiner Prüfungsbehörde vorgelegen. Horgen, Schweiz, den 16.07.2017 (Sören Bleikertz, M.Sc.) 1 Abstract Virtualization enables the increasing efficiency and elasticity of modern IT infrastructures, including Infrastructure as a Service. However, the operational complexity of virtualized infrastructures is high, due to their dynamics, multi-tenancy, and size. Misconfigurations and insider attacks carry significant operational and security risks, such as breaches in tenant isolation, which put both the infrastructure provider and tenants at risk. In this thesis we study the question if it is possible to model and analyze complex, scalable, and dynamic virtualized infrastructures with regard to user-defined security and operational policies in an automated way.
    [Show full text]
  • Downloads/Pws-Whitepaper-May-2006-De.Pdf, 28.07.2008
    Privacy and Identity Management in Europe for Life Infrastructure for Trusted Content Editors: Dr. Stephan Spitz (GD) Dr. Walter Hinz (GD) Dr. Marc-Michael Bergfeld (GD) Reviewers: Karel Wouters (KUL) Aleksandra Kuczerawy (KUL) Identifier: D6.2.1 Type: Deliverable Class: Public Date: 28 August 2008 Abstract As the usage of information and communication technology increases in private and professional life, personal data is widely stored. While service providers need to rely on identifying their customers, conscious identity management and privacy develops into a new value for the service user, especially in the electronic service context. Here, modern technology infrastructures can assist in providing security to both sides by assuring identification and privacy at the same time. This paper introduces the ‘Security of Service’ concept and presents different technical environments through which it can be established. Privacy in service composition is elaborated conceptually and from a technological standpoint. Potential authentication scenarios and emerging use cases are introduced. In conclusion, implications for the needed technological infrastructures are derived and necessary future research directions are indicated. Copyright © 2008 by the PrimeLife Consortium The research leading to these results has received funding from the European Community’s Seventh Framework Programme (FP7/2007-2013) under grant agreement n o 216483. Members of the PrimeLife Consortium 1. IBM Research GmbH IBM Switzerland 2. Unabhängiges Landeszentrum für Datenschutz ULD Germany 3. Technische Universität Dresden TUD Germany 4. Karlstads Universitet KAU Sweden 5. Università degli Studi di Milano UNIMI Italy 6. Johann Wolfgang Goethe – Universität Frankfurt am Main GUF Germany 7. Stichting Katholieke Universiteit Brabant TILT Netherlands 8.
    [Show full text]
  • Conference Reports ELECTRONIC SUPPLEMENT
    DECEMBER 2012 vOL. 37, NO. 6 Conference Reports ELECTRONIC SUPPLEMENT 21st USENIX Security Symposium (USENIX and that they also knew what the US was doing (capabilities) Security ’12) through the use of spies in the US and their interception of our ciphers (access). After considering all of these differ- Bellevue, WA August 8–10, 2012 ent criteria, cryptographers could then attempt to provide information assurance in the face of this particular enemy. Opening Remarks Again focusing on communications, they examined the Summarized by Rik Farrow ([email protected]) security of the SAVILLE cipher and its usage in the VINSON Program Chair Tadayoshi Kohno (University of Washing- hand-held radio. Additionally, they really had time to do it ton) opened the conference by telling us that there were 222 right: the SAVILLE cipher was developed in the 1950s, evalu- papers submitted and 42 accepted. By replacing four invited ated in the 1960s, and then finally implemented in VINSON talks sessions with paper presentations, more papers could and deployed in 1976; this meant that they could look closely be accepted than in the past. at both the algorithm and its implementation to try to find When the conference began, there were 484 attendees; 84 potential attacks. students received travel grants using money provided by the In modern times, the field has once again changed dramati- National Science Foundation, with Google and Microsoft cally. One of the main catalysts for these changes was the being the next largest sponsors. introduction of the Data Encryption Standard (DES), which Best Paper awards went to “Mining Your Ps and Qs: Detec- was created through a competition held by NIST.
    [Show full text]
  • Access Control Models for Collaborative Applications Asma Cherif
    Access Control Models for Collaborative Applications Asma Cherif To cite this version: Asma Cherif. Access Control Models for Collaborative Applications. Distributed, Parallel, and Cluster Computing [cs.DC]. Université de Lorraine, 2012. English. NNT : 2012LORR0217. tel-01749620v2 HAL Id: tel-01749620 https://tel.archives-ouvertes.fr/tel-01749620v2 Submitted on 11 Dec 2014 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. UFR math´ematiques et informatique Ecole´ doctorale IAEM Lorraine D´epartement de formation doctorale en informatique Mod`elesde Contr^oled'Acc`espour Les Applications Collaboratives THESE` pr´esent´eeet soutenue publiquement le 26 Novembre 2012 pour l'obtention du Doctorat de l'universit´eNancy 2 (sp´ecialit´einformatique) par Asma CHERIF Composition du jury Pr´esident: Kamel SMAILI Pr. Universit´ede Lorraine Rapporteurs : Fr´ed´ericCUPPENS Pr. ENST Bretagne Achour MOSTEFAOUI Pr. Universit´ede Nantes Examinateurs : Ladjel BELLATRECHE Pr. LIAS/ISAE ENSMA Poitiers Sophie CHABRIDON Mcf. T´el´ecom Sud Paris Directeurs de thèse : Abdessamad IMINE Mcf. Universit´ede Lorraine Micha¨elRUSINOWITCH Dr. Inria Nancy Grand Est Laboratoire Lorrain de Recherche en Informatique et ses Applications | UMR 7503 Mis en page avec la classe thloria.
    [Show full text]
  • FOUNDATIONS of ACCESS CONTROL for SECURE STORAGE a Dissertation Submitted in Partial Satisfaction of the Requirements for the Degree Of
    UNIVERSITY OF CALIFORNIA SANTA CRUZ FOUNDATIONS OF ACCESS CONTROL FOR SECURE STORAGE A dissertation submitted in partial satisfaction of the requirements for the degree of DOCTOR OF PHILOSOPHY in COMPUTER SCIENCE by Avik Chaudhuri December 2008 The Dissertation of Avik Chaudhuri is approved: Professor Mart´ın Abadi, Chair Professor Scott Brandt Professor Cormac Flanagan Professor Luca de Alfaro Dean Lisa Sloan Vice Provost and Dean of Graduate Studies Copyright c by Avik Chaudhuri 2008 Table of Contents Abstract vii Dedication viii Acknowledgments ix 1 Introduction 1 1.1 Access control and secure storage . .3 1.2 A research program . .4 1.3 Some highlights . .4 1.3.1 Security enforcement on operating systems . .5 1.3.2 Automatic analysis of security models . .6 1.3.3 Automated security analysis of storage protocols . .6 1.3.4 Secure distributed sharing of services . .8 1.3.5 Correctness of distributed access-control implementations . .8 1.4 Ideas and techniques . .9 1.4.1 Programming languages . .9 1.4.2 Logic . 11 1.5 Organization . 12 1.5.1 Dependencies . 13 1.5.2 Common themes . 13 I Correctness of Access Control 16 2 Cryptographic access control 18 2.1 Plutus . 20 2.2 Formal model of Plutus . 23 2.2.1 Background on ProVerif . 23 2.2.2 Plutus in ProVerif . 24 iii 2.3 Security results on Plutus . 31 2.3.1 Background on correspondences . 31 2.3.2 Security properties of Plutus . 35 2.3.3 Analysis of some design details . 41 2.3.4 Additional remarks . 44 3 Access control with labels 47 3.1 EON .......................................
    [Show full text]
  • To the Memory of Our Colleague and Friend Andreas Pfitzmann
    To the memory of our colleague and friend Andreas Pfitzmann The protection of people’s privacy was dear to Andreas’ heart. He was an inspiration to all of us, and many of the results presented in this book owe to him. Preface Publication is a self-invasion of privacy. Marshall McLuhan Individuals in the Information Society want to safeguard their autonomy and retain control over their personal information, irrespective of their activities. Information technologies generally do not consider those user requirements, thereby putting the privacy of the citizen at risk. At the same time, the Internet is changing from a client- server to a collaborative paradigm. Individuals are contributing throughout their life leaving a life-long trace of personal data. This raises substantial new privacy chal- lenges. Saving digital privacy. By 2008, the European project PRIME (Privacy and Identity Management for Europe) had demonstrated that existing privacy technologies can enable citizens to execute their legal rights to control their personal information in on-line transactions. It had raised considerable awareness amongst stakeholders and has significantly advanced the state of the art in the areas of privacy and identity management. PrimeLife has been building on the momentum created and the results achieved by PRIME to address emerging challenges in the areas of privacy and identity management and really bring privacy and identity management to live: A first, short-term goal of PrimeLife was to provide scalable and configurable • privacy and identity management in new and emerging internet services and ap- plications such as virtual communities and Web 2.0 collaborative applications.
    [Show full text]
  • Small Tcbs of Policy-Controlled Operating Systems
    Anja Pölck Small TCBs of Policy-controlled Operating Systems Small TCBs of Policy-controlled Operating Systems Anja Pölck Universitätsverlag Ilmenau 2014 Impressum Bibliografische Information der Deutschen Nationalbibliothek Die Deutsche Nationalbibliothek verzeichnet diese Publikation in der Deutschen Nationalbibliografie; detaillierte bibliografische Angaben sind im Internet über http://dnb.d-nb.de abrufbar. Diese Arbeit hat der Fakultät für Informatik und Automatisierung der Technischen Universität Ilmenau als Dissertation vorgelegen. Tag der Einreichung: 1. Juli 2013 1. Gutachter: Prof. Dr.-Ing. habil. Winfried E. Kühnhauser (Technische Universität Ilmenau) 2. Gutachter: Prof. Dr. Elisa Bertino (Purdue University, West Lafayette, Indiana, USA) 3. Gutachter: Prof. Dr.-Ing. habil Wolfgang Fengler (Technische Universität Ilmenau) Tag der Verteidigung: 19. Dezember 2013 Technische Universität Ilmenau/Universitätsbibliothek Universitätsverlag Ilmenau Postfach 10 05 65 98684 Ilmenau www.tu-ilmenau.de/universitaetsverlag Herstellung und Auslieferung Verlagshaus Monsenstein und Vannerdat OHG Am Hawerkamp 31 48155 Münster www.mv-verlag.de ISBN 978-3-86360-090-7 (Druckausgabe) URN urn:nbn:de:gbv:ilm1-2013000632 Titelphoto: photocase.com Abstract IT systems with advanced security requirements increasingly apply problem-specific security policies for describing, analyzing, and implementing security properties. Security policies are a vital part of a system’s trusted computing base (TCB). Hence, both correctness and tamper-proofness of a TCB’s implementation are essential for establishing, preserving, and guaranteeing a system’s security properties. Today’s operating systems often show that implementing security policies is a challenge; for more than forty years, they have provided only a rather elementary support for discretionary, identity-based access control policies. As a consequence, major parts of the applications’ security policies are implemented by the applications themselves, resulting in large, heteroge- neous, and distributed TCB implementations.
    [Show full text]
  • Bulletin EATCS
    1 1 ISSN 0252–9742 Bulletin of the European Association for Theoretical Computer Science EATCS E A T C S Number 98 June 2009 1 1 2 2 2 2 3 3 C E A T C S P:G A I V P:B M G D S U K P S G T:D J B B E:M S S L A I M M I K A T N M N D P-L C F C P F J D´ S D P I Z´ É H V S U K F F N Jˇ´ S C R G F. I I A T P J K¨ F W T G R E. L USA I W G J L T N E W S E M I G W¨ T N P P: M N (1972–1977)M P (1977–1979) A S (1979–1985)G R (1985–1994) W B (1994–1997)J D´ (1997–2002) M N (2002–2006) 3 3 4 4 EATCS C M Luca Aceto . [email protected] Giorgio Ausiello . [email protected] Krzysztof Apt . [email protected] Pierre-Louis Curien . [email protected] Josep Díaz . [email protected] Zoltán Ésik . [email protected] Fedor Fomin . [email protected] Giuseppe F. Italiano . [email protected] Dirk Janssens . [email protected] Juhani Karhumäki . [email protected] Richard E. Ladner . [email protected] Jan van Leeuwen . [email protected] Eugenio Moggi . [email protected] Burkhard Monien . [email protected] Madhavan Mukund .
    [Show full text]