[ [ Inter-Trust Interoperable Trust Assurance Infrastructure Project Presentation.

Slides:

Advertisements

Similar presentations

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Advertisements

Identity Federation Rules and Process Linda Elliott President, PingID Network Electronic Authentication Partnership Washington, DC February 12, 2004.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Information Security Policies and Standards

Advanced Metering Infrastructure AMI Security Roadmap April 13, 2007.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 1 Slide 1 An Introduction to Software Engineering.

Automated Policy Enforcement Adam Vincent, Layer 7 Federal Technical Director

NIST framework vs TENACE Protect Function (Sestriere, Gennaio 2015)

1 FM Overview of Adaptation. 2 FM RAPIDware: Component-Based Design of Adaptive and Dependable Middleware Project Investigators: Philip McKinley, Kurt.

PRIVACY, TRUST, and SECURITY Bharat Bhargava (moderator)

Session 3 – Information Security Policies

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Securing Legacy Software SoBeNet User group meeting 25/06/2004.

MIGRATING INTO A CLOUD P. Sai Kiran. 2 Cloud Computing Definition “It is a techno-business disruptive model of using distributed large-scale data centers.

IOT5_ GISFI # 05, June 20 – 22, 2011, Hyderabad, India 1 Privacy Requirements of User Data in Smart Grids Jaydip Sen Tata Consultancy Services Ltd.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

1 Autonomic Computing An Introduction Guenter Kickinger.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

HIPAA COMPLIANCE WITH DELL

1 TAPAS Workshop Nicola Mezzetti - TAPAS Workshop Bologna Achieving Security and Privacy on the Grid Nicola Mezzetti.

Ready to use Cloud SLAs. SLALOM Project2 SLALOM is ready to use Cloud SLAs “SLALOM will take theory to practice, providing a trusted verifiable starting.

Supporting Heterogeneous Users in Collaborative Virtual Environments using AOP CoopIS 2001 September 5-7, Trento, Italy M. Pinto, M. Amor, L. Fuentes,

Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.

X-Road – Estonian Interoperability Platform

EMI INFSO-RI SA2 - Quality Assurance Alberto Aimar (CERN) SA2 Leader EMI First EC Review 22 June 2011, Brussels.

© Synergetics Portfolio Security Aspecten.

Composing Adaptive Software Authors Philip K. McKinley, Seyed Masoud Sadjadi, Eric P. Kasten, Betty H.C. Cheng Presented by Ana Rodriguez June 21, 2006.

1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.

Application Policy on Network Functions (APONF) G. Karagiannis and T.Tsou 1.

The roots of innovation Future and Emerging Technologies (FET) Future and Emerging Technologies (FET) The roots of innovation Proactive initiative on:

Wireless Hotspots: Current Challenges and Future Directions CNLAB at KAIST Presented by An Dong-hyeok Mobile Networks and Applications 2005.

Engineering Essential Characteristics Security Engineering Process Overview.

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 

Networked Embedded and Control Systems WP ICT Call 2 Objective ICT ICT National Contact Points Mercè Griera i Fisa Brussels, 23 May 2007.

FDT Foil no 1 On Methodology from Domain to System Descriptions by Rolv Bræk NTNU Workshop on Philosophy and Applicablitiy of Formal Languages Geneve 15.

The Impact of Evolving IT Security Concerns On Cornell Information Technology Policy.

Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.

Lecture 24 Wireless Network Security

Panel Session: Dependability and Security in Complex and Critical Information Systems Department of Communications and Information Engineering University.

Emergency Services Workshop, 21th-24 th of October, Vienna, Austria Page 1 IP-Based Emergency Applications and Services for Next Generation Networks PEACE.

HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.

Jacques Bus Head of Unit, DG INFSO-F5 “Security” European Commission FP7 launch in the New Member States Regional on-line conference 22 January 2007 Objective.

Planning for the Unexpected … Research Organization & Mechanisms Dr. Mel Ciment Consultant

GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.

Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Daniel Field, Atos Spain Towards the European Open Science Cloud, Heidelberg, 20/01/2016.

Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.

Driving Value from IT Services using ITIL and COBIT 5 July 24, 2013 Gary Hardy ITWinners.

1 Dr. Spyros Papastergiou, University of Piraeus (Greece)–Dept. of Informatics M. Zaharias Singular Logic (Greece) CYSM Risk Assessment Methodology.

INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.

Context-Aware Middleware for Resource Management in the Wireless Internet US Lab 신현정.

[ [ WP3 : Modelling and delegation of secure interoperability policies Brussels – 29/05/2013.

Issues in Cloud Computing. Agenda Issues in Inter-cloud, environments  QoS, Monitoirng Load balancing  Dynamic configuration  Resource optimization.

Principles Identified - UK DfT -

Cloud Security for eHealth – Study Validation

An Introduction to Software Engineering

Detection and Analysis of Threats to the Energy Sector (DATES)

Adaptable safety and security in v2x systems

SECURITY MECHANISM & E-COMMERCE

PLUG-N-HARVEST ID: H2020-EU

Cybersecurity ATD technical

AMI Security Roadmap April 13, 2007.

PLANNING A SECURE BASELINE INSTALLATION

Security in SDR & cognitive radio

Luca Simoncini PDCC, Pisa and University of Pisa, Pisa, Italy

Presentation transcript:

[ [ Inter-Trust Interoperable Trust Assurance Infrastructure Project Presentation

INTER-TRUST Project2 Inter-Trust is a project financed by the EC within the FP7 THEME [ICT ] Trustworthy ICT Grant agreement no:

INTER-TRUST Project3 Inter-Trust Objectives 3

INTER-TRUST Project4 Project Overall Objectives Develop a dynamic and scalable framework to support trustworthy services and applications in heterogeneous networks and devices based on the enforcement of interoperable and changing security policies Addressing the needs of developers, integrators and operators to develop and operate systems in a secure trusted manner dictated by negotiated security policies through dynamic SLA 4

INTER-TRUST Project5 Objectives in detail Sw development/test/integration/deployment Design a dynamic and scalable framework that allows creating and deploying critical services and applications that can easily adapt to different security, privacy, interoperability, legal, social and economic constraints Establishing a common security policy via negotiation to assure the interoperation among devices and systems with different security policies Using advanced vulnerability detection techniques (active and fuzz testing) to avoid security vulnerabilities introduced by the dynamic adaptation of the systems involved Design privacy-preserving negotiation and delegation mechanisms for the interoperability of security policies, even in the presence of scarce resources Analyse and assess legal, social and normative aspects 5

INTER-TRUST Project6 Objectives in detail System operation and maintenance To enable the run-time management of security policies including dynamic negotiation of security and trust parameters online deployment during registration and operation. To provide features for the automatic testing and monitoring of security policies increasing trust in the resulting systems by empowering the user and enabling intrusion detection, prevention and reaction 6

INTER-TRUST Project7 Objectives Validation Validate the architecture, techniques and tools developed using two completely different case studies with complex, high- demanding critical services 7

INTER-TRUST Project8 Use Cases Electronic Voting Remote multi-channel e-voting requiring the support of heterogeneous and highly distributed devices with strict security and privacy concerns. Vehicle-to-Vehicle and Vehicle-to- Infrastructure Communications / ITS A set of services, accessed by remote nomad devices or OBU terminals using wireless communications (UMTS, Wi-Fi, …) requiring highly adaptable, distributed security. 8

INTER-TRUST Project9 Use Cases Electronic Voting The security concerns must be fulfilled despite the used voting channel => Negotiation mechanisms must provide Authentication, Security and Delegation policies according to the capabilities of the voting device. Security needs: Confidentiality Integrity Message authenticity Access control Privacy 9

INTER-TRUST Project10 Use Cases V2V and V2I / ITS Security needs: Confidentiality Integrity Message authenticity Timeliness Access control Privacy (anonymity + un-linkability) Security constraints will change with the normal operation of the services, as will the range of end- devices that connect to the services and the coverage of the wireless networks => Adaptability needs

INTER-TRUST Project11 Inter-Trust Approach 11

INTER-TRUST Project12 Challenges Security has to be designed in an autonomous and spontaneous way in all the steps of modeling and deployment of security specification deployment component configuration redeployment in case of environmental changes, in particular when an intrusion is detected 12

INTER-TRUST Project13 Challenges The interoperability security policy is seen as a set of contracts (i.e. security SLAs), negotiated between the involved parties Networks and systems change dynamically, the policy deployment must be able to adapt to these changes 13

INTER-TRUST Project14 Technical approach Dynamic adaptation separate the security concerns compose them later when needed To this end Inter-Trusts adopts protection mechanisms based on Aspect Oriented Programming (AOP) supervision techniques based on monitoring as well as active testing techniques 14

INTER-TRUST Project15 Technical approach Aspect Oriented Programming (AOP) enable to add/implement security “ sub- concerns ” to application components f.i. availability, authentication, access control, integrity, encryption, enrolment...) used to “ weave ” security-related concerns and properties “on the fly” each party can dynamically adapt its behaviour to the negotiated security contracts 15

INTER-TRUST Project16 Technical approach Formal-based monitoring techniques to detect changes in the environment to check whether the involved parties actually respect the negotiated contracts information will be fed back to the framework and the involved parties they will adapt themselves to new threats and constraints that may arise 16

INTER-TRUST Project17 Technical approach Active and fuzz testing will complete the approach by performing conformance and robustness testing Active testing will be used to verify that the implementation of security policies respects the interoperability requirements Fuzz testing will be used to check the robustness of the interoperability of security policies 17

INTER-TRUST Project18 The Global Architecture 18

INTER-TRUST Project19 Modelling security policies

INTER-TRUST Project20 Negotiating security policies

INTER-TRUST Project21 Dynamically generates aspects to be woven Based on the negotiated policy

INTER-TRUST Project22 Interprets the negotiated policy aspects woven into the application

INTER-TRUST Project23 Injects code Captures application events Detects non compliance of security requirements

INTER-TRUST Project24 Performs protection and mitigation strategies

INTER-TRUST Project25 Stand-alone monitoring and testing tools

INTER-TRUST Project26 The Partners INTER-TRUST Partners 1.Softeco Sismat Srl (Coordinator) 2.Montimage EURL 3.Institut Telecom 4.Universitat Rovira i Virgili 5.Search-Lab 6.Universidad de Malaga 7.University of Reading 8.Universidad de Murcia 9.Scytl Secure Electronic Voting 10.INDRA Sistemas

INTER-TRUST Project27 Dates and milestones INTER-TRUST started on November 2012 The project will last 30 months Four Milestones M1 specifications at M6 M2 first prototype at M12 M3 second prototype at M26 M4 final delivery and demo at M30

INTER-TRUST Project28 Contacts Project Coordinator Enrico Morten Softeco Sismat enrico.morten(at)softeco(dot)it Project Technical Manager Edgardo Montes de Oca Montimage edmo(at)wanadoo(dot)fr Project Exploitation and Dissemination Manager Antonio F. Skarmeta Gómez Dept. Ingeniería de la Información y las Comunicaciones Facultad de Informática, Universidad de Murcia skarmeta(at)um(dot)es

INTER-TRUST Project29 End… 29