Presentation is loading. Please wait.

Presentation is loading. Please wait.

[ [ Inter-Trust Interoperable Trust Assurance Infrastructure Project Presentation.

Published byFlora Watkins Modified over 8 years ago

Similar presentations

Presentation on theme: "[ [ Inter-Trust Interoperable Trust Assurance Infrastructure Project Presentation."— Presentation transcript:

1 [ [ Inter-Trust Interoperable Trust Assurance Infrastructure Project Presentation

2 20-3-2013INTER-TRUST Project2 Inter-Trust is a project financed by the EC within the FP7 THEME [ICT-2011.1.4] Trustworthy ICT Grant agreement no: 317731 2

3 20-3-2013INTER-TRUST Project3 Inter-Trust Objectives 3

4 20-3-2013INTER-TRUST Project4 Project Overall Objectives Develop a dynamic and scalable framework to support trustworthy services and applications in heterogeneous networks and devices based on the enforcement of interoperable and changing security policies Addressing the needs of developers, integrators and operators to develop and operate systems in a secure trusted manner dictated by negotiated security policies through dynamic SLA 4

5 20-3-2013INTER-TRUST Project5 Objectives in detail Sw development/test/integration/deployment Design a dynamic and scalable framework that allows creating and deploying critical services and applications that can easily adapt to different security, privacy, interoperability, legal, social and economic constraints Establishing a common security policy via negotiation to assure the interoperation among devices and systems with different security policies Using advanced vulnerability detection techniques (active and fuzz testing) to avoid security vulnerabilities introduced by the dynamic adaptation of the systems involved Design privacy-preserving negotiation and delegation mechanisms for the interoperability of security policies, even in the presence of scarce resources Analyse and assess legal, social and normative aspects 5

6 20-3-2013INTER-TRUST Project6 Objectives in detail System operation and maintenance To enable the run-time management of security policies including dynamic negotiation of security and trust parameters online deployment during registration and operation. To provide features for the automatic testing and monitoring of security policies increasing trust in the resulting systems by empowering the user and enabling intrusion detection, prevention and reaction 6

7 20-3-2013INTER-TRUST Project7 Objectives Validation Validate the architecture, techniques and tools developed using two completely different case studies with complex, high- demanding critical services 7

8 20-3-2013INTER-TRUST Project8 Use Cases Electronic Voting Remote multi-channel e-voting requiring the support of heterogeneous and highly distributed devices with strict security and privacy concerns. Vehicle-to-Vehicle and Vehicle-to- Infrastructure Communications / ITS A set of services, accessed by remote nomad devices or OBU terminals using wireless communications (UMTS, Wi-Fi, …) requiring highly adaptable, distributed security. 8

9 20-3-2013INTER-TRUST Project9 Use Cases Electronic Voting The security concerns must be fulfilled despite the used voting channel => Negotiation mechanisms must provide Authentication, Security and Delegation policies according to the capabilities of the voting device. Security needs: Confidentiality Integrity Message authenticity Access control Privacy 9

10 20-3-2013INTER-TRUST Project10 Use Cases V2V and V2I / ITS Security needs: Confidentiality Integrity Message authenticity Timeliness Access control Privacy (anonymity + un-linkability) Security constraints will change with the normal operation of the services, as will the range of end- devices that connect to the services and the coverage of the wireless networks => Adaptability needs

11 20-3-2013INTER-TRUST Project11 Inter-Trust Approach 11

12 20-3-2013INTER-TRUST Project12 Challenges Security has to be designed in an autonomous and spontaneous way in all the steps of modeling and deployment of security specification deployment component configuration redeployment in case of environmental changes, in particular when an intrusion is detected 12

13 20-3-2013INTER-TRUST Project13 Challenges The interoperability security policy is seen as a set of contracts (i.e. security SLAs), negotiated between the involved parties Networks and systems change dynamically, the policy deployment must be able to adapt to these changes 13

14 20-3-2013INTER-TRUST Project14 Technical approach Dynamic adaptation separate the security concerns compose them later when needed To this end Inter-Trusts adopts protection mechanisms based on Aspect Oriented Programming (AOP) supervision techniques based on monitoring as well as active testing techniques 14

15 20-3-2013INTER-TRUST Project15 Technical approach Aspect Oriented Programming (AOP) enable to add/implement security “ sub- concerns ” to application components f.i. availability, authentication, access control, integrity, encryption, enrolment...) used to “ weave ” security-related concerns and properties “on the fly” each party can dynamically adapt its behaviour to the negotiated security contracts 15

16 20-3-2013INTER-TRUST Project16 Technical approach Formal-based monitoring techniques to detect changes in the environment to check whether the involved parties actually respect the negotiated contracts information will be fed back to the framework and the involved parties they will adapt themselves to new threats and constraints that may arise 16

17 20-3-2013INTER-TRUST Project17 Technical approach Active and fuzz testing will complete the approach by performing conformance and robustness testing Active testing will be used to verify that the implementation of security policies respects the interoperability requirements Fuzz testing will be used to check the robustness of the interoperability of security policies 17

18 20-3-2013INTER-TRUST Project18 The Global Architecture 18

19 20-3-2013INTER-TRUST Project19 Modelling security policies

20 20-3-2013INTER-TRUST Project20 Negotiating security policies

21 20-3-2013INTER-TRUST Project21 Dynamically generates aspects to be woven Based on the negotiated policy

22 20-3-2013INTER-TRUST Project22 Interprets the negotiated policy aspects woven into the application

23 20-3-2013INTER-TRUST Project23 Injects code Captures application events Detects non compliance of security requirements

24 20-3-2013INTER-TRUST Project24 Performs protection and mitigation strategies

25 20-3-2013INTER-TRUST Project25 Stand-alone monitoring and testing tools

26 20-3-2013INTER-TRUST Project26 The Partners INTER-TRUST Partners 1.Softeco Sismat Srl (Coordinator) 2.Montimage EURL 3.Institut Telecom 4.Universitat Rovira i Virgili 5.Search-Lab 6.Universidad de Malaga 7.University of Reading 8.Universidad de Murcia 9.Scytl Secure Electronic Voting 10.INDRA Sistemas

27 20-3-2013INTER-TRUST Project27 Dates and milestones INTER-TRUST started on November 2012 The project will last 30 months Four Milestones M1 specifications at M6 M2 first prototype at M12 M3 second prototype at M26 M4 final delivery and demo at M30

28 20-3-2013INTER-TRUST Project28 Contacts Project Coordinator Enrico Morten Softeco Sismat e-mail: enrico.morten(at)softeco(dot)it Project Technical Manager Edgardo Montes de Oca Montimage e-mail: edmo(at)wanadoo(dot)fr Project Exploitation and Dissemination Manager Antonio F. Skarmeta Gómez Dept. Ingeniería de la Información y las Comunicaciones Facultad de Informática, Universidad de Murcia e-mail: skarmeta(at)um(dot)es

29 20-3-2013INTER-TRUST Project29 End… 29

Download ppt "[ [ Inter-Trust Interoperable Trust Assurance Infrastructure Project Presentation."

Similar presentations

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
Identity Federation Rules and Process Linda Elliott President, PingID Network Electronic Authentication Partnership Washington, DC February 12, 2004.

Identity Federation Rules and Process Linda Elliott President, PingID Network Electronic Authentication Partnership Washington, DC February 12, 2004.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Information Security Policies and Standards

Information Security Policies and Standards
Advanced Metering Infrastructure AMI Security Roadmap April 13, 2007.

Advanced Metering Infrastructure AMI Security Roadmap April 13, 2007.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.

1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 1 Slide 1 An Introduction to Software Engineering.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 1 Slide 1 An Introduction to Software Engineering.
Automated Policy Enforcement Adam Vincent, Layer 7 Federal Technical Director

Automated Policy Enforcement Adam Vincent, Layer 7 Federal Technical Director
NIST framework vs TENACE Protect Function (Sestriere, 21-23 Gennaio 2015)

NIST framework vs TENACE Protect Function (Sestriere, Gennaio 2015)
1 FM Overview of Adaptation. 2 FM RAPIDware: Component-Based Design of Adaptive and Dependable Middleware Project Investigators: Philip McKinley, Kurt.

1 FM Overview of Adaptation. 2 FM RAPIDware: Component-Based Design of Adaptive and Dependable Middleware Project Investigators: Philip McKinley, Kurt.
PRIVACY, TRUST, and SECURITY Bharat Bhargava (moderator)

PRIVACY, TRUST, and SECURITY Bharat Bhargava (moderator)
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.
MIGRATING INTO A CLOUD P. Sai Kiran. 2 Cloud Computing Definition “It is a techno-business disruptive model of using distributed large-scale data centers.

MIGRATING INTO A CLOUD P. Sai Kiran. 2 Cloud Computing Definition “It is a techno-business disruptive model of using distributed large-scale data centers.
IOT5_20110013GISFI # 05, June 20 – 22, 2011, Hyderabad, India 1 Privacy Requirements of User Data in Smart Grids Jaydip Sen Tata Consultancy Services Ltd.

IOT5_ GISFI # 05, June 20 – 22, 2011, Hyderabad, India 1 Privacy Requirements of User Data in Smart Grids Jaydip Sen Tata Consultancy Services Ltd.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
1 Autonomic Computing An Introduction Guenter Kickinger.

1 Autonomic Computing An Introduction Guenter Kickinger.

Similar presentations

Ads by Google