SlideShare une entreprise Scribd logo

Aniketos 2nd cluster meeting

F
fcleary

The Aniketos project aims to help establish and maintain trustworthy and secure behavior in dynamically changing environments of composite services. It develops methods and tool support for the design and runtime composition of secure dynamic services. The project addresses challenges of composite security where individual services may be trustworthy but their composition is not clear. It proposes expressing security and trustworthiness requirements through models and generating security agreements. The Aniketos platform supports security definition, evaluation, monitoring, and adaptation for composite services.

TechnologieBusiness
1  sur  20
Télécharger pour lire hors ligne
Aniketos: Supporting Trustworthy and Secure Composition in Service and Cloud Environments Per Håkon Meland Erkuden Rios Velasco David Llewellyn-Jones http://aniketos.eu 4th of July 2011 Effectsplus Clustering Event, Amsterdam
Contents Background Project overview Objective, facts, partners Challenges we are facing and what we can do about them… Box image by ba1969: http://www.sxc.hu/photo/1301543 Effectsplus July 2011 2
Future Internet Networked services From monolithic full-service stack suppliers To dynamic services built using multiple services from multiple providers Autonomic computing paradigm Self-management Self-healing Self-configuration Self-protection Dynamic mix of Cloud/non-cloud services depending on Service availability Functionality Price Performance Trustworthiness Security features Effectsplus July 2011 3
Aniketos Project The main objective of Aniketos is to help establish and maintain trustworthiness and secure behaviour in a dynamically changing environment of composite services. Methods, tool support and security services to support design-time creation and run-time (re-)composition of dynamic services Notifications about threats and changes Socio-technical evaluations for acceptance and effective security ICT FP7 Objective 1.4: Secure, dependable and trusted infrastructures Started August 2010 running until February 2014 See http://aniketos.eu Effectsplus July 2011 4
Compose Service Case Studies Air traffic service pool SESAR Future telecom services Photo by Joe Lipson, CC license eGovernance: Land buying Effectsplus July 2011 5
Aniketos Consortium Athens Technology Center SA Atos Origin DAEM S.A. DeepBlue SELEX ELSAG (ex Elsag Datamat) Italtel Liverpool John Moores University National Research Council of Italy SAP SEARCH Lab Ltd Stiftelsen SINTEF Tecnalia Research & Innovation Thales University of Salzburg University of Trento Waterford Institute of Technology Wind Telecomunicazioni S.p.A. Effectsplus July 2011 6
Composite Security Not just enforcing single security property on all services Distributed services from multiple providers Difficulty knowing if a policy is violated or not Service providers agree to fulfil a customer’s policy Need to know whether their service can fulfil it Need to decide whether this is the case Need tools to determine security properties based on composition Effectsplus July 2011 7
Example A ‘recursive services’ scenario Using a service, don’t need to know (or care) whether it’s a single service or composite service When determining the trustworthiness or security of a service, these issues may be critical! Data flow: Where is my data stored? Who has access to these data? How are they stored? How are they deleted? Which laws and policies apply? Effectsplus July 2011 8
Source: http://www.zdnet.com/blog/igeneration/microsoft-admits-patriot-act-can-access-eu-based-cloud-data/11225 Effectsplus July 2011 9
Composite Trust Services require not just security, but also trust Service provider claims to fulfil a security policy How can a service consumer trust this? Need tools for quantification of trustworthiness and verification Composite services introduce Composite trust Chains of trust Requirements on careful attribution Who’s trustworthiness rating should be affected if something goes wrong? Effectsplus July 2011 10
Aniketos Remedies for Composite Security and Trust Express security and trustworthiness requirements through graphical modelling Generation of security SLA templates Discovery, matching and planning Provide design-time and runtime modules for evaluating and monitoring security and trustworthiness between service stakeholders Subscription-based notifications and alerts (“early- warning”) Effectsplus July 2011 11
Societal Acceptance and Effective Security Trust and security are not only technical matters Depend heavily on the human factors to be effective Composite services are often complex Service end user should have an easy and understandable way of relying on its trustworthiness Aniketos contribution Define a user-centred view on service trust and security Investigate user acceptance and practical usability Use case studies for future European services Effectsplus July 2011 12
Summary of Security and Trust Challenges for the Future Internet Services made up of other services Service composition may not be obvious externally Services provided by multiple providers Service components change; trust information may not be available Widespread adoption means security must be clear for non-technical users Padlock image from arinas74: http://www.sxc.hu/photo/1056349 Effectsplus July 2011 13
Aniketos Approach Make composite services able to establish and maintain security and trustworthiness Effectsplus July 2011 14 / 27
Aniketos Approach Make composite services able to establish and maintain security and trustworthiness Effectsplus July 2011 15 / 27
Aniketos Approach – Objectives Ensure and manage trustworthiness of interoperable and dynamically evolving services (through trust models and metrics) Develop integral framework providing methods and tool support for secure interoperable service development, composition, adaptation and management through concept of Security Engineering Define how to efficiently analyse, solve and share information on how new threats and vulnerabilities can be mitigated or how services can adapt to them Promote and contribute to best practices, standards and own certification work related to security and trust Demonstrate and evaluate practical use of security techniques, frameworks, patterns and tools in ordinary development of software and service with end-user trials Effectsplus July 2011 16 / 27
Aniketos Approach Effectsplus July 2011 17 / 27
Platform Overview This approach is reflected in the platform design Incorporates The Aniketos platform The Aniketos platform Design-time support Design-time support Runtime support Design-time support Runtime support Run-time support Trustworthiness definition Trustworthiness monitoring and evaluation Trustworthiness definition and evaluation Trustworthiness monitoring Community support and evaluation and evaluation Security property definition Runtime validation of secure Security properties are defined and evaluated Securityevaluation and property definition and evaluation service behaviour Runtime validation of secure service behaviour Trustworthiness underpins security claims Composite service analysis and preparation Composite service analysis Composite service adaptation and recomposition Composite service adaptation and preparation and recomposition Threat context included in analysis Community support Composite analysis allows trust and security Community support properties to be understood in the context of Reference architecture and patterns Reference architecture and Threat analysis and notification Threat analysis and notification patterns composite services End user trust and assurance Aniketos market place End user trust and assurance Aniketos market place Support provided in terms of Reference designs and security patterns Threat information Notifications Effectsplus July 2011 18 / 27
Key Concepts Trust Used to determine whether offered security contracts are likely to be adhered to Security Security requirements are defined by a security contract requested by the consumer, and fulfilled by a security policy agreed by the provider Threats Threats define the context Different security may be needed as new threats and vulnerabilities are identified Effectsplus July 2011 19 / 27
Threat Detection and Response Service deployment environment is dynamic Fluctuating threats picture for service providers Changing operating conditions for end users New attack methods and capabilities emerge Flaws and vulnerabilities may be discovered in services Aniketos contribution Investigating new threat landscape Investigate threats to composite services Undertake work in understanding their nature Establish how to deal with them Effectsplus July 2011 20/27

Recommandé

Healthcare HIPAA Compliance
Healthcare HIPAA ComplianceHealthcare HIPAA Compliance
Healthcare HIPAA ComplianceApani Enterprise Security Software
 
VSD Infotech
VSD InfotechVSD Infotech
VSD InfotechVSD infotech
 
Testing cloud services - EuroSTAR
Testing cloud services - EuroSTARTesting cloud services - EuroSTAR
Testing cloud services - EuroSTARJeroen Mengerink
 
Corporate overview 1.2
Corporate overview 1.2Corporate overview 1.2
Corporate overview 1.2Laxman Marpalle
 
Regulatory Compliance Financial Institution
Regulatory Compliance Financial InstitutionRegulatory Compliance Financial Institution
Regulatory Compliance Financial InstitutionApani Enterprise Security Software
 
Accelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, IntelAccelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, IntelOpen Data Center Alliance
 
Healthcare overview
Healthcare overviewHealthcare overview
Healthcare overviewZensar Technologies Ltd.
 
Personal identity information protection
Personal identity information protectionPersonal identity information protection
Personal identity information protectionApani Enterprise Security Software
 

Recommandé

Healthcare HIPAA Compliance
Healthcare HIPAA ComplianceHealthcare HIPAA Compliance
Healthcare HIPAA ComplianceApani Enterprise Security Software
 
VSD Infotech
VSD InfotechVSD Infotech
VSD InfotechVSD infotech
 
Testing cloud services - EuroSTAR
Testing cloud services - EuroSTARTesting cloud services - EuroSTAR
Testing cloud services - EuroSTARJeroen Mengerink
 
Corporate overview 1.2
Corporate overview 1.2Corporate overview 1.2
Corporate overview 1.2Laxman Marpalle
 
Regulatory Compliance Financial Institution
Regulatory Compliance Financial InstitutionRegulatory Compliance Financial Institution
Regulatory Compliance Financial InstitutionApani Enterprise Security Software
 
Accelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, IntelAccelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, IntelOpen Data Center Alliance
 
Healthcare overview
Healthcare overviewHealthcare overview
Healthcare overviewZensar Technologies Ltd.
 
Personal identity information protection
Personal identity information protectionPersonal identity information protection
Personal identity information protectionApani Enterprise Security Software
 
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesHyTrust
 
Presidio Overview
Presidio OverviewPresidio Overview
Presidio Overviewrebekaclifton
 
Newcastle upon Tyne Hospitals NHS Success Story
Newcastle upon Tyne Hospitals NHS Success StoryNewcastle upon Tyne Hospitals NHS Success Story
Newcastle upon Tyne Hospitals NHS Success StoryImprivata
 
Miratech Infrastructure Support Services
Miratech Infrastructure Support ServicesMiratech Infrastructure Support Services
Miratech Infrastructure Support ServicesMiratech
 
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011IBM Sverige
 
Safe Code Software Integrity Controls0610
Safe Code Software Integrity Controls0610Safe Code Software Integrity Controls0610
Safe Code Software Integrity Controls0610Tommy Tracx Xaypanya
 
Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4Arrow ECS UK
 
Security Certification - Critical Review
Security Certification - Critical ReviewSecurity Certification - Critical Review
Security Certification - Critical ReviewISA Interchange
 
Arrow ecs security_brochure_2012
Arrow ecs security_brochure_2012Arrow ecs security_brochure_2012
Arrow ecs security_brochure_2012Arrow ECS UK
 
Security Certification - Critical Review
Security Certification - Critical ReviewSecurity Certification - Critical Review
Security Certification - Critical ReviewISA Interchange
 
Microsoft Forefront - Security for Office Communications Server Product Overv...
Microsoft Forefront - Security for Office Communications Server Product Overv...Microsoft Forefront - Security for Office Communications Server Product Overv...
Microsoft Forefront - Security for Office Communications Server Product Overv...Microsoft Private Cloud
 
Enhancing and Operating Video Collaboration with your Network
Enhancing and Operating Video Collaboration with your NetworkEnhancing and Operating Video Collaboration with your Network
Enhancing and Operating Video Collaboration with your NetworkCisco Canada
 
Day 3 p2 - security
Day 3 p2 - securityDay 3 p2 - security
Day 3 p2 - securityLilian Schaffer
 
Aniketos summary
Aniketos summaryAniketos summary
Aniketos summaryAniketos EU FP7 Project
 
Aniketos trust bus_sept_2012
Aniketos trust bus_sept_2012Aniketos trust bus_sept_2012
Aniketos trust bus_sept_2012Aniketos EU FP7 Project
 
A Framework for Secure Service Composition
A Framework for Secure Service CompositionA Framework for Secure Service Composition
A Framework for Secure Service CompositionAchim D. Brucker
 
Workshop summary software assurance and trust
Workshop summary software assurance and trustWorkshop summary software assurance and trust
Workshop summary software assurance and trustfcleary
 
Mobility solutions client presentation
Mobility solutions client presentationMobility solutions client presentation
Mobility solutions client presentationJuarez Junior
 
Defining and Evaluating the Usability of CMS - Saurabh Kudesia
Defining and Evaluating the Usability of CMS - Saurabh Kudesia Defining and Evaluating the Usability of CMS - Saurabh Kudesia
Defining and Evaluating the Usability of CMS - Saurabh Kudesia STC India UX SIG
 
Profile based security assurance for service
Profile based security assurance for serviceProfile based security assurance for service
Profile based security assurance for serviceIESS
 
Information Technology Security Techniques Evaluation Criteria For It Secrit...
Information Technology Security Techniques Evaluation Criteria For It Secrit...Information Technology Security Techniques Evaluation Criteria For It Secrit...
Information Technology Security Techniques Evaluation Criteria For It Secrit...Vishnu Kesarwani
 
Aniketos effects plus_6sep_2012-v04
Aniketos effects plus_6sep_2012-v04Aniketos effects plus_6sep_2012-v04
Aniketos effects plus_6sep_2012-v04Aniketos EU FP7 Project
 

Contenu connexe

Tendances

Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesHyTrust
 
Newcastle upon Tyne Hospitals NHS Success Story
Newcastle upon Tyne Hospitals NHS Success StoryNewcastle upon Tyne Hospitals NHS Success Story
Newcastle upon Tyne Hospitals NHS Success StoryImprivata
 
Miratech Infrastructure Support Services
Miratech Infrastructure Support ServicesMiratech Infrastructure Support Services
Miratech Infrastructure Support ServicesMiratech
 
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011IBM Sverige
 
Safe Code Software Integrity Controls0610
Safe Code Software Integrity Controls0610Safe Code Software Integrity Controls0610
Safe Code Software Integrity Controls0610Tommy Tracx Xaypanya
 
Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4Arrow ECS UK
 
Security Certification - Critical Review
Security Certification - Critical ReviewSecurity Certification - Critical Review
Security Certification - Critical ReviewISA Interchange
 
Arrow ecs security_brochure_2012
Arrow ecs security_brochure_2012Arrow ecs security_brochure_2012
Arrow ecs security_brochure_2012Arrow ECS UK
 
Security Certification - Critical Review
Security Certification - Critical ReviewSecurity Certification - Critical Review
Security Certification - Critical ReviewISA Interchange
 
Microsoft Forefront - Security for Office Communications Server Product Overv...
Microsoft Forefront - Security for Office Communications Server Product Overv...Microsoft Forefront - Security for Office Communications Server Product Overv...
Microsoft Forefront - Security for Office Communications Server Product Overv...Microsoft Private Cloud
 
Enhancing and Operating Video Collaboration with your Network
Enhancing and Operating Video Collaboration with your NetworkEnhancing and Operating Video Collaboration with your Network
Enhancing and Operating Video Collaboration with your NetworkCisco Canada
 

Tendances (13)

Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
 
Presidio Overview
Presidio OverviewPresidio Overview
Presidio Overview
 
Newcastle upon Tyne Hospitals NHS Success Story
Newcastle upon Tyne Hospitals NHS Success StoryNewcastle upon Tyne Hospitals NHS Success Story
Newcastle upon Tyne Hospitals NHS Success Story
 
Miratech Infrastructure Support Services
Miratech Infrastructure Support ServicesMiratech Infrastructure Support Services
Miratech Infrastructure Support Services
 
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
 
Safe Code Software Integrity Controls0610
Safe Code Software Integrity Controls0610Safe Code Software Integrity Controls0610
Safe Code Software Integrity Controls0610
 
Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4
 
Security Certification - Critical Review
Security Certification - Critical ReviewSecurity Certification - Critical Review
Security Certification - Critical Review
 
Arrow ecs security_brochure_2012
Arrow ecs security_brochure_2012Arrow ecs security_brochure_2012
Arrow ecs security_brochure_2012
 
Security Certification - Critical Review
Security Certification - Critical ReviewSecurity Certification - Critical Review
Security Certification - Critical Review
 
Microsoft Forefront - Security for Office Communications Server Product Overv...
Microsoft Forefront - Security for Office Communications Server Product Overv...Microsoft Forefront - Security for Office Communications Server Product Overv...
Microsoft Forefront - Security for Office Communications Server Product Overv...
 
Enhancing and Operating Video Collaboration with your Network
Enhancing and Operating Video Collaboration with your NetworkEnhancing and Operating Video Collaboration with your Network
Enhancing and Operating Video Collaboration with your Network
 
Day 3 p2 - security
Day 3 p2 - securityDay 3 p2 - security
Day 3 p2 - security
 

Similaire à Aniketos 2nd cluster meeting

A Framework for Secure Service Composition
A Framework for Secure Service CompositionA Framework for Secure Service Composition
A Framework for Secure Service CompositionAchim D. Brucker
 
Workshop summary software assurance and trust
Workshop summary software assurance and trustWorkshop summary software assurance and trust
Workshop summary software assurance and trustfcleary
 
Mobility solutions client presentation
Mobility solutions client presentationMobility solutions client presentation
Mobility solutions client presentationJuarez Junior
 
Defining and Evaluating the Usability of CMS - Saurabh Kudesia
Defining and Evaluating the Usability of CMS - Saurabh Kudesia Defining and Evaluating the Usability of CMS - Saurabh Kudesia
Defining and Evaluating the Usability of CMS - Saurabh Kudesia STC India UX SIG
 
Profile based security assurance for service
Profile based security assurance for serviceProfile based security assurance for service
Profile based security assurance for serviceIESS
 
Information Technology Security Techniques Evaluation Criteria For It Secrit...
Information Technology Security Techniques Evaluation Criteria For It Secrit...Information Technology Security Techniques Evaluation Criteria For It Secrit...
Information Technology Security Techniques Evaluation Criteria For It Secrit...Vishnu Kesarwani
 
Orchestration and provisioning architecture for effective service management
Orchestration and provisioning architecture for effective service managementOrchestration and provisioning architecture for effective service management
Orchestration and provisioning architecture for effective service managementAlan McSweeney
 
Wireless Enterprise Mobility Solutions
Wireless Enterprise Mobility Solutions Wireless Enterprise Mobility Solutions
Wireless Enterprise Mobility Solutions Infosys
 
A MODEL BASED APPROACH FOR IMPLEMENTING WLAN SECURITY
A MODEL BASED APPROACH FOR IMPLEMENTING WLAN SECURITY A MODEL BASED APPROACH FOR IMPLEMENTING WLAN SECURITY
A MODEL BASED APPROACH FOR IMPLEMENTING WLAN SECURITY AM Publications
 
How much can I trust my cloud services?
How much can I trust my cloud services?How much can I trust my cloud services?
How much can I trust my cloud services?ATMOSPHERE .
 
AN EXTENDED SECURITY MEASUREMENT FRAMEWORK FOR OPEN-SOURCE ENTERPRISE RESOURC...
AN EXTENDED SECURITY MEASUREMENT FRAMEWORK FOR OPEN-SOURCE ENTERPRISE RESOURC...AN EXTENDED SECURITY MEASUREMENT FRAMEWORK FOR OPEN-SOURCE ENTERPRISE RESOURC...
AN EXTENDED SECURITY MEASUREMENT FRAMEWORK FOR OPEN-SOURCE ENTERPRISE RESOURC...IJNSA Journal
 
Lee Technologies Corporate Brochure
Lee Technologies Corporate BrochureLee Technologies Corporate Brochure
Lee Technologies Corporate Brochurecwoodson
 
A secure cloud service deployment framework for DevOps
A secure cloud service deployment framework for DevOpsA secure cloud service deployment framework for DevOps
A secure cloud service deployment framework for DevOpsnooriasukmaningtyas
 
Extending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudExtending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudCA API Management
 
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...IBM Sverige
 
Compliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementCompliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementNoam Bunder
 

Similaire à Aniketos 2nd cluster meeting (20)

Aniketos summary
Aniketos summaryAniketos summary
Aniketos summary
 
Aniketos trust bus_sept_2012
Aniketos trust bus_sept_2012Aniketos trust bus_sept_2012
Aniketos trust bus_sept_2012
 
A Framework for Secure Service Composition
A Framework for Secure Service CompositionA Framework for Secure Service Composition
A Framework for Secure Service Composition
 
Workshop summary software assurance and trust
Workshop summary software assurance and trustWorkshop summary software assurance and trust
Workshop summary software assurance and trust
 
Mobility solutions client presentation
Mobility solutions client presentationMobility solutions client presentation
Mobility solutions client presentation
 
Defining and Evaluating the Usability of CMS - Saurabh Kudesia
Defining and Evaluating the Usability of CMS - Saurabh Kudesia Defining and Evaluating the Usability of CMS - Saurabh Kudesia
Defining and Evaluating the Usability of CMS - Saurabh Kudesia
 
Profile based security assurance for service
Profile based security assurance for serviceProfile based security assurance for service
Profile based security assurance for service
 
Information Technology Security Techniques Evaluation Criteria For It Secrit...
Information Technology Security Techniques Evaluation Criteria For It Secrit...Information Technology Security Techniques Evaluation Criteria For It Secrit...
Information Technology Security Techniques Evaluation Criteria For It Secrit...
 
Aniketos effects plus_6sep_2012-v04
Aniketos effects plus_6sep_2012-v04Aniketos effects plus_6sep_2012-v04
Aniketos effects plus_6sep_2012-v04
 
Orchestration and provisioning architecture for effective service management
Orchestration and provisioning architecture for effective service managementOrchestration and provisioning architecture for effective service management
Orchestration and provisioning architecture for effective service management
 
Wireless Enterprise Mobility Solutions
Wireless Enterprise Mobility Solutions Wireless Enterprise Mobility Solutions
Wireless Enterprise Mobility Solutions
 
A MODEL BASED APPROACH FOR IMPLEMENTING WLAN SECURITY
A MODEL BASED APPROACH FOR IMPLEMENTING WLAN SECURITY A MODEL BASED APPROACH FOR IMPLEMENTING WLAN SECURITY
A MODEL BASED APPROACH FOR IMPLEMENTING WLAN SECURITY
 
How much can I trust my cloud services?
How much can I trust my cloud services?How much can I trust my cloud services?
How much can I trust my cloud services?
 
AN EXTENDED SECURITY MEASUREMENT FRAMEWORK FOR OPEN-SOURCE ENTERPRISE RESOURC...
AN EXTENDED SECURITY MEASUREMENT FRAMEWORK FOR OPEN-SOURCE ENTERPRISE RESOURC...AN EXTENDED SECURITY MEASUREMENT FRAMEWORK FOR OPEN-SOURCE ENTERPRISE RESOURC...
AN EXTENDED SECURITY MEASUREMENT FRAMEWORK FOR OPEN-SOURCE ENTERPRISE RESOURC...
 
Lee Technologies Corporate Brochure
Lee Technologies Corporate BrochureLee Technologies Corporate Brochure
Lee Technologies Corporate Brochure
 
A secure cloud service deployment framework for DevOps
A secure cloud service deployment framework for DevOpsA secure cloud service deployment framework for DevOps
A secure cloud service deployment framework for DevOps
 
Sqa material
Sqa materialSqa material
Sqa material
 
Extending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudExtending Enterprise Security into the Cloud
Extending Enterprise Security into the Cloud
 
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...
 
Compliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementCompliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement Management
 

Plus de fcleary

Effectsplus july event report
Effectsplus july event report Effectsplus july event report
Effectsplus july event report fcleary
 
Viking vi cisi
Viking vi cisiViking vi cisi
Viking vi cisifcleary
 
T&s roadmap slides ams
T&s roadmap slides amsT&s roadmap slides ams
T&s roadmap slides amsfcleary
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meetingfcleary
 
Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1fcleary
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meetingfcleary
 
Vis sense cluster meeting
Vis sense cluster meetingVis sense cluster meeting
Vis sense cluster meetingfcleary
 
Endorse cluster meeting
Endorse cluster meetingEndorse cluster meeting
Endorse cluster meetingfcleary
 
Comifin cluster meeting
Comifin cluster meetingComifin cluster meeting
Comifin cluster meetingfcleary
 
Posecco cluster meeting
Posecco cluster meetingPosecco cluster meeting
Posecco cluster meetingfcleary
 
Assert4soa cluster meeting
Assert4soa cluster meetingAssert4soa cluster meeting
Assert4soa cluster meetingfcleary
 
Nessos securechange cluster meeting
Nessos securechange cluster meetingNessos securechange cluster meeting
Nessos securechange cluster meetingfcleary
 
Massif cluster meeting
Massif cluster meetingMassif cluster meeting
Massif cluster meetingfcleary
 
VIKING cluster meeting 1
VIKING cluster meeting 1VIKING cluster meeting 1
VIKING cluster meeting 1fcleary
 
Models Workshop Objectives
Models Workshop ObjectivesModels Workshop Objectives
Models Workshop Objectivesfcleary
 
U trustit_cluster meeting
U trustit_cluster meetingU trustit_cluster meeting
U trustit_cluster meetingfcleary
 
Massif road mapping_20110704
Massif road mapping_20110704Massif road mapping_20110704
Massif road mapping_20110704fcleary
 
Bic effectplus ws
Bic effectplus wsBic effectplus ws
Bic effectplus wsfcleary
 

Plus de fcleary (20)

Effectsplus july event report
Effectsplus july event report Effectsplus july event report
Effectsplus july event report
 
Viking vi cisi
Viking vi cisiViking vi cisi
Viking vi cisi
 
T&s roadmap slides ams
T&s roadmap slides amsT&s roadmap slides ams
T&s roadmap slides ams
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meeting
 
Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meeting
 
Vis sense cluster meeting
Vis sense cluster meetingVis sense cluster meeting
Vis sense cluster meeting
 
Endorse cluster meeting
Endorse cluster meetingEndorse cluster meeting
Endorse cluster meeting
 
Comifin cluster meeting
Comifin cluster meetingComifin cluster meeting
Comifin cluster meeting
 
Posecco cluster meeting
Posecco cluster meetingPosecco cluster meeting
Posecco cluster meeting
 
Assert4soa cluster meeting
Assert4soa cluster meetingAssert4soa cluster meeting
Assert4soa cluster meeting
 
Nessos securechange cluster meeting
Nessos securechange cluster meetingNessos securechange cluster meeting
Nessos securechange cluster meeting
 
Massif cluster meeting
Massif cluster meetingMassif cluster meeting
Massif cluster meeting
 
VIKING cluster meeting 1
VIKING cluster meeting 1VIKING cluster meeting 1
VIKING cluster meeting 1
 
Models Workshop Objectives
Models Workshop ObjectivesModels Workshop Objectives
Models Workshop Objectives
 
U trustit_cluster meeting
U trustit_cluster meetingU trustit_cluster meeting
U trustit_cluster meeting
 
Massif road mapping_20110704
Massif road mapping_20110704Massif road mapping_20110704
Massif road mapping_20110704
 
Bic effectplus ws
Bic effectplus wsBic effectplus ws
Bic effectplus ws
 
Syssec
SyssecSyssec
Syssec
 
Nessos
NessosNessos
Nessos
 

Dernier

What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 

Dernier (20)

What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 

Aniketos 2nd cluster meeting

  • 1. Aniketos: Supporting Trustworthy and Secure Composition in Service and Cloud Environments Per Håkon Meland Erkuden Rios Velasco David Llewellyn-Jones http://aniketos.eu 4th of July 2011 Effectsplus Clustering Event, Amsterdam
  • 2. Contents Background Project overview Objective, facts, partners Challenges we are facing and what we can do about them… Box image by ba1969: http://www.sxc.hu/photo/1301543 Effectsplus July 2011 2
  • 3. Future Internet Networked services From monolithic full-service stack suppliers To dynamic services built using multiple services from multiple providers Autonomic computing paradigm Self-management Self-healing Self-configuration Self-protection Dynamic mix of Cloud/non-cloud services depending on Service availability Functionality Price Performance Trustworthiness Security features Effectsplus July 2011 3
  • 4. Aniketos Project The main objective of Aniketos is to help establish and maintain trustworthiness and secure behaviour in a dynamically changing environment of composite services. Methods, tool support and security services to support design-time creation and run-time (re-)composition of dynamic services Notifications about threats and changes Socio-technical evaluations for acceptance and effective security ICT FP7 Objective 1.4: Secure, dependable and trusted infrastructures Started August 2010 running until February 2014 See http://aniketos.eu Effectsplus July 2011 4
  • 5. Compose Service Case Studies Air traffic service pool SESAR Future telecom services Photo by Joe Lipson, CC license eGovernance: Land buying Effectsplus July 2011 5
  • 6. Aniketos Consortium Athens Technology Center SA Atos Origin DAEM S.A. DeepBlue SELEX ELSAG (ex Elsag Datamat) Italtel Liverpool John Moores University National Research Council of Italy SAP SEARCH Lab Ltd Stiftelsen SINTEF Tecnalia Research & Innovation Thales University of Salzburg University of Trento Waterford Institute of Technology Wind Telecomunicazioni S.p.A. Effectsplus July 2011 6
  • 7. Composite Security Not just enforcing single security property on all services Distributed services from multiple providers Difficulty knowing if a policy is violated or not Service providers agree to fulfil a customer’s policy Need to know whether their service can fulfil it Need to decide whether this is the case Need tools to determine security properties based on composition Effectsplus July 2011 7
  • 8. Example A ‘recursive services’ scenario Using a service, don’t need to know (or care) whether it’s a single service or composite service When determining the trustworthiness or security of a service, these issues may be critical! Data flow: Where is my data stored? Who has access to these data? How are they stored? How are they deleted? Which laws and policies apply? Effectsplus July 2011 8
  • 10. Composite Trust Services require not just security, but also trust Service provider claims to fulfil a security policy How can a service consumer trust this? Need tools for quantification of trustworthiness and verification Composite services introduce Composite trust Chains of trust Requirements on careful attribution Who’s trustworthiness rating should be affected if something goes wrong? Effectsplus July 2011 10
  • 11. Aniketos Remedies for Composite Security and Trust Express security and trustworthiness requirements through graphical modelling Generation of security SLA templates Discovery, matching and planning Provide design-time and runtime modules for evaluating and monitoring security and trustworthiness between service stakeholders Subscription-based notifications and alerts (“early- warning”) Effectsplus July 2011 11
  • 12. Societal Acceptance and Effective Security Trust and security are not only technical matters Depend heavily on the human factors to be effective Composite services are often complex Service end user should have an easy and understandable way of relying on its trustworthiness Aniketos contribution Define a user-centred view on service trust and security Investigate user acceptance and practical usability Use case studies for future European services Effectsplus July 2011 12
  • 13. Summary of Security and Trust Challenges for the Future Internet Services made up of other services Service composition may not be obvious externally Services provided by multiple providers Service components change; trust information may not be available Widespread adoption means security must be clear for non-technical users Padlock image from arinas74: http://www.sxc.hu/photo/1056349 Effectsplus July 2011 13
  • 14. Aniketos Approach Make composite services able to establish and maintain security and trustworthiness Effectsplus July 2011 14 / 27
  • 15. Aniketos Approach Make composite services able to establish and maintain security and trustworthiness Effectsplus July 2011 15 / 27
  • 16. Aniketos Approach – Objectives Ensure and manage trustworthiness of interoperable and dynamically evolving services (through trust models and metrics) Develop integral framework providing methods and tool support for secure interoperable service development, composition, adaptation and management through concept of Security Engineering Define how to efficiently analyse, solve and share information on how new threats and vulnerabilities can be mitigated or how services can adapt to them Promote and contribute to best practices, standards and own certification work related to security and trust Demonstrate and evaluate practical use of security techniques, frameworks, patterns and tools in ordinary development of software and service with end-user trials Effectsplus July 2011 16 / 27
  • 17. Aniketos Approach Effectsplus July 2011 17 / 27
  • 18. Platform Overview This approach is reflected in the platform design Incorporates The Aniketos platform The Aniketos platform Design-time support Design-time support Runtime support Design-time support Runtime support Run-time support Trustworthiness definition Trustworthiness monitoring and evaluation Trustworthiness definition and evaluation Trustworthiness monitoring Community support and evaluation and evaluation Security property definition Runtime validation of secure Security properties are defined and evaluated Securityevaluation and property definition and evaluation service behaviour Runtime validation of secure service behaviour Trustworthiness underpins security claims Composite service analysis and preparation Composite service analysis Composite service adaptation and recomposition Composite service adaptation and preparation and recomposition Threat context included in analysis Community support Composite analysis allows trust and security Community support properties to be understood in the context of Reference architecture and patterns Reference architecture and Threat analysis and notification Threat analysis and notification patterns composite services End user trust and assurance Aniketos market place End user trust and assurance Aniketos market place Support provided in terms of Reference designs and security patterns Threat information Notifications Effectsplus July 2011 18 / 27
  • 19. Key Concepts Trust Used to determine whether offered security contracts are likely to be adhered to Security Security requirements are defined by a security contract requested by the consumer, and fulfilled by a security policy agreed by the provider Threats Threats define the context Different security may be needed as new threats and vulnerabilities are identified Effectsplus July 2011 19 / 27
  • 20. Threat Detection and Response Service deployment environment is dynamic Fluctuating threats picture for service providers Changing operating conditions for end users New attack methods and capabilities emerge Flaws and vulnerabilities may be discovered in services Aniketos contribution Investigating new threat landscape Investigate threats to composite services Undertake work in understanding their nature Establish how to deal with them Effectsplus July 2011 20/27