SlideShare a Scribd company logo
1 of 39
Download to read offline
Information Technology Solutions




EFFECTSPLUS CONSORTIUM

Waterford institute Of Technology




ATOS




Hewlett-Packard Limited (HPLB)




                                           Effectsplus 2nd Cluster Event
SAP (AG)




Universita Degli Studi Di Trento




                                           July 4th & 5th 2011
R E P O R T A U TH O R

Frances Cleary , Waterford Institute

Of technology (fcleary@tssg.org)
                                           VU University,
REPORT CONTRIBUTORS                        Amsterdam
Nick Wainwright (HP) , Jim Clarke

(WIT) , Keith Howker (WIT) , Michele

Bezzi ( SAP) , Volkamr Lotz (SAP),

Isabe)l Vinagre Torres ( ATOS) ,

Pedro Soria Rodriguez( ATOS), Nick

Papanikolaou ( HP), Roland Reike ,

Fabio Martinelli, workshop atten-                                     Clustering
dees.


                                                                                   1
Information Technology




EFFECTSPLUS CONSORTIUM

Waterford institute Of Technology                               Table Of Contents


ATOS                                Objectives of 2nd Cluster Meeting ………………… … … … … … … … … … … …           3.

                                    Networking & coordination Session ………………… … … … … … … … … … … …           5.

                                    Services and Clouds Cluster Report ………………… … … … … … … … … … … …            9.

                                    Systems and Networks Cluster Report ………………… … … … … … … … … … … … 11
Hewlett-Packard Limited (HPLB)      .
                                    Special Interest Groups: policy and Monitoring ………………… … … … … … … … 14.

                                    Trust and security Research Roadmap session ………………… … … … … … … … … 15.

                                    Innovation Potentials & gaps for FP7 Trust and security projects ………………… … 17.

                                    Effectsplus 2012 Wider collaboration event (CSPEF2012) ………………… … … … ..18.
SAP (AG)
                                    Head Of Unit F5, Jesus Villasante closing speech ………………… … … … … … … …19

                                    FIA Related Activities: trust and security ………………… … … … … … … … … … …20

                                    Effectsplus future Events ………………… … … … … … … … … … … … … … … … .21

Universita Degli Studi Di Trento    Appendix A , Agenda………………… … … … … … … … … … … … … … … … …               22

                                    Appendix B , registered Attendees………………… … … … … … … … … … … … … 23

                                    Appendix C, cluster participants ………………… … … … … … … … … … … … … 24

                                    Appendix D, cluster communication ………………… … … … … … … … … … … … 25

                                    Appendix E, cloud & services workshop, Project abstracts ………………… … … … 26

                                    Appendix F, systems & Networks workshop, Project abstracts ………………… … … 29




                                                                                                            Clustering

                                                                                                                         2
Objectives of 2nd Cluster Meeting

                           Frances Cleary , the Effectsplus coordinator, opened the 2nd Effectsplus Cluster event, at
                           Vrijie university in Amsterdam on the 4th and 5th July 2011. The event co-located with
F r a n c e s C l e a ry
                           the SysSec workshop on the 6th July and the DIMVA 2011 conference.
Effectsplus Coordinator    For this trust and security collaboration meeting , 22 research projects , attended and par-
Waterford Institute Of
                           ticipated to this event . (Programme and Attendees can be viewed in Appendix A,B.C)

Technology - TSSG




Michele Bezzi (SAP)        Mr Michele Bezzi, the Effectsplus cluster lead commented on the main objectives of the
                           event . Two parallel workshops were planned
Effectsplus Cluster lead

                           •   Systems and Networks Cluster : Workshop on Models

                           Addressing issues such as
                           * Security Incident Models providing Qualitative and Quantitative
                           * Models of Security and Privacy Requirements and Policies for FI
                           * Enterprise Architecture Models for Security Analysis
                           * Society Models for Social Impact Analysis
                           * Models of Security and Privacy issues in Cyber-Physical Systems, Smart Grids and
                           other Critical Infrastructures
                           * Security by Design - Models on Resilience and Trust (e.g. use of trust anchors to pro-
                           vide a trusted backbone infrastructure)
                           • Models on Security and Privacy issues in Cloud Computing

                           •   Services and Could Cluster : Workshop on Trust and Assurance

                           Addressing questions such as How to….
                           * establish and maintain trust in dynamic composite services
                           * define security validation technologies
                           * provide flexible security certification schemes
                           * perform security testing in heterogeneous service environments
                           * automate security model checking
                           * managing risk, security and trust metrics in secure service engineering
                           * model-based security design & architecture                                       Clustering
                           * audit and monitor of distributed software systems.


                                                                                                                           3
Objectives of 2nd Cluster Meeting
Mr Bezzi commented that the main expected outputs coming from these workshops were
as follows

1.   Identify possible areas of collaboration among projects.
2.   Identify which concrete examples are publicly available and re-usable in related pro-
     jects
3.   Identify gaps between existing approaches and promising areas for future research



Detailed call text for each of the workshops can be found at the following links

Systems & Networks cluster Models workshop:
http://www.effectsplus.eu/files/2011/06/Effectsplus-Systems-and-Networks-Models-
Workshop-Agenda-Draft-v4.pdf

Services and Cloud cluster trust and assurance workshop:
http://www.effectsplus.eu/files/2011/06/Serv_Cloud_workshopx.pdf




                                                                                   Clustering


                                                                                                4
Networking & Coordination Session

                                               Jim Clarke networking and coordination cluster presentation session:

                                               This session was opened by the cluster lead Mr Jim Clarke ( WIT-TSSG). Mr Clarke commented
                                               that the aim of this session was for CSA’s and NoEs in Unit F5 to avail of an opportunity to pro-
Jim Clarke                                     vide information on the activities they have underway in their individual projects and to provide
N e t w o rk i n g & c o o r d i n a t i o n   details on upcoming events and research roadmap agendas they have in progress, in order to make
                                               the wider research community aware of their endeavours. This session involved speakers from the
cluster lead
                                               following projects BIC, TDL/Actor, NESSOS, SYSSEC.
Waterford Institute Of
Technology - TSSG                              BIC: Building international cooperation for trustworthy ICT.
                                               Speaker : Jim Clarke

                                               Mr. Clarke presented the Coordination Action BiC project - Building International Cooperation
                                               for Trustworthy ICT: Security, Privacy and Trust in Global Networks & Services, which started
                                               on 1st January 2011. BIC will expand the co-operation models of EU researchers and programme
                                               management with their peers in new ICT high-growth countries, specifically Brazil, India and
                                               South Africa, who represent emergent world-impacting information economies through the scale
                                               and sophistication of their growing ICT sectors. In addition, the project will provide continuity
                                               and bring together a truly global collaboration with the participation of the already established
                                               connections from the INCO-TRUST project between the EU and the United States, Japan, Austra-
                                               lia, South Korea and Canada.

                                               Mr. Clarke presented the four core objectives of BIC:
                                               • Charting the landscape of Brazil, India and South Africa and their initial potential match to
                                                EU Trust, Security and Privacy themes;
                                               • Prioritisation of the EU influenced vision and research directions including alignment of work
                                                programmes;
                                               • Global alignment, consensus and outreach of the European visions and challenges across all
                                                targeted countries;
                                               • Definition of Tangible International Activities including transnational partnerships with EU
                                                    partners.
                                               Mr. Clarke presented the accomplishments of the project to date:

                                               EU – Brazil Cooperation workshop (along with IWT 2011),Held 3rd May 2011; Rio De Janeiro
                                               (>60 attendees) Full report available at http://www.inatel.br/iwt/slide-show/bic-workshop

                                               In the process of putting together an International Advisory Group (IAG) from all involved coun-
                                               tries

                                               •   Organising EU – South Africa workshop 16th August 2011 (along with ISSA 2011 - http://
                                                   www.infosecsa.co.za/)

                                               •   Organising EU – India workshop 28th November 2011 (along with eINDIA 2011 - http://
                                                   www.eindia.net.in/2011/)

                                               •   Strong collaboration with the EU – India Spirit Coordination Action project – see http://
                                                   www.euroindia-ict.org/.
                                                                                                                                Clustering

                                                                                                                                                   5
Networking & Coordination Session

Preparing for Annual Forum/IAG meeting in Q4 2011
             • building topics of interest with countries
             • planning session being held 6th July 2011 within SysSec workshop.
             • See http://www.syssec-project.eu/events/1st-syssec-workshop-program/
Other programme related activities
             • involvement in the Networking and coordinator cluster of the Effectplus project.
             • Involvement in Working groups of SysSec
             • Involvement in Advisory Group of NESSOS
             • Involvement in Trust and the Digital Life
             • Involvement in Future Internet Assembly

In order to receive more information, Mr. Clarke gave the pointers of all the Work package lead-
ers of BIC.

WP1: James Clarke Jclarke@tssg.org
WP2: Neeraj Suri suri@cs.tu-darmstadt.de
WP3: Michel Riguidel michel.riguidel@telecom-paristech.fr
WP4: Aljosa Pasic aljosa.pasic@atosresearch.eu or aljosa.pasic@atos.net

WP1: Project Management
WP2: Platform for International Collaboration and consensus building
WP3: Input to the design of future research programmes
WP4: Building the International Co-operation community.

To view this presentation please see the following link
http://www.slideshare.net/fcleary/bic-effectplus-ws .

SysSec: A European Network of Excellence in Managing Threats and Vulnerabili-
ties in the Future Internet
Speaker: Evangelos Marketos

Mr Evangelos opened his session with “ what is the security challenges we face?” to mention
some
• Hackers disabling cars
• Hackers get into power grids
• Hackers get into fighter planes
What are we doing about this? SysSec: 4-year NoE to consolidate Research in managing
threats for the Future Internet.
SysSec proposes a game-changing approach to cybersecurity:

Currently Researchers are mostly reactive: they usually track cyberattackers after an attack has
been launched thus, researchers are always one step behind attackers. SysSec aims to break this
vicious cycle. Researchers should become more proactive: and Anticipate attacks and vulner-
abilities and Predict and prepare for future threats , working on defenses before attacks material-
ize.
                                                                                   Clustering

Mr Marketos full presentation can be viewed http://www.slideshare.net/fcleary/syssec .
                                                                                                      6
Networking & Coordination Session Contd..

NESSOS: Network of Excellence on Engineering Secure Future Internet
Software Services and Systems

Speaker: Fabio Martinelli

NESSoS aims at constituting a long lasting Virtual research centre
on engineering secure software-based service and systems. Aiming at reducing the vulner-
abilities in Future Internet Software-based Services (FISS) and Improving the design and
overall assurance level of FISS. NESSoS will Provide means for a risk/cost based SDLC
for FISS and will contribute to create an active research community by reducing the exist-
ing fragmentation, and by re-addressing , integrating, harmonizing research agendas of
NESSoS partners as well as spanning out of the organizations involved towards wider
scientific and technological communities.

NESSoS is committed to achieve very significant advances in knowledge and spread the
research excellence achieved as well as roadmapping activities NESSoS will contribute to
the growth of a generation of researchers and practitioners in the area by creating a com-
mon body of knowledge (CBK) directly exploitable for training and education purposes.

Mr Martinelli presentation included the following main agenda items

1.    Motivation and main goals
2.    Consortium expertise
3.    Integration strategy
4.    Structure of the NoE
5.    Integration Activities
6.    Research Activities
7.    Spread of Excellence Activities
8.    Management Activities
9.    Highlights
10.   Relationships with other communities

Mr Martinelli’s full presentation can be viewed http://www.slideshare.net/fcleary/nessos

TDL– Actor: Trust in digital Life

Speaker : Arthur Leijtens

Mr Leijtens started his presentation with an overview of the TDL ambitions and expecta-
tions.
• Self sustainable inspiring TRUST community providing directions and development
     of knowledge and collaborative projects & frameworks for trustworthy ICT solutions.
• Innovative but realistic research agenda recognized by industry, knowledge institutes,
     the European commission, local governments and other independent authorities .
• Create possibilities for public funding for collaborative R&D
      and deployment projects .                                                 Clustering
• Create industrial, political and legal awareness for removing barriers
      through an extensive demonstrations and pilots program.

                                                                                             7
Networking & Coordination session Contd..

Mr Leijtens then continued to detail the working of Trust in digital Life , with emphasis on Trust-
worthy ICT solutions, highlighting their currently active working groups and activities, comment-
ing on the 4 main working groups they have in existence.

1.   Use cases
2.   Technology and requirements
3.   Law and technology
4.   Business cases

Further information on these individual working groups can be viewed in the supporting TDL
presentation. Mr Leijtens concluded with details of the TDL community, TDL consortium and
details on TDL membership.

Mr Leijtens full presentation can be viewed http://www.slideshare.net/fcleary/tdl




                                                                              Clustering
                                                                                                      8
Services and Clouds Cluster Report
Services and Clouds
cluster Lead             Report on the Effectsplus Cloud & Services ,Workshop on SOFTWARE ASSURANCE &
                         TRUST.

Fabio Martinelli (CNR)   Motivation and goals
                         The vision of the Future Internet heralds a new environment where multiple services are transpar-
                         ently and seamlessly mixed and exchange information, giving rise to new capabilities.
                         This paradigm largely enriches our ability to create new applications and businesses.

                         However, it raises formidable security challenges, which have to be solved to make this vision
                         real. In particular, these systems need new forms of software assurance that goes beyond the cur-
                         rent view, based on static and isolated systems, and fundamentally challenge us to rethink how to
                         address questions such as, how to:
                              • establish and maintain trust in dynamic composite services.
                              • define security validation technologies
Michele Bezzi (SAP)           • provide flexible security certification schemes
                              • perform security testing in heterogeneous service environments
                              • automate security model checking
                              • audit and monitor distributed software systems.

                         Various projects in the ICT Framework Programme are currently addressing some of these ques-
                         tions.
                         The Effectsplus FP7 funded Coordination & Support Action, within the activity of Services and
                         cloud cluster, organizes a workshop, which aims to provide a forum for discussing the different
                         approached of projects in this area. At the end of the workshop, we expect to have a better under-
                         standing of
                         • possible areas of collaboration among projects
                         • gaps between existing approaches
                         • promising areas for future research

                         The agenda of the workshop was structured in two half days. In the first one on July 4th, the pro-
                         jects in the cluster presented several research approaches for assurance and trust (See project ab-
                         stracts in Appendix E ); while the second half day on July 5th was devoted to discussion and syn-
                         chronization with the other Effectsplus workshops that run in parallel.
                         The annotated agenda of the presentation is the following:

                             Aniketos: Supporting trustworthy and secure composition in service and cloud environments
                                 (Per Håkon Meland, David Llewellyn-Jones, Erkuden Rios Velasco), Security SLA, Ser-
                                 vice discovery using security properties, Trust Monitoring
                             Assert4SOA: Advanced Security Service Certificate for SOA (Ernesto Damiani): Security
                                 Certificate, Assurance for service compositions, Security testing, Service discovery using
                                 security properties
                             Posecco: Leveraging Security Models to Automate Audits and Improve their Level of Assur-
                                 ance (Serena Ponta), Support mechanisms for auditing, Compliance with security reqs
                                 through auditing
                             MASSIF: Management of Security information and events in Service Infrastructures (Pedro
                                 Soria-Rodriguez), SIEM, Trusted collection and monitoring of security-related data
                             NESSos: A General framework for security-aware analysis of services (Fabio Martinelli):
                                 Trust Metrics, Process Composition, Optimization
                             UTrust-IT: Usable Trust in the Internet of Things, (Peter Wolkerstorfer), Trust & HCI, Per-
                                 sonas methodology, user-centricity
                                                                                                       Clustering              9
Services and Clouds Cluster Report

Conclusion

Eventually, after the discussion phase the workshop participants were able to recap the different
approaches for trust and assurance that could be further investigated together as audit, certifica-
tion, SLA for security, user-centered security, trust monitoring techniques and usage policies, etc.

There was an agreement to try to write a joint paper (e.g. for the FIA book) in those aspects

Among the participants some follow-up with inter project meetings where identified as:
• Security SLA: Nessos, Aniketos, Assert4SOA, Contrail (Here there is also the proposal for a
   specific W3C subcommittee on Security aspects for SLAs);
• Auditing: Assert4SOA, PoSecco
• User-studies: U-Trust-IT, Posecco, Aniketos

Among the topics selected for further scrutiny, there was a suggestion to investigate for the next
Effectsplus meeting (Bristol, 2012) the following aspects:
• Secure Service Compositions during service lifetime

Presentations from this cluster group and workshop can be viewed
http://www.effectsplus.eu/2nd-cluster-meeting-reports-and-presentations/




                                                                                Clustering
                                                                                                       10
Systems and Networks Cluster Report
S y s t e m s a n d N e t w o rk s
cluster Lead                         The vision of the Future Internet heralds a new environment where multiple services are
                                     transparently and seamlessly mixed and exchange information, giving rise to new capabilities. This
                                     paradigm largely enriches our ability to create new applications and businesses but also enables new
Roland Rieke - Fraun-                possibilities for threats and scales up the risks of financial and also physical impact.
hofer SIT                            Various projects in the ICT Framework Programme are currently using Models of different kinds in
                                     order to assess upcoming security and privacy challenges and mitigation strategies w.r.t. their possi-
                                     ble impact.

                                     The Effectsplus FP7 funded Coordination & Support Action, within the activity of Systems and Net-
                                     works cluster, organized a workshop, with the aim to provide a forum for discussing the di_erent
                                     approaches of projects in this area.

                                     The workshop was hold during the second Effectsplus clustering event in Amsterdam(Netherlands),
                                     at July 4th-5th 2011. The title of the workshop was Models (including meta-models, ontologies,..)".

                                     Workshop On Models

                                     Roland Rieke (member of the MASSIF project) was responsible for the collection of the
                                     contributions and the agenda of the workshop.

                                     Those projects, which had indicated their interest in this collaboration area at the first Systems and
                                     Networks cluster workshop, have been invited to contribute their activities w.r.t. the following sub-
                                     jects:

                                     •   Security Incident Models providing Qualitative and Quantitative Security
                                         Measurements (base measures and derived measures to audit and monitor
                                         complex distributed systems in FI).
                                     • Models of Security and Privacy Requirements and Policies for FI.
                                     • Enterprise Architecture Models for Security Analysis.
                                     •   Society Models for Social Impact Analysis.
                                     • Models of Security and Privacy issues in Cyber-Physical Systems, Smart.
                                         Grids and other Critical Infrastructures
                                     • Security by Design - Models on Resilience and Trust (e.g. use of trust
                                     anchors to provide a trusted backbone infrastructure)
                                     • Models on Security and Privacy issues in Cloud Computing

                                     The aim of the workshop was to identify possible areas of collaboration among projects w.r.t. con-
                                     crete models which are publicly available and re-usable in related projects as well as to identify gaps
                                     between existing approaches and promising areas for future research.




                                                                                                                         Clustering
                                                                                                                                               11
Systems and Networks: Workshop on Models
S y s t e m s a n d N e t w o rk s   In order to provide the content for the following discussions, each participant of
cluster Lead                         the workshop presented a topic w.r.t. the modelling work done in the respective
                                     project. Unfortunately, the given time slots of 10-15 minutes per project did
                                     not allow for a complete presentation of a projects results, so only some selected
                                     interesting aspects could be shown. The following list gives an overview of the
                                     presentations at the workshop (supporting abstracts can be viewed in Appendix F):

                                     •    Roland Rieke (MASSIF): Objectives of the Effectsplus Systems and Networks Cluster
                                          Workshop on Models
                                     •    Igor Kotenko (MASSIF): Analytical attack modelling and security evaluation in MASSIF
                                     •    Teodor Sommestad (VIKING): Enterprise Architecture Models for Security Analysis
                                     •    Mats B-O Larsson (VIKING): Virtual City Simulator (ViCiSi)
                                     •    Domenico Presenza (ASSERT4SOA): Ontology's in ASSERT4SOA
                                     • Federica Paci (NESSoS, SecureChange): Managing Security and Changes
                                     throughout the whole System Engineering Process
                                     • Antonio Lioy (PoSecCo): PoSecCo models
                                     • Steffen Peter (WSAN4CIP, TAMPRES): Assessment models to Improve
                                     the Usability of Security in Wireless Sensor Networks
                                     • James Davey (VIS-SENSE): Multi-Dimensional Clustering for the Purposes of Root-Cause
                                         Analysis
                                     • Mark McLaughlin (ENDORSE): Introducing the ENDORSE Privacy Rules
                                     Definition Language
                                     •    Roberto Baldoni (CoMiFin): Collaborative Security for Protection of Financial Critical
                                         Infrastructures: The Semantic Room abstraction model

                                     It was decided to contribute to the following Effectsplus supported Systems and Networks cluster
                                     activities:
                                     • Classification (overview) of areas covered by the presented models (inter-
                                                actively edit a table on Effectsplus web-site)
                                     • Joint paper (e.g. FIA book), or workshop: European perspective (survey)
                                                of models on security, privacy, trust
                                     • Followup Systems and Networks cluster meeting on specific aspects of
                                                multilateral project cooperation's (Feb. 2012, HP-labs, Bristol)
                                     • Participation in Cyber-Security and Privacy EU Forum CSPEF 2012
                                               (Berlin 24.-25.4.) with Demonstrations and Tutorials

                                     The main result of this workshop however was the elicitation of common
                                     interests between the projects and the initiation of concrete plans for multilateral
                                     collaborations as shown in Table 1.




                                                                                                                       Clustering
                                                                                                                                        12
Systems and networks: Workshop on Models
S y s t e m s a n d N e t w o rk s
cluster Lead




                                     Table 1: Multilateral collaborations within Effectsplus “Systems and Networks cluster”

                                     Jesus Villasante the head of the Trust and Security Unit in the EU Directorate General Information
                                     Society and Media (DG Infso) participated in the meeting. He confirmed that his unit will fully
                                     support these clustering activities.

                                     Presentations from this cluster group and workshop can be viewed
                                     http://www.effectsplus.eu/2nd-cluster-meeting-reports-and-presentations/




                                                                                                                 Clustering
                                                                                                                                     13
Special Interest Groups : Policy and Monitoring
Special Interest Groups

                          During the effectsplus clustering event , two special interest groups were proposed to be formed,
Nick Papanikolaou (HP)    based on topics and level of interest shown , by project participants. The aim of these special inter-
                          est groups is to continue collaboration and work on identified topics coming from the cluster
                          groups with a view to successfully participating and proposing collaborations, joint papers and
                          events. The following details the initial focus of the two special interest groups and the main
                          contacts for each.

                          Effectsplus Special Interest Group on Policies - led by Nick Papanikolaou
                          (nick.papanikolaou@hp.com )

                          Projects in this group so far: ANIKETOS, ENDORSE, POSECCO, MASSIF,
                          COMIFIN,TAS3,SecureChains

                          Topics on which projects can collaborate:

                          •   Theoretical topics
                          •   Languages, formalisms
                          •   Validation, verification
                          •   Interoperability
                          •   Frameworks
                          •   Policy refinement
                          •   Conflict resolution
                          •   Applications/Practical aspects
                          •   Decision support
                          •   Automatic Run-time Configuration of Policies for mitigation of attacks
                          •   Privacy Policies

                          Effectsplus Special Interest Group on Monitoring - led By Roberto Baldoni
Roberto Baldoni           (baldoni@dis.uniroma1.it)

                          Projects in this group so far: VIS-SENSE, MASSIF, COMIFIN, SYSSEC, WSAN4CIP,
                          ANIKETOS,DEMONS,TWISNET

                          Topics on which projects can collaborate:

                          •   Event-based architecture
                          •   Pattern detection
                          •   Performance
                          •   Privacy-preserving computation
                          •   Applications - event-based platforms, intrusion detection


                          For more information on these Special interest groups, please contact the group leaders above.




                                                                                                         Clustering
                                                                                                                              14
Trust and Security Research Roadmap Session.

                       A follow up roadmapping session took place on the 5th July . Here Mr Papanikolaou presented the
                       key themes identified in the first draft of the Trust and Security Research Roadmap, namely, the
Nick Wainwright (HP)   report titled "Trust and Security in the Future Internet: Setting the Context", which was created
Hewlett Packard Ltd
                       after the 1st Technical Cluster Meeting (29-30 March 2011).

                       The report identified challenges and potential solutions, societal shifts and changes of relevance,
                       and a vision for the future of the field. The content of the report was produced after processing
                       discussion points and project contributions made at EFFECTSPLUS meetings.

                       Some key discussion points included the following:

                       •   Changes for end-users: users' attitudes are changing constantly; users' physical and digital
                           lives are connecting seamlessly; users are controlling and regularly using more devices; users
                           are demanding the ability to personalise products and services.
                       •   Vision for end-users: users will have more privacy online; users will have a better understand-
                           ing of security and privacy risks.
                       •   Challenges for end-users: enabling users to better understand and control security; handling
                           digital identities; dealing with privacy issues.
                       •   Some solutions for end-users: development of universally acceptable digital identifiers; educa-
                           tion of citizens.

                       We are planning to circulate improved versions of the report "Trust and Security in the Future
                       Internet: Setting the Context" and use it as the basis for the Trust and Security Research Roadmap.

                        A summary of the report will be produced in time for the forthcoming Future Internet Assembly
                       in Poznan. At FIA Poznan there will be a session dedicated to the FIA Research Roadmap and we
                       will draw attention to the trust and security aspects, soliciting additional comments and input to be
                       provided in electronic form by participants after the conference.

                       Presentation slides from this session can be viewed
                       http://www.effectsplus.eu/2nd-cluster-meeting-reports-and-presentations/ .




                                                                                                        Clustering


                                                                                                                               15
Trust and Security Roadmapping Session
                                             (Effectsplus Clustering Meetings, Brussels, 4-5 July 2011)
                                              Summary of Remarks Made by Jesús Villasante (EC)
Jesus Villasante
European Commission

Head of Trust & security
Unit F5                    Jesús Villasante actively participated in the roadmapping presentation session and commented
                           on the overall importance of the roadmapping activity. The roadmap should contain content that
                           is compelling and novel, in particular, going further than most existing prior roadmaps. Al-
                           though we will necessarily include some technical content and commentary, there is a need to
                           balance technical material with a discussion of higher level issues and how research in the trust
                           and security space can be aligned with the Commission’s strategic objectives.

                           Other remarks made by Mr Villasante which are relevant to the roadmapping activity include
                           the following.

                           There are numerous forward-looking policy documents already in circulation, including cyber-
                           security strategy papers from many geographical areas, which address the same areas we are
                           currently addressing in the Trust and Security Research Roadmap; by comparison, our roadmap
                           needs to cover these areas in more technical detail.

                            For instance, while ‘privacy by design’ is a notion frequently mentioned in other roadmaps, we
                           should explain it carefully and give an indication of how it can be implemented in practical
                           terms. Jesús Villasante stressed it is explanations that are useful to policymakers, who need to
                           understand not only the ‘what’, but the ‘why’ and ‘how’ of key technologies. We should not
                           underestimate the level of understanding of the policy makers in the more technological topics.

                           In September 2011, roadmaps will be delivered from various projects (including Effectsplus,
                           NESSOS, TDL, and others). The September 2011 deadline is crucial, as it ensures that the docu-
                           ments will be available in time for debates around future funding programmes, and, in particu-
                           lar, in time to shape Framework Programme 8.

                           In closing, Mr Villasante reiterated that this roadmap should go further and deeper than similar
                           efforts so far, he suggested that future roadmapping discussions should attempt to produce a
                           coherent vision of the future, especially for the next 10-20 years.




                                                                                                          Clustering


                                                                                                                               16
Innovation Potentials and gaps for FP7 Trust and
                       Security Projects

                       Speaker : Bruno Crispo ( University Trento)
Bruno Crispo (UNITN)
                       Mr Crispo commenced his presentation with an overview of the target of the Analysis. Here the
                       focus was mainly on Call 1 research projects that have been completed and finalised to analyse
                       and identify actual outcomes and impacts from the research activities that can possibly link to the
                       digital agenda or have potential for follow up activities in the next call or within the market place.

                       Mr Crispo described the methodology used to complete such an analysis this involved, examina-
                       tion of publishable summaries, interviews with project coordinators, analysis of deliverables iden-
                       tified by project/technical coordinators and a top down analysis of the digital agenda.

                       The presentation then continued with an overview of the preliminary findings coming from the
                       analysis to date covering Direct V’s indirect target Industries, Direct Industries, Indirect target
                       Industry ,Innovation Issues, potential contribution to digital agenda, Gaps bridging measures. For
                       more details on these topics, please refer to the accompanying slideset.

                       Mr Crispo closed his presentation session with a summary of the analysis work in progress

                           •    Research Results potential for EU-wide policy area
                                    Extracted 2-3 results from each project still need systematization
                           •    Bottom-up analysis of Digital Agenda by project coordinators
                                    Partial feedback to be systematized
                           •    Review by interested parties
                                    If you would like to contribute
                                              Mail to comper@disi.unitn.it


                       Supporting slideset for this presentation can be viewed
                       http://www.effectsplus.eu/files/2011/08/Innovation-Potentials_Gaps_FP7.pdf




                                                                                                         Clustering


                                                                                                                                17
Effectsplus 2012 Wider Collaboration event

     Cyber-Security and Privacy EU Forum—CSPEF 2012

Effectsplus on behalf of Unit F5 Trust and Security , is organising a wider collaboration/trust and
Security Forum event in 2012. (cyber-Security and Privacy EU Forum—CSPEF 2012) . This is
planned to take place in Berlin on 24th and 25th April 2012. the target audience of this event will
be industry/ academia/agencies/ external trust and security initiatives.

This event will have two main objectives

Objective 1 : Impact and alignment

Objective 2 : Efficiency and Effectiveness (working well as a community)

Day 1 will focus on – objective 1 : The impact of trust and security technology in the real world –
the links between R&D results and policy, societal challenges… It is planned to incorporate the
following aspects during day 1 of the event programme.

    •    Selected keynote speakers

    •    Panel discussions ( mix of industry/academic experts)

    •    Tutorial workshops

    •    Security research demonstrators (showcase concrete results of as many successful pro-
         jects )

Day 2 will focus on - Clustering, structuring of research efforts for better results and for facilitat-
ing innovation. Focusing on

•   Cross –topical workshops

•   Research project specific workshops


Planning is underway with a dedicated organising committee, in the coming months a call for
contributions will be available and will be widely disseminated to all the main key players in the
security space. More information will be disseminated to the Effectsplus email lists and also to the
uploaded to the Effectsplus website, once available, stating upcoming Calls and submission dead-
lines.
Supporting slideset can be viewed
http://www.effectsplus.eu/files/2011/08/CSPEF-2012_planning.pdf



                                                                                       Clustering


                                                                                                          18
Head Of Unit F5 Jesus Villasante: Closing Speech
                            During the Effectsplus wrap up session on July 5th 2011, Mr Jesús Villasante, closed the Effects-
Jesus Villasante
                            plus cluster event with the following main comments.
European Commission
Head of Trust & security
                            Mr Villasante was impressed by the practical approach that Effectsplus has taken with its cluster-
                            ing activities. He commented that there is a very friendly atmosphere amongst the attendees and
Unit F5                     fruitful participation during the event cluster working group sessions.

                            Mr Villasante had the following four main points to address in his closing comments.

                            Collaboration: He stated that currently collaboration is progressing very well, with clear identifi-
                            cation of common topics and interests amongst the participating research projects and attendees,
                            and he would encourage such positive interactions to continue and expand as necessary in the fu-
                            ture.

                            Impact – Mr Villasante commented that we need to identify the outcomes of the call 1 projects
                            following their completion and have to work to show how their valuable research and outcomes
                            van be made more visible . It is not always easy to show clear outcomes following the finalisation
                            of a project. Sometimes they are instruments to enable further follow on research avenues. But we
                            need to continue to work to improve the outcome and impact from our research activities, this is an
                            important aspect that we need to focus on in the future .


                            Visibility - Effectsplus planned “Cyber-Security and Privacy EU Forum CSPEF 2012” confer-
                            ence in April 2012 is an excellent opportunity. Mr Villasante commented that everyone's needs to
                            actively think about how it can be a success for your project and your customers, ensuring that the
                            right people from the right areas will be in attendance. This conference will be a milestone for all
                            security research projects, and something that we can build upon in future years to come. The EC
                            will fully support Effectsplus for this event. The CSPEF 2012 event will be timely as discussions
                            on FP8 will be coming to an end at that time for H2020 and it will be an occasion around this date
                            in 2012 to contact the national delegates to reinforce the message that trust and security is a key
                            issue and we need to put more emphasis on it.

                            For the future – Regarding the future, Mr Villasante remarked on Call 8 . In Call 8 – 80M euros
                            will be invested from the European Commission. It is a key opportunity to redirect what we are
                            going to do in the next 5 years. It is important to structure proposals to highlight main areas to
                            explore. If potential proposes can have discussions prior to the call that would reduce the frag-
                            mentation of the proposals, and that would be deemed to be very useful. Activities Effectsplus are
                            doing here is instrumental here in doing this. We should have a structure around this activity.
                            Mr Villasante concluded, with his continued support towards the Effectsplus collaboration activi-
                            ties, encouraging projects to continue and increase their level of activity here. To wrap up the ses-
                            sion Mr Villasante openly asked participants What other support they require from EC Unit F5?
                            Can we (EC) do more? He welcomed suggestions and feedback .




                                                                                                             Clustering


                                                                                                                                    19
FIA related activities : Trust and security



 FIA Book : Planning for the next FIA Book has commenced with the organising committee. You
can expect call for contributions in the coming months.



 FIA newsletter

 If any trust and security research projects have

 1.   News items

 2.   Dissemination of upcoming events

 3.   Reports for Dissemination




 Please consider writing a short paragraph and submitting to the FIA newsletter.

 Next FIA newsletter is planned for September 2011, calls for submission end of August.

 Cluster event wrap up slide set can be viewed

 http://www.effectsplus.eu/files/2011/08/next-meeting-_wrap-up.pdf




 Contact : fcleary@tssg.org and we will include such items for dissemination.




                                                                                   Clustering


                                                                                                20
Effectsplus Future Events


•   Effectsplus Next clustering Event will take place at HP, premises in Bristol, UK in
    February 2012. Further details will be available on the Effectsplus website in the
    coming months.

•   Cyber-Security and Privacy EU Forum—CSPEF 2012 , will take place in Berlin, 24th & 25th
    April 2012, more details will be available in the coming month on the Effectsplus website
    www.effectsplus.eu




                     F o r m o r e i n f o rm a t i o n

                     Please see Effectsplus Website http://www.effectsplus.eu/


                     For further details please
                     contact Effectsplus coordinator
                     Frances Cleary
                     Waterford institute Of technology—TSSG
                     (fcleary@tssg.org)




                                                                                 Clustering
                                                                                                21
APPENDIX A Agenda
 Monday , July 4th , 2011




  Tuesday, July 5th , 2011




                             Clustering
                                          22
Appendix B: Registered Attendees
Attendee                       Project/ Other
Name
Cleary, Frances                effectsplus coordinator
Jefferies, Nigel               Effects+
Damiani, Ernesto                UNIMI
McLaughlin, Mark               ENDORSE
Kotenko, Igor                  Massif
Vinagre, Isabel                Effectsplus
Howker, Keith                  Effectsplus
Rieke, Roland                  MASSIF
Soria-Rodriguez, Pedro         MASSIF
Larsson, Mats B-O              VIKING
Papanikolaou, Nick             Effectsplus
Presenza, Domenico             ASSERT4SOA
Peter, Steffen                 WSAN4CIP,Tampres
Surridge, Mike                 SERSCIS
Leijtens, Arthur               Actor ~ TDL
Sommestad, Teodor              VIKING - EA models and analysis
Plate, Henrik                  Posecco
Casalino, Matteo               PoSecCo
Lioy, Antonio                  POSECCO / TCLOUDS / WEBINOS
Olivier, BETTAN                PoSecCo
baldoni, roberto               comifin
Olkkonen, Kaisa                 Nokia
Davey, James                    Fraunhofer
Villasante, Jesus              European Commission
Markatos, Evangelos            SysSec

Howker, Keith                  effectsplus
Alan Yeung                     -
Llewellyn-Jones, David         Aniketos
Dlamini, Bheki                 internet networking
Ludwig, Mike                   TwisNet
Ponta, Serena                  PoSecCo
Paci, Federica                 Secure Change
Wolkerstorfer, Peter           uTRUSTit
Gran, Glenn                    GINI-SA
Meland, Per Håkon              Aniketos
Wainwright, Nick               Effectsplus
Bezzi, Michele                 Effects+
Levitt, Karl                    -
Mallery, John                   -
Badii, Atta                    MOSIPS
Martinelli, Fabio              NeSSos
Shiu, Simon                     HP
Tiemann, Marco                 HYDRA Middleware

                                                                 Clustering
                                                                              23
Appendix C: Cluster Participants


                  Services & Cloud Cluster Participants
Name                                   Organisation
Isabel Vinagre                         ATOS
Peter Wolkerstorfer                    CURE
Nick Papanikolaou                      HP
Michele Bezzi                          SAP
Serema Ponta                           SAP
Henrik plate                           SAP
Masco Tiemann                          Uk Reading
Kaisa Olkkonen                         NOKIA
Crispo Bruno                           UNITN
Fabio Martinelli                       CNR

Per Hakon Meland                       SINTEF
Pedro soria Rodriguez                  ATOS
Glenn Gran                             IKED
Ernesto Damiani                        UNIMI
Frances cleary                         WIT-TSSG


          Systems and Networks Cluster Participants
Name                                   Organisation
Keith howker                           WIT-TSSG
Roberto baldoni                        UniRomai
Olivier bettan                         Thales
Mike Surridge                          IT Innovation
Domenico Presenza                      Engineering IT
James Davey                            Fraunhofer IGD
Matteo Casalino                        SAP
Federica Paci                          UNITN
Antonio Lioy                           Polito
Teodor sommestad                       KTH
Mats B-O larsson                       MML AB
Evangelos marketos                     Forth
David Lewellyn-Jones                   LJmn
Steffen Peter                          IHP
Mark Mc loughlin                       WIT-TSSG
Nigel Jefferies                        Huawei
Roland Reike                           Fraunhofer SIT



                                                          Clustering
                                                                       24
APPENDIX D Cluster Communication


Dedicated email lists and LinkedIn Groups have been setup to support the activities of the defined clusters.

Services and clouds cluster

Subscription to this cluster email list via the following link
http://listserv.tssg.org/mailman/listinfo/ts-services_cloud

Cluster LinkedIn Group: http://www.linkedin.com/e/rdhgt3-gk6q5r9l-3e/vgh/3788378/

Systems and networks cluster

Subscription to this cluster email list via the following link :
http://listserv.tssg.org/mailman/listinfo/ts-systems_networks

Cluster LinkedIn Group: http://www.linkedin.com/e/rdhgt3-gk6qqejg-16/vgh/3788408/

Networking and coordination cluster

Subscription to this cluster email list via the following link :
http://listserv.tssg.org/mailman/listinfo/ts-networking_coordination

Cluster LinkedIn Group: http://www.linkedin.com/e/rdhgt3-gk6qxudg-3h/vgh/3788418/




                                                                                Clustering
                                                                                                     25
APPENDIX E : Cloud & Services Workshop on
   Software Assurance & Trust
Aniketos: Supporting trustworthy and secure composition in service and cloud environ-
ments
Per Håkon Meland, David Llewellyn-Jones, Erkuden Rios Velasco


For some time the trend in provision of functionality in networked environments has been towards
the use of services that offer self-contained capabilities, but which can be composed in various
ways in order to provide richer services to end users. Moving from today’s static compositions,
we will in the Future Internet see a more dynamic mix and match of cloud and non-cloud services
depending on service availability, quality, price, trustworthiness and security features. Neelie
Kroes, Vice-President of the European Commission and responsible for the Digital Agenda, re-
cently stated that2“We want to extend our research support and focus on critical issues such as
security and availability of cloud services.” The main objective of Aniketos is to help establish
and maintain trustworthiness and secure behaviour in a dynamically changing environment
of composite services. In order to achieve this objective, a multi-disciplinary effort involving
research and industrial partners is currently tackling the following challenges.
Trust in the Internet of services: There must be some acceptable trust relationship between the
different actors in a composite service. Aniketos will offer a way of expressing different aspects
of trustworthiness and provide design-time and runtime modules for evaluating and moni-
toring the trust level between service stakeholders.
Secure service composition at design-time and runtime: Trust alone does not guarantee a se-
cure service, service components are bound to change and absolute security is an impossible goal.
To achieve an open and secure service ecosystem in the Future Internet, we need to assure all par-
ties about expected behavior and usage terms. A Service Level Agreement (SLA) is a common
way to specify the conditions under which a service is to be delivered, but unfortunately, security
is not provided or used as a contract term in existing SLAs. Aniketos is developing security
SLAs that make it possible to create and monitor composite services where strong trust rela-
tionships do not exist beforehand.
Threat detection and response: According to the FORWARD3initiative by the European Com-
mission: “identifying the adversarial model and anticipating emerging threats is the first step that
is necessary to build a secure, future Internet”. Service providers will have to deal with a fluctuat-
ing threat picture; the users will be in changing operating conditions, new attack methods will
emerge, and the services themselves may contain vulnerabilities that result in information leakage
or open back-doors. To be prepared for the future, Aniketos is investigating threats to com-
posite services in order to understand their nature and how to deal with them.
Societal acceptance and effective security: Trust and security are not only technical matters, but
depend heavily on the human factors in order to be effective in everyday use. Though a composite
service might be complex, the service end user should have an easy and understandable way of
relying on its trustworthiness. Aniketos will contribute to a user-centred view on service trust
and security by investigating user acceptance and their practical usability through case
studies for future European services.




                                                                                     Clustering
                                                                                                         26
uTrust-It: Usable Trust in the Internet of Things
Peter Wolkerstorfer, wolkerstorfer@cure.at, CURE

We present uTRUSTit, a 3-year project funded by the EC. Built around 3 main scenarios
(smart home, smart office, e-voting) the aim of uTRUSTit is to close the loop of trust
between the technological and psychological layers in the IoT. To achieve this objective
uTRUSTit will provide a “trust feedback toolkit”. The toolkit aims at enhancing user
trust perception. Usable trust – as defined in the project – is the basis for users to decide
if they want to use a certain IoT technology or not, hence it is about technology accep-
tance (If users don’t trust a certain technology they will reject to use it). In uTRUSTit we
use a user-centric procedural approach based on the user-centric design process defined
in ISO/TR 16982:2002: Usability methods supporting human-centred design to create
human-centric trustworthy solutions for the internet of things (IoT).
The presentation focuses on human-computer interaction (HCI) work in the project and
presents two results: on the one hand we show which Personas we created for the project
to support user-centric development. Personas are a nearly none-intrusive method to raise
empathy for the users of technological artefacts during the development to ensure usable
outcome. On the other hand we explain how we extended the requirements engineering
process with focus groups to include the „usable trust“ elements on a methodological
basis.
We conclude with an outlook to the challenges we expect. The three main HCI chal-
lenges we see are: reduction of complexity in interaction mechanisms and processes, re-
search in trust, and research in the underlying cognitive-psychological mechanisms – the
research on mental models.

Posecco: “Leveraging Security Models to Automate Audits and Improve
their Level of Assurance”
(Serena Ponta)

Audits allow gaining assurance about the existence and effectiveness of controls to meet certain
objectives, e.g., security objectives motivated by an organization’s business risks or legal environ-
ment. Though auditing standards and frameworks such as SAS70 and COBIT provide guidelines
for performing auditing activities in a standard and repeatable way, the process of collecting and
evaluating information about the auditee’s business, systems, and risks is still a mostly manual
activity, thus subject to individual discretion. Complementary to these high-level, risk-driven au-
dit standards, the Security Content Automation Protocol (SCAP) is a suite of specifications to
cope with the need for security automation on the lower, technical level. Besides well-known
standards for vulnerability enumeration and measurement (CVE, CVSS), SCAP also includes
specifications which allow to (i) automate checks for known vulnerabilities, (ii) automate the veri-
fication of security configuration settings, and (iii) generate reports that link low-level settings to
high-level requirements.

The PoSecCo project aims at establishing and maintaining a traceable link between high-level,
business-driven security and compliance requirements and low-level technical configuration set-
tings of individual services through landscape-aware security models. A natural question is how
the SCAP emerging standards together with the knowledge about the landscape and its security
requirements can be used to improve the effectiveness and efficiency of the current auditing prac-
tices. In this talk we illustrate how SCAP standards together with comprehensive security models
can support different phases of an audit process by (i) facilitating the information retrieval by
auditees and auditors to build an audit program and (ii) increasing efficiency and/or assurance of
activities performed during the execution of that audit program.                       Clustering         27
Assert4SOA: Advanced Security Service Certificate for SOA
(Ernesto Damiani)
You live in a certified house,
you drive a certified car,
why would you use an uncertified service?

The term "certification" has several different meanings in ICT. Software practitioners can earn a
certificate for expertise in a certain hardware or software technology. The maturity of crucial IT
processes, such as software development, can be and is often certified. Even individual software
systems can be certified as having particular non-functional properties, including safety, security
or privacy. However, the latter type of certification (e.g. Common Criteria) has had only a limited
use to this day. Current trends in the IT industry suggest that software systems in the future will be
very different from their counterparts today, due to greater adoption of Service-Oriented Architec-
tures (SOAs) and the wider spread of the deployment of Software-as-a-Service (SaaS).

These trends point to large-scale, heterogeneous ICT infrastructures hosting applications that are
dynamically built from loosely-coupled, well-separated services, where key non-functional prop-
erties like security, privacy, and reliability will be of increased and critical importance. In such
scenarios, certifying software properties will be crucial. Current certification schemes, however,
are either insufficient in addressing the needs of such scenarios or not applicable at all and thus,
they cannot be used to support and automate run-time security assessment.

As a result, today’s certification schemes simply do not provide, from an end-user perspective, a
reliable way to assess the trustworthiness of a composite applications in the context where (and at
the time when) it will be actually executed.

ASSERT4SOA will fill this gap by producing novel techniques and tools – fully integrated within
the SOA lifecycle – for expressing, assessing and certifying security properties for complex ser-
vice-oriented applications, composed of distributed software services that may dynamically be
selected, assembled and replaced, and running within complex and continuously evolving soft-
ware ecosystems

NESSoS : “A General Method for Assessment of Security in Complex Ser-
vices”
(Fabio Martinelli)

Abstract:
NESSoS is a project devoted to perform research activities on engineering secure and trustworthy
Future Internet Services. The ares of interest is very broad. In the workshop, we present a paper
with focus on the assessment of the security of business processes. We assume that a business
process is composed from abstract services, each has several concrete instantiations. Essential
peculiarity of our method is that we express security metrics used for the evaluation of security
properties as semirings. First, we consider primitive decomposition of the business process into a
weighted graph which describes possible implementations of the business process. Second, we
evaluate the security using semiring-based methods for graph analysis.
Finally, we exploit semirings to describe mapping between security metrics which is useful when
different metrics are used for the evaluation of security properties of services.




                                                                                    Clustering
                                                                                                         28
APPENDIX F : Systems and Networks
Workshop on models

Objectives of the Systems & Networks Cluster
   W orkshop on Models
Presentation: Roland Rieke, pro ject EFFECTS+/MASSIF

     The vision of the Future Internet, where multiple services are transpar- ently and
seamlessly mixed, already created a paradigm which promises to largely enrich our abil-
ity to create new applications and businesses within this new environment. But this
paradigm also enables new possibilities for threats and scales up the risks of financial and
also physical impact. In many cases, the information itself will be the essential product
which deserves to be protected, in the Internet of Things however, real and virtual cyber-
physical resources deserve our attention.
     Various projects in the ICT Framework Programme are currently using “Models” of
different kinds in order to assess upcoming security and privacy challenges as well as miti-
gation strategies w.r.t. their possible impact.
     The Effectsplus FP7 funded Coordination & Support Action, within the activity of
Systems and Networks cluster, organises this workshop, which aims to provide a forum
for discussing the different approaches of projects in this area.
     At the end of the workshop, we expect to have a better understanding of possible ar-
eas of collaboration among projects. Specifically, we are interested to find out, which con-
crete models are publicly available and re-usable in related projects, the gaps between
existing approaches and promising areas for future research.




                                                                          Clustering
                                                                                               29
Analytical attack modeling and security eval-
  uation in MASSIF
Presentation: Igor Kotenko, pro ject MASSIF

     The talk suggests the common approach, architecture and main models for analytical
attack modeling and security evaluation investigated in the EU FP7 MASSIF Project. The
approach is based on processing current alerts, modeling of malefactor’s behavior, gener-
ating possible attack subgraphs, cal- culating different security metrics and providing com-
prehensive risk analysis procedures.
     Key elements of suggested architectural solutions for attack modeling and security
evaluation are using security repository (including system con- figuration, malefactor
models, vulnerabilities, attacks, scores, countermea- sures, etc.), effective attack tree gen-
eration techniques, taking into account as known as well as new attacks based on zero-day
vulnerabilities, stochastic analytical modeling, combined use of attack graphs and service
dependency graphs, calculation metrics of attack and security countermeasures (including
attack impact, response efficiency, response collateral damages, attack po- tentiality, at-
tacker skill level, etc.), interactive decision support to select the solutions on security
measures/tools by defining their preferences regarding different types of requirements
(risks, costs, benefits) and setting trade-offs between several high-level security objectives.
     This talk considers shortly the analysis of state-of-the-art in attack mod- eling, main
functional requirements and essence of the approach to analytical attack modeling, main
models as well as generalized architecture of Attack Modeling and Security Evaluation
Component (AMSEC) suggested to be developed and implemented in MASSIF project.




                                                                            Clustering
                                                                                                  30
Enterprise Architecture Models for Secu-
   rity Analysis
Presentation: Teodor Sommestad, pro ject VIKING

     Enterprise architecture is an approach to management of information systems, in-
cluding control systems, that relies on models of the systems and their environment.
This section briefly outlines the structure of the work carried out by the VIKING project
on the topic of cyber security analysis and modeling. It combines attack- and defense
graphs with Bayesian statistics and enterprise architecture modeling.
     Attack graphs are a notation used to depict ways that a system can be attacked. It
shows the attack steps involved in attacks (nodes) and the dependencies that exists
between them (arcs). Defense graphs extend this notation by including security measures
in the graph to represent the attack steps they influence. Both of these notations can be
used to create mod- els over systems and to assess the system’s security, e.g. by assess-
ing if a particular attack is possible, given that the graph is parameterized.
     The VIKING project has produced a tool where defense graphs are pro- duced pro-
grammatically from a model of an information system or control system and its environ-
ment. A user of this tool produces architectural draw- ings of their enterprise (e.g. in-
cluding network zones, machines, services, security processes executed) and the based on
this the tool generates a de- fense graph that represent this specific enterprise’s situation.
Based on logical relationships and quantitative data collected from literature and domain
ex- perts the user can also calculate approximate values for the probability that an at-
tempted attacks would succeed against the system.
     The workshop in Amsterdam will present the work done in VIKING on Enterprise
Architecture Modeling and how we believe the research work can extended to practical
tools to evaluate existing and new control system for security and to do ”what-if” stud-
ies on different control system configura- tions.




                                                                           Clustering
                                                                                                 31
Virtual City Simulator (ViCiSi)
     Presentation: Mats B-O Larsson, pro ject VIKING

    One of the main objectives of the Viking project is to assess the cost to the society
coming from power outages. In order to do this a virtual society simulator has been de-
veloped. The virtual society is created by the Viking City Simulator, ViCiSi. In short
ViCiSi is creating a virtual society, with all necessary functions, and it is based on pa-
rameters from the EU database Eurostat. ViCiSi can be parameterized to any country in
EU country plus Switzerland and Norway.
    In summary ViCiSi is:

    • A virtual society with all necessary infra-structure built on blocks, apartments,
      streets, etc.

    • With companies, public and private service operations producing wel- fare

    • With people living in the city consuming welfare.

    • Includes a distribution electrical grid with all common voltage levels to give realistic
       load curves

    • Calculates the activity in the society at all moments, in terms of Busi- ness Activity

    • Calculates cost for power outages as lost GDP

    • Can scale to all EU countries

    In the workshop in Amsterdam we will present the ViCiSi. We will show how it is
designed, how it can used to calculate societal costs at power out- ages, how we present
the results and how ViCiSi will be integrated into the VIKING Test bed.




                                                                            Clustering
                                                                                                 32
BlockMon: a framework for Distrib-
      uted Network Monitoring and Real-Time
      Data Intensive Analysis
Presentation: S. Rao, pro ject DEMONS

    DEMONS project will address the ‘decentralised, cooperative and privacy preserving
monitoring for trustworthiness’. The monitoring scenario of the system architecture tar-
gets both intra-domain and inter-domain aspects.
    Intra-domain monitoring, primary requirements here being scalability, resilience and
innetwork distribution of monitoring tasks; performance effec- tiveness in terms of detec-
tion and mitigation reaction time; and authorized and controlled access to monitoring
data in accordance to domain-specific operational workflow processes and policies;
    Inter-domain monitoring, core requirement here being the tight con- trol of inter-
domain cooperation in terms of which monitoring data is ex- changed and under which
conditions, which protocols should be used for guaranteeing inter-domain inter-
operability, and how to exploit and support advanced cryptographic data protection tech-
nologies for improving inter- domain cooperation ability and permitting secure joint
analysis and com- putation over monitoring information provided by the multiple in-
volved do- mains.
    The presentation will address the BlockMon Monitoring Overlay (BMO) monitoring
infrastructure chosen as the basis of the DEMONS’ Measurement Layer and Coordination
Layer for what concerns the intra-domain monitoring scenario. The internet Exchange
Point (IXP) will coordinate across inter- domains.




                                                                        Clustering
                                                                                             33
Ontologies in ASSERT4SOA
Presentation: Domenico Presenza, pro ject ASSERT4SOA

     The presentation intend to deal with the use of ontologies in the context of the AS-
SERT4SOA Project.
     ASSERT4SOA Project aims to produce novel techniques and tools for expressing,
assessing and certifying security properties for service-oriented applications, composed of
distributed software services that may dynami- cally be selected, assembled and re-
placed, and running within complex and continuously evolving software ecosystems.
     ASSERT4SOA Advanced Security Certificates (a.k.a. ASSERTs) are ma- chine read-
able documents stating that a given Web Service has a given Se- curity Property.
     An ASSERT also contains a model of the service and a ”proof” that can be used
by the requesters of that Web Service to re-check the asserted Security Property. Based
on the type of provided proof, three different types of ASSERT will be considered: evi-
dence-based ASSERT (a.k.a. ASSERT- E), ontology-based ASSERT (a.k.a. ASSERT-O)
and model-based ASSERT (a.k.a. ASSERT-M)
     The use of OWL-DL Ontologies within ASSERT4SOA is twofold: (1) to investigate
the use of an ontology-based approach to describe security properties of services (2) to
enable the interoperability and comparison of the other kinds of ASSERTs.
     The envisaged ASSERT4SOA Ontology will contain the description of both general
concepts and ASSERT specific ones. The instances of all types of ASSERTs will refer the
terms defined in the ASSERT4SOA Ontology.
     Within the ASSERT4SOA Ontology concepts are represented as OWL- DL classes
thus allowing to express decision problems about ASSERTS (e.g. mapping between differ-
ent kind of ASSERTs) as Description Logic inference problems (e.g. Class Expression
Subsumption).




                                                                           Clustering
                                                                                              34
Managing Security and Changes at Model
      Level throughout the whole System Engi-
      neering Process
Presentation: Federica Paci, pro ject NESSoS/SecureChange

     Security engineering is not a goal per see. Security applies to a system or software,
whether large IT or embedded system, which must itself be engineered. Security engi-
neering must therefore comply with the constraints and pace of the mainstream system /
software engineering processes, methods and tools. Assuming a model driven approach to
the mainstream system / software engineering, we explain how to support evolution while
maintaining security at all levels of the system / software development process, from
requirements engineering down to deployment and configuration.
     A system / software lifecycle typically has seven phases: (i) specification, (ii) design,
(iii) realisation or acquisition, (iv) integration and verification, (v) validation and de-
ployment, (vi) operation and maintenance, and (vii) disposal. In some cases, a sys-
tem / software may occupy several of these phases at the same time. Security engineer-
ing can be conducted regardless of the system / software lifecycle phase; however the
pursued goals may significantly differ (see Figure 1).
     During the specification phase, the main goal of security engineering is to influence
the definition of the system / software requirements, and thus gain early assurance that
the proposed architectural solution is sound with respect to security concerns. This step
encompasses customer security need elicitation and early risk assessment. This early ap-
proach contrasts sharply with current-day practices in which risks are only analysed
when require- ments have been elicited, and sometimes even later, when the main system
design is frozen or developed.            With standard approaches: (i) safeguards may be
very expensive to implement; (ii) some elicited requirements may reveal themselves as
too risky to be fulfilled; (iii) some requirements may be error-prone; (iv) locally designed
safeguards to cope after hand with risky requirements may obstruct the fulfilment of
other requirements.




                                                                           Clustering
                                                                                                 35
PoSecCo Models
Presentation: Antonio Lioy, pro ject PoSecCo

     PoSecCo aims at addressing some of the main service provider challenges for the vi-
ability of Future Internet (FI) applications, that will see dynamic compositions of ser-
vices providing a broad diversity of functions, starting with business functionality down
to infrastructure services. In fact, in a FI scenario, service providers will need to achieve,
maintain and prove compli- ance with security requirements stemming from internal
needs, third-party demands and international regulations, and to cost-efficiently manage
poli- cies and security configuration in operating conditions.
     PoSecCo overcomes this by establishing a traceable and sustainable link between
high-level requirements and low-level configuration settings through decision support sys-
tems. To achieve this goal a consistent effort is being put into system and network model-
ling, whose main purpose is to create a set of meta-models and a security ontology that
will be presented at the Network and System Workshop.
     First of all, reaching the PoSecCo objectives requires the modelling of FI services, a
challenge that PoSecCo is addressing through a refinement loop between the Service Pro-
vider partners, providing the requirements ensuring the practical usage, and academia
ensuring the self- coherence, extensibility and the possibility to be formally used.
     The result is the functional system meta-model, including a business and an IT layer.
Moreover, since services will be actually implemented on existing (physical or virtual) net-
worked systems, the functional system meta-model includes an infrastructural layer that
refers to a landscape meta-model.
     Also the policy is represented at three different layers of abstraction, the business, the
IT and the landscape configuration layers, therefore the design of three policy meta-
models is in progress.
     The PoSecCo security ontology is being developed to vertically connect all the ab-
straction layers and horizontally connecting each abstraction layer with the corresponding
policy-meta model, and to enrich the knowledge of the systems using the expressive
power that ontologies can guarantee.




                                                                            Clustering
                                                                                                  36
Assessment models to Improve the Usabil-
      ity of Security in Wireless Sensor Networks
Presentation: Peter Steffen, pro ject WSAN4CIP/TAMPRES

     Wireless Sensor Networks play a major role in the Future Internet. They deliver data
that may influence important decisions in further process steps. To improve the security
and reliability as they are required for such networks, many protocols, algorithms, and ser-
vices have been proposed in recent years. The complexity of the approaches is often sig-
nificantly and the trade-offs are hardly understood by even by experts.           This is a
particular issue in projects such as WSAN4CIP (wireless sensor networks for critical infra-
struc- ture protection) where eventually domain experts apply networks in critical envi-
ronments.
     As solution we propose a model-based approach that maps requirements and system
properties on exchangeable security models, expressed in a flexi- ble meta-model-language.
The initial requirements are understood by users, and the system properties are assessed
based on properties of the individ- ual components, which can be stored in pre-
configured repositories.
     The exchangeable security models allow to focus on specific security aspects such as
vulnerabilities, attacks, or resistances.
     As example the models shall evaluate the effects of tamper resistant sensor nodes, as
they are investigated in the TAMPRES project. Naturally, the existence or non-
existence of such tamper resistance in the network alters the security properties of the
entire network and its application significantly. This has to be respected by the models.
     The model approach as well as the implications for the projects WSAN4CIP
and TAMPRES are addressed in the presentation.




                                                                          Clustering
                                                                                               37
Multi-Dimensional Clustering for the Pur-
         poses of Root-Cause Analysis
Presentation: James Davey, pro ject VIS-SENSE

     One of the goals of the VIS-SENSE project is to generate an overview of the mal-
ware and spam landscapes in the Internet. A major part of this process is root-cause
analysis, which is the search for and identification of coordinated criminal campaigns.
Through a better understanding of how these campaigns evolve over time, security ex-
perts should be able to improve the protection of their networks.
     When analysing the behaviour of spam or malware, a very large number of alerts are
collected every day. What constitutes an alert is defined by the data collection infrastruc-
ture used to collect information for the purposes of analyses. The alerts are the starting
point for our root-cause analysis.
     The next phase in the analysis process involves the generation of events, based on the
alerts. These events are essentially groups of alerts, together with some additional anno-
tations. The groups and annotations are derived with the help of rule-based or experi-
ence-based models.
     Events are the first level of aggregation in the root-cause analysis. While this aggrega-
tion does increase understanding of the threat landscape, it is not condensed enough to
provide an overview. To attain an overview, a further aggregation step is undertaken. In
this step, each feature of the events is first considered individually. Based on the data
type of the feature, similarity measures are chosen and, if necessary, parameterised.
             The feature-based similarities can be used to cluster events on a feature-by-
feature basis. These clusters provide clues for the specification of a multi-dimensional
similarity measure.                                                      With the help of
this measure, multi-dimensional clustering is possible.                  Visualizing the re-
sults of multi-dimensional clustering reveals a much more insightful overview of the origi-
nal malware and spam alerts.
     Many models exist for the feature-by-feature as well as for the multi- dimensional
similarity measures.                         The choice of models and their param- eteriza-
tion has direct implications for the results of the multi-dimensional clustering step. An
overview of these models will be presented, as well as a description of techniques for the
support of iterative visualisation and ad- justment of parameters. Through the targeted
use of visualization in the analysis process VIS-SENSE will assist the analyst in the gen-
eration of use- ful overviews of the threat landscape.




                                                                           Clustering
                                                                                                 38
Introducing the ENDORSE Privacy Rules
         Definition Language
Presentation: Mark McLaughlin, pro ject ENDORSE

     One of the core outputs of the ENDORSE project will be a Privacy Rules Definition
Language (PRDL). This language will allow organisations to cod- ify their data protection
and privacy operating policies regarding sensitive user data. PRDL will be used for
internal compliance and transparency with regard to external parties. The ENDORSE
system will use PRDL rules to ensure that personal data are processed legally and appro-
priately within the organisation in terms of access control and meeting obligations for
data handling over the lifetime of the data. ENDORSE is taking a model driven architec-
ture (MDA) approach to building the ENDORSE platform. As such, the definition of
PRDL is also crucial for generating many of the platform software components. An early
draft of the PRDL metamodel will be pre- sented.


  Collaborative Security for Protection of
Financial Critical Infrastructures: The Se-
mantic Room abstraction model
Presentation: Roberto Baldoni, pro ject CoMiFin

     The growing adoption of Internet in the financial ecosystem has exposed financial
institutions to a variety of security related risks, such as increas- ingly sophisticated cy-
ber attacks aiming at capturing high value and sensitive information, or disrupting service
operation for various purposes. To date, single financial institutions have faced individu-
ally these attacks using tools that re-enforce their defence perimeter (e.g.          intrusion
detection systems, firewalls). However, today’s attacks are more sophisticated making this
kind of defences inadequate. Attacks are typically distributed in space and time meaning
that they can be coordinated on a large scale basis and often con- sist of a preparation
phase spanning over days or weeks, involving multiple preparatory steps aiming at identi-
fying vulnerabilities (e.g., open ports). In order to detect these attacks a larger view of what
is happening in the Internet is required, which could be obtained by sharing and combining
the informa- tion available at several financial sites. This information must be processed
and correlated ”on-the-fly” in order to anticipate threats and frauds, and mitigate their
possible damages. Even though this sharing can result in a great advantage for financial
institutions, it should be carried out only on a clear contractual base and in a trusted
and secure environment capable of meeting privacy and confidentiality requirements of
financial institutions. In this context, the CoMiFin project, ended last April 2011, devel-
oped an open source middleware system for monitoring the Financial Critical In- fra-
structure domain. The system is currently a research prototype and has been demon-
strated in several occasions even to financial stakeholders such as SWIFT board members
and a number of Italian banks. It facilitates the shar- ing and processing of critical opera-
tional data among interested parties (e.g., financial institutions, telco providers, power
grid operators), and is utilized for timely activating local protection mechanisms. In doing
so, the CoMiFin project introduced a novel abstraction model named Semantic Room
(SR).
                                                                             Clustering
                                                                                                   39

More Related Content

Viewers also liked

Parcial power point herram web 2.0 25 jul
Parcial power point   herram web 2.0 25 jul Parcial power point   herram web 2.0 25 jul
Parcial power point herram web 2.0 25 jul Gloria Nelsy Zerda Diaz
 
Bic effectplus ws
Bic effectplus wsBic effectplus ws
Bic effectplus wsfcleary
 
DeMolay Conclave Opening
DeMolay Conclave Opening DeMolay Conclave Opening
DeMolay Conclave Opening Regan Bright
 
The french language
The french languageThe french language
The french languageJon Muir
 
Assert4soa 2nd cluster meeting
Assert4soa 2nd cluster meetingAssert4soa 2nd cluster meeting
Assert4soa 2nd cluster meetingfcleary
 
Comifin cluster meeting
Comifin cluster meetingComifin cluster meeting
Comifin cluster meetingfcleary
 
Nessos cluster meeting
Nessos cluster meetingNessos cluster meeting
Nessos cluster meetingfcleary
 
NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013
NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013
NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013eduardopulidosanchez
 
Viking vi cisi
Viking vi cisiViking vi cisi
Viking vi cisifcleary
 
T&s roadmap slides ams
T&s roadmap slides amsT&s roadmap slides ams
T&s roadmap slides amsfcleary
 
U trustit_cluster meeting
U trustit_cluster meetingU trustit_cluster meeting
U trustit_cluster meetingfcleary
 
Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1fcleary
 
Data Modelling and Knowledge Engineering for the Internet of Things
Data Modelling and Knowledge Engineering for the Internet of ThingsData Modelling and Knowledge Engineering for the Internet of Things
Data Modelling and Knowledge Engineering for the Internet of ThingsCory Andrew Henson
 
Internet of Things- Research Directions
Internet of Things- Research DirectionsInternet of Things- Research Directions
Internet of Things- Research DirectionsRavindra Dastikop
 
Отчет по коммуникационной политике банков в Интернете, 2012H1
Отчет по коммуникационной политике банков в Интернете, 2012H1Отчет по коммуникационной политике банков в Интернете, 2012H1
Отчет по коммуникационной политике банков в Интернете, 2012H1Natalia Deltsova
 

Viewers also liked (20)

HIPS Brochure
HIPS BrochureHIPS Brochure
HIPS Brochure
 
Parcial power point herram web 2.0 25 jul
Parcial power point   herram web 2.0 25 jul Parcial power point   herram web 2.0 25 jul
Parcial power point herram web 2.0 25 jul
 
Bic effectplus ws
Bic effectplus wsBic effectplus ws
Bic effectplus ws
 
DeMolay Conclave Opening
DeMolay Conclave Opening DeMolay Conclave Opening
DeMolay Conclave Opening
 
Yehyounewest2
Yehyounewest2Yehyounewest2
Yehyounewest2
 
The french language
The french languageThe french language
The french language
 
Assert4soa 2nd cluster meeting
Assert4soa 2nd cluster meetingAssert4soa 2nd cluster meeting
Assert4soa 2nd cluster meeting
 
Funcion renal
Funcion renalFuncion renal
Funcion renal
 
Comifin cluster meeting
Comifin cluster meetingComifin cluster meeting
Comifin cluster meeting
 
Nessos cluster meeting
Nessos cluster meetingNessos cluster meeting
Nessos cluster meeting
 
NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013
NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013
NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013
 
Viking vi cisi
Viking vi cisiViking vi cisi
Viking vi cisi
 
T&s roadmap slides ams
T&s roadmap slides amsT&s roadmap slides ams
T&s roadmap slides ams
 
U trustit_cluster meeting
U trustit_cluster meetingU trustit_cluster meeting
U trustit_cluster meeting
 
The super 6
The  super 6The  super 6
The super 6
 
Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1
 
Data Modelling and Knowledge Engineering for the Internet of Things
Data Modelling and Knowledge Engineering for the Internet of ThingsData Modelling and Knowledge Engineering for the Internet of Things
Data Modelling and Knowledge Engineering for the Internet of Things
 
Internet of Things- Research Directions
Internet of Things- Research DirectionsInternet of Things- Research Directions
Internet of Things- Research Directions
 
Presentacion en power point 2
Presentacion en power point 2Presentacion en power point 2
Presentacion en power point 2
 
Отчет по коммуникационной политике банков в Интернете, 2012H1
Отчет по коммуникационной политике банков в Интернете, 2012H1Отчет по коммуникационной политике банков в Интернете, 2012H1
Отчет по коммуникационной политике банков в Интернете, 2012H1
 

Similar to Effectsplus july event report

Models Workshop Objectives
Models Workshop ObjectivesModels Workshop Objectives
Models Workshop Objectivesfcleary
 
Dagrep v006-i009-complete
Dagrep v006-i009-completeDagrep v006-i009-complete
Dagrep v006-i009-completesandeep1721
 
Dagrep v006-i009-complete 2
Dagrep v006-i009-complete 2Dagrep v006-i009-complete 2
Dagrep v006-i009-complete 2sandeep1721
 
Seminar and workshop on Embedded Systems
Seminar and workshop on Embedded SystemsSeminar and workshop on Embedded Systems
Seminar and workshop on Embedded SystemsNAILBITER
 
User centric machine learning for cyber security operation center
User centric machine learning for cyber security operation centerUser centric machine learning for cyber security operation center
User centric machine learning for cyber security operation centerSai Chandra Chittuluri
 
Production-Ready_Microservices_excerpt.pdf
Production-Ready_Microservices_excerpt.pdfProduction-Ready_Microservices_excerpt.pdf
Production-Ready_Microservices_excerpt.pdfajcob123
 
NIST Special Publication 500-293: US Government Cloud Computing Technology R...
 NIST Special Publication 500-293: US Government Cloud Computing Technology R... NIST Special Publication 500-293: US Government Cloud Computing Technology R...
NIST Special Publication 500-293: US Government Cloud Computing Technology R...David Sweigert
 
Stanford Hospital Operating Room Case Study
Stanford Hospital Operating Room Case StudyStanford Hospital Operating Room Case Study
Stanford Hospital Operating Room Case StudyRachelle Lewis
 
Research Challenges Within Database Management
Research Challenges Within Database ManagementResearch Challenges Within Database Management
Research Challenges Within Database ManagementChristina Boetel
 
2019 Federal Cloud & Infrastructure Whitepaper
2019 Federal Cloud & Infrastructure Whitepaper2019 Federal Cloud & Infrastructure Whitepaper
2019 Federal Cloud & Infrastructure WhitepaperQuangNguyen757
 
Key Outputs of the E-CRIME project
Key Outputs of the E-CRIME projectKey Outputs of the E-CRIME project
Key Outputs of the E-CRIME projectTrilateral Research
 
Trends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMP
Trends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMPTrends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMP
Trends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMPChristian Esteve Rothenberg
 
Expert mining compsac-2014
Expert mining compsac-2014Expert mining compsac-2014
Expert mining compsac-2014GESSI UPC
 
s131478 - Master Thesis
s131478 - Master Thesiss131478 - Master Thesis
s131478 - Master ThesisTomas Miskinis
 
«Руководство по безопасности и защите персональных данных при использовании п...
«Руководство по безопасности и защите персональных данных при использовании п...«Руководство по безопасности и защите персональных данных при использовании п...
«Руководство по безопасности и защите персональных данных при использовании п...Victor Gridnev
 
Integration of technical development within complex project environment
Integration of technical development within complex project environmentIntegration of technical development within complex project environment
Integration of technical development within complex project environmentJacobs Engineering
 
Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...
Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...
Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...Carolin Weisser
 
The Cloudification Perspectives of Search-based Software Testing
The Cloudification Perspectives of Search-based Software TestingThe Cloudification Perspectives of Search-based Software Testing
The Cloudification Perspectives of Search-based Software TestingSebastiano Panichella
 
IT Carve-Out Guide by TUM university
IT Carve-Out Guide by TUM universityIT Carve-Out Guide by TUM university
IT Carve-Out Guide by TUM universityNaoufal El Jaouhari
 
Dee724 Advantages And Disadvantages
Dee724 Advantages And DisadvantagesDee724 Advantages And Disadvantages
Dee724 Advantages And DisadvantagesJennifer Landsmann
 

Similar to Effectsplus july event report (20)

Models Workshop Objectives
Models Workshop ObjectivesModels Workshop Objectives
Models Workshop Objectives
 
Dagrep v006-i009-complete
Dagrep v006-i009-completeDagrep v006-i009-complete
Dagrep v006-i009-complete
 
Dagrep v006-i009-complete 2
Dagrep v006-i009-complete 2Dagrep v006-i009-complete 2
Dagrep v006-i009-complete 2
 
Seminar and workshop on Embedded Systems
Seminar and workshop on Embedded SystemsSeminar and workshop on Embedded Systems
Seminar and workshop on Embedded Systems
 
User centric machine learning for cyber security operation center
User centric machine learning for cyber security operation centerUser centric machine learning for cyber security operation center
User centric machine learning for cyber security operation center
 
Production-Ready_Microservices_excerpt.pdf
Production-Ready_Microservices_excerpt.pdfProduction-Ready_Microservices_excerpt.pdf
Production-Ready_Microservices_excerpt.pdf
 
NIST Special Publication 500-293: US Government Cloud Computing Technology R...
 NIST Special Publication 500-293: US Government Cloud Computing Technology R... NIST Special Publication 500-293: US Government Cloud Computing Technology R...
NIST Special Publication 500-293: US Government Cloud Computing Technology R...
 
Stanford Hospital Operating Room Case Study
Stanford Hospital Operating Room Case StudyStanford Hospital Operating Room Case Study
Stanford Hospital Operating Room Case Study
 
Research Challenges Within Database Management
Research Challenges Within Database ManagementResearch Challenges Within Database Management
Research Challenges Within Database Management
 
2019 Federal Cloud & Infrastructure Whitepaper
2019 Federal Cloud & Infrastructure Whitepaper2019 Federal Cloud & Infrastructure Whitepaper
2019 Federal Cloud & Infrastructure Whitepaper
 
Key Outputs of the E-CRIME project
Key Outputs of the E-CRIME projectKey Outputs of the E-CRIME project
Key Outputs of the E-CRIME project
 
Trends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMP
Trends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMPTrends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMP
Trends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMP
 
Expert mining compsac-2014
Expert mining compsac-2014Expert mining compsac-2014
Expert mining compsac-2014
 
s131478 - Master Thesis
s131478 - Master Thesiss131478 - Master Thesis
s131478 - Master Thesis
 
«Руководство по безопасности и защите персональных данных при использовании п...
«Руководство по безопасности и защите персональных данных при использовании п...«Руководство по безопасности и защите персональных данных при использовании п...
«Руководство по безопасности и защите персональных данных при использовании п...
 
Integration of technical development within complex project environment
Integration of technical development within complex project environmentIntegration of technical development within complex project environment
Integration of technical development within complex project environment
 
Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...
Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...
Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...
 
The Cloudification Perspectives of Search-based Software Testing
The Cloudification Perspectives of Search-based Software TestingThe Cloudification Perspectives of Search-based Software Testing
The Cloudification Perspectives of Search-based Software Testing
 
IT Carve-Out Guide by TUM university
IT Carve-Out Guide by TUM universityIT Carve-Out Guide by TUM university
IT Carve-Out Guide by TUM university
 
Dee724 Advantages And Disadvantages
Dee724 Advantages And DisadvantagesDee724 Advantages And Disadvantages
Dee724 Advantages And Disadvantages
 

More from fcleary

Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meetingfcleary
 
Vis sense cluster meeting
Vis sense cluster meetingVis sense cluster meeting
Vis sense cluster meetingfcleary
 
Endorse cluster meeting
Endorse cluster meetingEndorse cluster meeting
Endorse cluster meetingfcleary
 
Posecco cluster meeting
Posecco cluster meetingPosecco cluster meeting
Posecco cluster meetingfcleary
 
Assert4soa cluster meeting
Assert4soa cluster meetingAssert4soa cluster meeting
Assert4soa cluster meetingfcleary
 
Nessos securechange cluster meeting
Nessos securechange cluster meetingNessos securechange cluster meeting
Nessos securechange cluster meetingfcleary
 
Massif cluster meeting
Massif cluster meetingMassif cluster meeting
Massif cluster meetingfcleary
 
VIKING cluster meeting 1
VIKING cluster meeting 1VIKING cluster meeting 1
VIKING cluster meeting 1fcleary
 
Massif road mapping_20110704
Massif road mapping_20110704Massif road mapping_20110704
Massif road mapping_20110704fcleary
 
Workshop summary software assurance and trust
Workshop summary software assurance and trustWorkshop summary software assurance and trust
Workshop summary software assurance and trustfcleary
 
Aniketos 2nd cluster meeting
Aniketos  2nd cluster meetingAniketos  2nd cluster meeting
Aniketos 2nd cluster meetingfcleary
 
Posecco clustering meeting
Posecco clustering meetingPosecco clustering meeting
Posecco clustering meetingfcleary
 
Amsterdam logistics fcleary
Amsterdam logistics  fclearyAmsterdam logistics  fcleary
Amsterdam logistics fclearyfcleary
 

More from fcleary (16)

Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meeting
 
Vis sense cluster meeting
Vis sense cluster meetingVis sense cluster meeting
Vis sense cluster meeting
 
Endorse cluster meeting
Endorse cluster meetingEndorse cluster meeting
Endorse cluster meeting
 
Posecco cluster meeting
Posecco cluster meetingPosecco cluster meeting
Posecco cluster meeting
 
Assert4soa cluster meeting
Assert4soa cluster meetingAssert4soa cluster meeting
Assert4soa cluster meeting
 
Nessos securechange cluster meeting
Nessos securechange cluster meetingNessos securechange cluster meeting
Nessos securechange cluster meeting
 
Massif cluster meeting
Massif cluster meetingMassif cluster meeting
Massif cluster meeting
 
VIKING cluster meeting 1
VIKING cluster meeting 1VIKING cluster meeting 1
VIKING cluster meeting 1
 
Massif road mapping_20110704
Massif road mapping_20110704Massif road mapping_20110704
Massif road mapping_20110704
 
Syssec
SyssecSyssec
Syssec
 
Nessos
NessosNessos
Nessos
 
Tdl
TdlTdl
Tdl
 
Workshop summary software assurance and trust
Workshop summary software assurance and trustWorkshop summary software assurance and trust
Workshop summary software assurance and trust
 
Aniketos 2nd cluster meeting
Aniketos  2nd cluster meetingAniketos  2nd cluster meeting
Aniketos 2nd cluster meeting
 
Posecco clustering meeting
Posecco clustering meetingPosecco clustering meeting
Posecco clustering meeting
 
Amsterdam logistics fcleary
Amsterdam logistics  fclearyAmsterdam logistics  fcleary
Amsterdam logistics fcleary
 

Recently uploaded

GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncObject Automation
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdfJamie (Taka) Wang
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataSafe Software
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?SANGHEE SHIN
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 

Recently uploaded (20)

GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation Inc
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 

Effectsplus july event report

  • 1. Information Technology Solutions EFFECTSPLUS CONSORTIUM Waterford institute Of Technology ATOS Hewlett-Packard Limited (HPLB) Effectsplus 2nd Cluster Event SAP (AG) Universita Degli Studi Di Trento July 4th & 5th 2011 R E P O R T A U TH O R Frances Cleary , Waterford Institute Of technology (fcleary@tssg.org) VU University, REPORT CONTRIBUTORS Amsterdam Nick Wainwright (HP) , Jim Clarke (WIT) , Keith Howker (WIT) , Michele Bezzi ( SAP) , Volkamr Lotz (SAP), Isabe)l Vinagre Torres ( ATOS) , Pedro Soria Rodriguez( ATOS), Nick Papanikolaou ( HP), Roland Reike , Fabio Martinelli, workshop atten- Clustering dees. 1
  • 2. Information Technology EFFECTSPLUS CONSORTIUM Waterford institute Of Technology Table Of Contents ATOS Objectives of 2nd Cluster Meeting ………………… … … … … … … … … … … … 3. Networking & coordination Session ………………… … … … … … … … … … … … 5. Services and Clouds Cluster Report ………………… … … … … … … … … … … … 9. Systems and Networks Cluster Report ………………… … … … … … … … … … … … 11 Hewlett-Packard Limited (HPLB) . Special Interest Groups: policy and Monitoring ………………… … … … … … … … 14. Trust and security Research Roadmap session ………………… … … … … … … … … 15. Innovation Potentials & gaps for FP7 Trust and security projects ………………… … 17. Effectsplus 2012 Wider collaboration event (CSPEF2012) ………………… … … … ..18. SAP (AG) Head Of Unit F5, Jesus Villasante closing speech ………………… … … … … … … …19 FIA Related Activities: trust and security ………………… … … … … … … … … … …20 Effectsplus future Events ………………… … … … … … … … … … … … … … … … .21 Universita Degli Studi Di Trento Appendix A , Agenda………………… … … … … … … … … … … … … … … … … 22 Appendix B , registered Attendees………………… … … … … … … … … … … … … 23 Appendix C, cluster participants ………………… … … … … … … … … … … … … 24 Appendix D, cluster communication ………………… … … … … … … … … … … … 25 Appendix E, cloud & services workshop, Project abstracts ………………… … … … 26 Appendix F, systems & Networks workshop, Project abstracts ………………… … … 29 Clustering 2
  • 3. Objectives of 2nd Cluster Meeting Frances Cleary , the Effectsplus coordinator, opened the 2nd Effectsplus Cluster event, at Vrijie university in Amsterdam on the 4th and 5th July 2011. The event co-located with F r a n c e s C l e a ry the SysSec workshop on the 6th July and the DIMVA 2011 conference. Effectsplus Coordinator For this trust and security collaboration meeting , 22 research projects , attended and par- Waterford Institute Of ticipated to this event . (Programme and Attendees can be viewed in Appendix A,B.C) Technology - TSSG Michele Bezzi (SAP) Mr Michele Bezzi, the Effectsplus cluster lead commented on the main objectives of the event . Two parallel workshops were planned Effectsplus Cluster lead • Systems and Networks Cluster : Workshop on Models Addressing issues such as * Security Incident Models providing Qualitative and Quantitative * Models of Security and Privacy Requirements and Policies for FI * Enterprise Architecture Models for Security Analysis * Society Models for Social Impact Analysis * Models of Security and Privacy issues in Cyber-Physical Systems, Smart Grids and other Critical Infrastructures * Security by Design - Models on Resilience and Trust (e.g. use of trust anchors to pro- vide a trusted backbone infrastructure) • Models on Security and Privacy issues in Cloud Computing • Services and Could Cluster : Workshop on Trust and Assurance Addressing questions such as How to…. * establish and maintain trust in dynamic composite services * define security validation technologies * provide flexible security certification schemes * perform security testing in heterogeneous service environments * automate security model checking * managing risk, security and trust metrics in secure service engineering * model-based security design & architecture Clustering * audit and monitor of distributed software systems. 3
  • 4. Objectives of 2nd Cluster Meeting Mr Bezzi commented that the main expected outputs coming from these workshops were as follows 1. Identify possible areas of collaboration among projects. 2. Identify which concrete examples are publicly available and re-usable in related pro- jects 3. Identify gaps between existing approaches and promising areas for future research Detailed call text for each of the workshops can be found at the following links Systems & Networks cluster Models workshop: http://www.effectsplus.eu/files/2011/06/Effectsplus-Systems-and-Networks-Models- Workshop-Agenda-Draft-v4.pdf Services and Cloud cluster trust and assurance workshop: http://www.effectsplus.eu/files/2011/06/Serv_Cloud_workshopx.pdf Clustering 4
  • 5. Networking & Coordination Session Jim Clarke networking and coordination cluster presentation session: This session was opened by the cluster lead Mr Jim Clarke ( WIT-TSSG). Mr Clarke commented that the aim of this session was for CSA’s and NoEs in Unit F5 to avail of an opportunity to pro- Jim Clarke vide information on the activities they have underway in their individual projects and to provide N e t w o rk i n g & c o o r d i n a t i o n details on upcoming events and research roadmap agendas they have in progress, in order to make the wider research community aware of their endeavours. This session involved speakers from the cluster lead following projects BIC, TDL/Actor, NESSOS, SYSSEC. Waterford Institute Of Technology - TSSG BIC: Building international cooperation for trustworthy ICT. Speaker : Jim Clarke Mr. Clarke presented the Coordination Action BiC project - Building International Cooperation for Trustworthy ICT: Security, Privacy and Trust in Global Networks & Services, which started on 1st January 2011. BIC will expand the co-operation models of EU researchers and programme management with their peers in new ICT high-growth countries, specifically Brazil, India and South Africa, who represent emergent world-impacting information economies through the scale and sophistication of their growing ICT sectors. In addition, the project will provide continuity and bring together a truly global collaboration with the participation of the already established connections from the INCO-TRUST project between the EU and the United States, Japan, Austra- lia, South Korea and Canada. Mr. Clarke presented the four core objectives of BIC: • Charting the landscape of Brazil, India and South Africa and their initial potential match to EU Trust, Security and Privacy themes; • Prioritisation of the EU influenced vision and research directions including alignment of work programmes; • Global alignment, consensus and outreach of the European visions and challenges across all targeted countries; • Definition of Tangible International Activities including transnational partnerships with EU partners. Mr. Clarke presented the accomplishments of the project to date: EU – Brazil Cooperation workshop (along with IWT 2011),Held 3rd May 2011; Rio De Janeiro (>60 attendees) Full report available at http://www.inatel.br/iwt/slide-show/bic-workshop In the process of putting together an International Advisory Group (IAG) from all involved coun- tries • Organising EU – South Africa workshop 16th August 2011 (along with ISSA 2011 - http:// www.infosecsa.co.za/) • Organising EU – India workshop 28th November 2011 (along with eINDIA 2011 - http:// www.eindia.net.in/2011/) • Strong collaboration with the EU – India Spirit Coordination Action project – see http:// www.euroindia-ict.org/. Clustering 5
  • 6. Networking & Coordination Session Preparing for Annual Forum/IAG meeting in Q4 2011 • building topics of interest with countries • planning session being held 6th July 2011 within SysSec workshop. • See http://www.syssec-project.eu/events/1st-syssec-workshop-program/ Other programme related activities • involvement in the Networking and coordinator cluster of the Effectplus project. • Involvement in Working groups of SysSec • Involvement in Advisory Group of NESSOS • Involvement in Trust and the Digital Life • Involvement in Future Internet Assembly In order to receive more information, Mr. Clarke gave the pointers of all the Work package lead- ers of BIC. WP1: James Clarke Jclarke@tssg.org WP2: Neeraj Suri suri@cs.tu-darmstadt.de WP3: Michel Riguidel michel.riguidel@telecom-paristech.fr WP4: Aljosa Pasic aljosa.pasic@atosresearch.eu or aljosa.pasic@atos.net WP1: Project Management WP2: Platform for International Collaboration and consensus building WP3: Input to the design of future research programmes WP4: Building the International Co-operation community. To view this presentation please see the following link http://www.slideshare.net/fcleary/bic-effectplus-ws . SysSec: A European Network of Excellence in Managing Threats and Vulnerabili- ties in the Future Internet Speaker: Evangelos Marketos Mr Evangelos opened his session with “ what is the security challenges we face?” to mention some • Hackers disabling cars • Hackers get into power grids • Hackers get into fighter planes What are we doing about this? SysSec: 4-year NoE to consolidate Research in managing threats for the Future Internet. SysSec proposes a game-changing approach to cybersecurity: Currently Researchers are mostly reactive: they usually track cyberattackers after an attack has been launched thus, researchers are always one step behind attackers. SysSec aims to break this vicious cycle. Researchers should become more proactive: and Anticipate attacks and vulner- abilities and Predict and prepare for future threats , working on defenses before attacks material- ize. Clustering Mr Marketos full presentation can be viewed http://www.slideshare.net/fcleary/syssec . 6
  • 7. Networking & Coordination Session Contd.. NESSOS: Network of Excellence on Engineering Secure Future Internet Software Services and Systems Speaker: Fabio Martinelli NESSoS aims at constituting a long lasting Virtual research centre on engineering secure software-based service and systems. Aiming at reducing the vulner- abilities in Future Internet Software-based Services (FISS) and Improving the design and overall assurance level of FISS. NESSoS will Provide means for a risk/cost based SDLC for FISS and will contribute to create an active research community by reducing the exist- ing fragmentation, and by re-addressing , integrating, harmonizing research agendas of NESSoS partners as well as spanning out of the organizations involved towards wider scientific and technological communities. NESSoS is committed to achieve very significant advances in knowledge and spread the research excellence achieved as well as roadmapping activities NESSoS will contribute to the growth of a generation of researchers and practitioners in the area by creating a com- mon body of knowledge (CBK) directly exploitable for training and education purposes. Mr Martinelli presentation included the following main agenda items 1. Motivation and main goals 2. Consortium expertise 3. Integration strategy 4. Structure of the NoE 5. Integration Activities 6. Research Activities 7. Spread of Excellence Activities 8. Management Activities 9. Highlights 10. Relationships with other communities Mr Martinelli’s full presentation can be viewed http://www.slideshare.net/fcleary/nessos TDL– Actor: Trust in digital Life Speaker : Arthur Leijtens Mr Leijtens started his presentation with an overview of the TDL ambitions and expecta- tions. • Self sustainable inspiring TRUST community providing directions and development of knowledge and collaborative projects & frameworks for trustworthy ICT solutions. • Innovative but realistic research agenda recognized by industry, knowledge institutes, the European commission, local governments and other independent authorities . • Create possibilities for public funding for collaborative R&D and deployment projects . Clustering • Create industrial, political and legal awareness for removing barriers through an extensive demonstrations and pilots program. 7
  • 8. Networking & Coordination session Contd.. Mr Leijtens then continued to detail the working of Trust in digital Life , with emphasis on Trust- worthy ICT solutions, highlighting their currently active working groups and activities, comment- ing on the 4 main working groups they have in existence. 1. Use cases 2. Technology and requirements 3. Law and technology 4. Business cases Further information on these individual working groups can be viewed in the supporting TDL presentation. Mr Leijtens concluded with details of the TDL community, TDL consortium and details on TDL membership. Mr Leijtens full presentation can be viewed http://www.slideshare.net/fcleary/tdl Clustering 8
  • 9. Services and Clouds Cluster Report Services and Clouds cluster Lead Report on the Effectsplus Cloud & Services ,Workshop on SOFTWARE ASSURANCE & TRUST. Fabio Martinelli (CNR) Motivation and goals The vision of the Future Internet heralds a new environment where multiple services are transpar- ently and seamlessly mixed and exchange information, giving rise to new capabilities. This paradigm largely enriches our ability to create new applications and businesses. However, it raises formidable security challenges, which have to be solved to make this vision real. In particular, these systems need new forms of software assurance that goes beyond the cur- rent view, based on static and isolated systems, and fundamentally challenge us to rethink how to address questions such as, how to: • establish and maintain trust in dynamic composite services. • define security validation technologies Michele Bezzi (SAP) • provide flexible security certification schemes • perform security testing in heterogeneous service environments • automate security model checking • audit and monitor distributed software systems. Various projects in the ICT Framework Programme are currently addressing some of these ques- tions. The Effectsplus FP7 funded Coordination & Support Action, within the activity of Services and cloud cluster, organizes a workshop, which aims to provide a forum for discussing the different approached of projects in this area. At the end of the workshop, we expect to have a better under- standing of • possible areas of collaboration among projects • gaps between existing approaches • promising areas for future research The agenda of the workshop was structured in two half days. In the first one on July 4th, the pro- jects in the cluster presented several research approaches for assurance and trust (See project ab- stracts in Appendix E ); while the second half day on July 5th was devoted to discussion and syn- chronization with the other Effectsplus workshops that run in parallel. The annotated agenda of the presentation is the following: Aniketos: Supporting trustworthy and secure composition in service and cloud environments (Per Håkon Meland, David Llewellyn-Jones, Erkuden Rios Velasco), Security SLA, Ser- vice discovery using security properties, Trust Monitoring Assert4SOA: Advanced Security Service Certificate for SOA (Ernesto Damiani): Security Certificate, Assurance for service compositions, Security testing, Service discovery using security properties Posecco: Leveraging Security Models to Automate Audits and Improve their Level of Assur- ance (Serena Ponta), Support mechanisms for auditing, Compliance with security reqs through auditing MASSIF: Management of Security information and events in Service Infrastructures (Pedro Soria-Rodriguez), SIEM, Trusted collection and monitoring of security-related data NESSos: A General framework for security-aware analysis of services (Fabio Martinelli): Trust Metrics, Process Composition, Optimization UTrust-IT: Usable Trust in the Internet of Things, (Peter Wolkerstorfer), Trust & HCI, Per- sonas methodology, user-centricity Clustering 9
  • 10. Services and Clouds Cluster Report Conclusion Eventually, after the discussion phase the workshop participants were able to recap the different approaches for trust and assurance that could be further investigated together as audit, certifica- tion, SLA for security, user-centered security, trust monitoring techniques and usage policies, etc. There was an agreement to try to write a joint paper (e.g. for the FIA book) in those aspects Among the participants some follow-up with inter project meetings where identified as: • Security SLA: Nessos, Aniketos, Assert4SOA, Contrail (Here there is also the proposal for a specific W3C subcommittee on Security aspects for SLAs); • Auditing: Assert4SOA, PoSecco • User-studies: U-Trust-IT, Posecco, Aniketos Among the topics selected for further scrutiny, there was a suggestion to investigate for the next Effectsplus meeting (Bristol, 2012) the following aspects: • Secure Service Compositions during service lifetime Presentations from this cluster group and workshop can be viewed http://www.effectsplus.eu/2nd-cluster-meeting-reports-and-presentations/ Clustering 10
  • 11. Systems and Networks Cluster Report S y s t e m s a n d N e t w o rk s cluster Lead The vision of the Future Internet heralds a new environment where multiple services are transparently and seamlessly mixed and exchange information, giving rise to new capabilities. This paradigm largely enriches our ability to create new applications and businesses but also enables new Roland Rieke - Fraun- possibilities for threats and scales up the risks of financial and also physical impact. hofer SIT Various projects in the ICT Framework Programme are currently using Models of different kinds in order to assess upcoming security and privacy challenges and mitigation strategies w.r.t. their possi- ble impact. The Effectsplus FP7 funded Coordination & Support Action, within the activity of Systems and Net- works cluster, organized a workshop, with the aim to provide a forum for discussing the di_erent approaches of projects in this area. The workshop was hold during the second Effectsplus clustering event in Amsterdam(Netherlands), at July 4th-5th 2011. The title of the workshop was Models (including meta-models, ontologies,..)". Workshop On Models Roland Rieke (member of the MASSIF project) was responsible for the collection of the contributions and the agenda of the workshop. Those projects, which had indicated their interest in this collaboration area at the first Systems and Networks cluster workshop, have been invited to contribute their activities w.r.t. the following sub- jects: • Security Incident Models providing Qualitative and Quantitative Security Measurements (base measures and derived measures to audit and monitor complex distributed systems in FI). • Models of Security and Privacy Requirements and Policies for FI. • Enterprise Architecture Models for Security Analysis. • Society Models for Social Impact Analysis. • Models of Security and Privacy issues in Cyber-Physical Systems, Smart. Grids and other Critical Infrastructures • Security by Design - Models on Resilience and Trust (e.g. use of trust anchors to provide a trusted backbone infrastructure) • Models on Security and Privacy issues in Cloud Computing The aim of the workshop was to identify possible areas of collaboration among projects w.r.t. con- crete models which are publicly available and re-usable in related projects as well as to identify gaps between existing approaches and promising areas for future research. Clustering 11
  • 12. Systems and Networks: Workshop on Models S y s t e m s a n d N e t w o rk s In order to provide the content for the following discussions, each participant of cluster Lead the workshop presented a topic w.r.t. the modelling work done in the respective project. Unfortunately, the given time slots of 10-15 minutes per project did not allow for a complete presentation of a projects results, so only some selected interesting aspects could be shown. The following list gives an overview of the presentations at the workshop (supporting abstracts can be viewed in Appendix F): • Roland Rieke (MASSIF): Objectives of the Effectsplus Systems and Networks Cluster Workshop on Models • Igor Kotenko (MASSIF): Analytical attack modelling and security evaluation in MASSIF • Teodor Sommestad (VIKING): Enterprise Architecture Models for Security Analysis • Mats B-O Larsson (VIKING): Virtual City Simulator (ViCiSi) • Domenico Presenza (ASSERT4SOA): Ontology's in ASSERT4SOA • Federica Paci (NESSoS, SecureChange): Managing Security and Changes throughout the whole System Engineering Process • Antonio Lioy (PoSecCo): PoSecCo models • Steffen Peter (WSAN4CIP, TAMPRES): Assessment models to Improve the Usability of Security in Wireless Sensor Networks • James Davey (VIS-SENSE): Multi-Dimensional Clustering for the Purposes of Root-Cause Analysis • Mark McLaughlin (ENDORSE): Introducing the ENDORSE Privacy Rules Definition Language • Roberto Baldoni (CoMiFin): Collaborative Security for Protection of Financial Critical Infrastructures: The Semantic Room abstraction model It was decided to contribute to the following Effectsplus supported Systems and Networks cluster activities: • Classification (overview) of areas covered by the presented models (inter- actively edit a table on Effectsplus web-site) • Joint paper (e.g. FIA book), or workshop: European perspective (survey) of models on security, privacy, trust • Followup Systems and Networks cluster meeting on specific aspects of multilateral project cooperation's (Feb. 2012, HP-labs, Bristol) • Participation in Cyber-Security and Privacy EU Forum CSPEF 2012 (Berlin 24.-25.4.) with Demonstrations and Tutorials The main result of this workshop however was the elicitation of common interests between the projects and the initiation of concrete plans for multilateral collaborations as shown in Table 1. Clustering 12
  • 13. Systems and networks: Workshop on Models S y s t e m s a n d N e t w o rk s cluster Lead Table 1: Multilateral collaborations within Effectsplus “Systems and Networks cluster” Jesus Villasante the head of the Trust and Security Unit in the EU Directorate General Information Society and Media (DG Infso) participated in the meeting. He confirmed that his unit will fully support these clustering activities. Presentations from this cluster group and workshop can be viewed http://www.effectsplus.eu/2nd-cluster-meeting-reports-and-presentations/ Clustering 13
  • 14. Special Interest Groups : Policy and Monitoring Special Interest Groups During the effectsplus clustering event , two special interest groups were proposed to be formed, Nick Papanikolaou (HP) based on topics and level of interest shown , by project participants. The aim of these special inter- est groups is to continue collaboration and work on identified topics coming from the cluster groups with a view to successfully participating and proposing collaborations, joint papers and events. The following details the initial focus of the two special interest groups and the main contacts for each. Effectsplus Special Interest Group on Policies - led by Nick Papanikolaou (nick.papanikolaou@hp.com ) Projects in this group so far: ANIKETOS, ENDORSE, POSECCO, MASSIF, COMIFIN,TAS3,SecureChains Topics on which projects can collaborate: • Theoretical topics • Languages, formalisms • Validation, verification • Interoperability • Frameworks • Policy refinement • Conflict resolution • Applications/Practical aspects • Decision support • Automatic Run-time Configuration of Policies for mitigation of attacks • Privacy Policies Effectsplus Special Interest Group on Monitoring - led By Roberto Baldoni Roberto Baldoni (baldoni@dis.uniroma1.it) Projects in this group so far: VIS-SENSE, MASSIF, COMIFIN, SYSSEC, WSAN4CIP, ANIKETOS,DEMONS,TWISNET Topics on which projects can collaborate: • Event-based architecture • Pattern detection • Performance • Privacy-preserving computation • Applications - event-based platforms, intrusion detection For more information on these Special interest groups, please contact the group leaders above. Clustering 14
  • 15. Trust and Security Research Roadmap Session. A follow up roadmapping session took place on the 5th July . Here Mr Papanikolaou presented the key themes identified in the first draft of the Trust and Security Research Roadmap, namely, the Nick Wainwright (HP) report titled "Trust and Security in the Future Internet: Setting the Context", which was created Hewlett Packard Ltd after the 1st Technical Cluster Meeting (29-30 March 2011). The report identified challenges and potential solutions, societal shifts and changes of relevance, and a vision for the future of the field. The content of the report was produced after processing discussion points and project contributions made at EFFECTSPLUS meetings. Some key discussion points included the following: • Changes for end-users: users' attitudes are changing constantly; users' physical and digital lives are connecting seamlessly; users are controlling and regularly using more devices; users are demanding the ability to personalise products and services. • Vision for end-users: users will have more privacy online; users will have a better understand- ing of security and privacy risks. • Challenges for end-users: enabling users to better understand and control security; handling digital identities; dealing with privacy issues. • Some solutions for end-users: development of universally acceptable digital identifiers; educa- tion of citizens. We are planning to circulate improved versions of the report "Trust and Security in the Future Internet: Setting the Context" and use it as the basis for the Trust and Security Research Roadmap. A summary of the report will be produced in time for the forthcoming Future Internet Assembly in Poznan. At FIA Poznan there will be a session dedicated to the FIA Research Roadmap and we will draw attention to the trust and security aspects, soliciting additional comments and input to be provided in electronic form by participants after the conference. Presentation slides from this session can be viewed http://www.effectsplus.eu/2nd-cluster-meeting-reports-and-presentations/ . Clustering 15
  • 16. Trust and Security Roadmapping Session (Effectsplus Clustering Meetings, Brussels, 4-5 July 2011) Summary of Remarks Made by Jesús Villasante (EC) Jesus Villasante European Commission Head of Trust & security Unit F5 Jesús Villasante actively participated in the roadmapping presentation session and commented on the overall importance of the roadmapping activity. The roadmap should contain content that is compelling and novel, in particular, going further than most existing prior roadmaps. Al- though we will necessarily include some technical content and commentary, there is a need to balance technical material with a discussion of higher level issues and how research in the trust and security space can be aligned with the Commission’s strategic objectives. Other remarks made by Mr Villasante which are relevant to the roadmapping activity include the following. There are numerous forward-looking policy documents already in circulation, including cyber- security strategy papers from many geographical areas, which address the same areas we are currently addressing in the Trust and Security Research Roadmap; by comparison, our roadmap needs to cover these areas in more technical detail. For instance, while ‘privacy by design’ is a notion frequently mentioned in other roadmaps, we should explain it carefully and give an indication of how it can be implemented in practical terms. Jesús Villasante stressed it is explanations that are useful to policymakers, who need to understand not only the ‘what’, but the ‘why’ and ‘how’ of key technologies. We should not underestimate the level of understanding of the policy makers in the more technological topics. In September 2011, roadmaps will be delivered from various projects (including Effectsplus, NESSOS, TDL, and others). The September 2011 deadline is crucial, as it ensures that the docu- ments will be available in time for debates around future funding programmes, and, in particu- lar, in time to shape Framework Programme 8. In closing, Mr Villasante reiterated that this roadmap should go further and deeper than similar efforts so far, he suggested that future roadmapping discussions should attempt to produce a coherent vision of the future, especially for the next 10-20 years. Clustering 16
  • 17. Innovation Potentials and gaps for FP7 Trust and Security Projects Speaker : Bruno Crispo ( University Trento) Bruno Crispo (UNITN) Mr Crispo commenced his presentation with an overview of the target of the Analysis. Here the focus was mainly on Call 1 research projects that have been completed and finalised to analyse and identify actual outcomes and impacts from the research activities that can possibly link to the digital agenda or have potential for follow up activities in the next call or within the market place. Mr Crispo described the methodology used to complete such an analysis this involved, examina- tion of publishable summaries, interviews with project coordinators, analysis of deliverables iden- tified by project/technical coordinators and a top down analysis of the digital agenda. The presentation then continued with an overview of the preliminary findings coming from the analysis to date covering Direct V’s indirect target Industries, Direct Industries, Indirect target Industry ,Innovation Issues, potential contribution to digital agenda, Gaps bridging measures. For more details on these topics, please refer to the accompanying slideset. Mr Crispo closed his presentation session with a summary of the analysis work in progress • Research Results potential for EU-wide policy area Extracted 2-3 results from each project still need systematization • Bottom-up analysis of Digital Agenda by project coordinators Partial feedback to be systematized • Review by interested parties If you would like to contribute Mail to comper@disi.unitn.it Supporting slideset for this presentation can be viewed http://www.effectsplus.eu/files/2011/08/Innovation-Potentials_Gaps_FP7.pdf Clustering 17
  • 18. Effectsplus 2012 Wider Collaboration event Cyber-Security and Privacy EU Forum—CSPEF 2012 Effectsplus on behalf of Unit F5 Trust and Security , is organising a wider collaboration/trust and Security Forum event in 2012. (cyber-Security and Privacy EU Forum—CSPEF 2012) . This is planned to take place in Berlin on 24th and 25th April 2012. the target audience of this event will be industry/ academia/agencies/ external trust and security initiatives. This event will have two main objectives Objective 1 : Impact and alignment Objective 2 : Efficiency and Effectiveness (working well as a community) Day 1 will focus on – objective 1 : The impact of trust and security technology in the real world – the links between R&D results and policy, societal challenges… It is planned to incorporate the following aspects during day 1 of the event programme. • Selected keynote speakers • Panel discussions ( mix of industry/academic experts) • Tutorial workshops • Security research demonstrators (showcase concrete results of as many successful pro- jects ) Day 2 will focus on - Clustering, structuring of research efforts for better results and for facilitat- ing innovation. Focusing on • Cross –topical workshops • Research project specific workshops Planning is underway with a dedicated organising committee, in the coming months a call for contributions will be available and will be widely disseminated to all the main key players in the security space. More information will be disseminated to the Effectsplus email lists and also to the uploaded to the Effectsplus website, once available, stating upcoming Calls and submission dead- lines. Supporting slideset can be viewed http://www.effectsplus.eu/files/2011/08/CSPEF-2012_planning.pdf Clustering 18
  • 19. Head Of Unit F5 Jesus Villasante: Closing Speech During the Effectsplus wrap up session on July 5th 2011, Mr Jesús Villasante, closed the Effects- Jesus Villasante plus cluster event with the following main comments. European Commission Head of Trust & security Mr Villasante was impressed by the practical approach that Effectsplus has taken with its cluster- ing activities. He commented that there is a very friendly atmosphere amongst the attendees and Unit F5 fruitful participation during the event cluster working group sessions. Mr Villasante had the following four main points to address in his closing comments. Collaboration: He stated that currently collaboration is progressing very well, with clear identifi- cation of common topics and interests amongst the participating research projects and attendees, and he would encourage such positive interactions to continue and expand as necessary in the fu- ture. Impact – Mr Villasante commented that we need to identify the outcomes of the call 1 projects following their completion and have to work to show how their valuable research and outcomes van be made more visible . It is not always easy to show clear outcomes following the finalisation of a project. Sometimes they are instruments to enable further follow on research avenues. But we need to continue to work to improve the outcome and impact from our research activities, this is an important aspect that we need to focus on in the future . Visibility - Effectsplus planned “Cyber-Security and Privacy EU Forum CSPEF 2012” confer- ence in April 2012 is an excellent opportunity. Mr Villasante commented that everyone's needs to actively think about how it can be a success for your project and your customers, ensuring that the right people from the right areas will be in attendance. This conference will be a milestone for all security research projects, and something that we can build upon in future years to come. The EC will fully support Effectsplus for this event. The CSPEF 2012 event will be timely as discussions on FP8 will be coming to an end at that time for H2020 and it will be an occasion around this date in 2012 to contact the national delegates to reinforce the message that trust and security is a key issue and we need to put more emphasis on it. For the future – Regarding the future, Mr Villasante remarked on Call 8 . In Call 8 – 80M euros will be invested from the European Commission. It is a key opportunity to redirect what we are going to do in the next 5 years. It is important to structure proposals to highlight main areas to explore. If potential proposes can have discussions prior to the call that would reduce the frag- mentation of the proposals, and that would be deemed to be very useful. Activities Effectsplus are doing here is instrumental here in doing this. We should have a structure around this activity. Mr Villasante concluded, with his continued support towards the Effectsplus collaboration activi- ties, encouraging projects to continue and increase their level of activity here. To wrap up the ses- sion Mr Villasante openly asked participants What other support they require from EC Unit F5? Can we (EC) do more? He welcomed suggestions and feedback . Clustering 19
  • 20. FIA related activities : Trust and security FIA Book : Planning for the next FIA Book has commenced with the organising committee. You can expect call for contributions in the coming months. FIA newsletter If any trust and security research projects have 1. News items 2. Dissemination of upcoming events 3. Reports for Dissemination Please consider writing a short paragraph and submitting to the FIA newsletter. Next FIA newsletter is planned for September 2011, calls for submission end of August. Cluster event wrap up slide set can be viewed http://www.effectsplus.eu/files/2011/08/next-meeting-_wrap-up.pdf Contact : fcleary@tssg.org and we will include such items for dissemination. Clustering 20
  • 21. Effectsplus Future Events • Effectsplus Next clustering Event will take place at HP, premises in Bristol, UK in February 2012. Further details will be available on the Effectsplus website in the coming months. • Cyber-Security and Privacy EU Forum—CSPEF 2012 , will take place in Berlin, 24th & 25th April 2012, more details will be available in the coming month on the Effectsplus website www.effectsplus.eu F o r m o r e i n f o rm a t i o n Please see Effectsplus Website http://www.effectsplus.eu/ For further details please contact Effectsplus coordinator Frances Cleary Waterford institute Of technology—TSSG (fcleary@tssg.org) Clustering 21
  • 22. APPENDIX A Agenda Monday , July 4th , 2011 Tuesday, July 5th , 2011 Clustering 22
  • 23. Appendix B: Registered Attendees Attendee Project/ Other Name Cleary, Frances effectsplus coordinator Jefferies, Nigel Effects+ Damiani, Ernesto UNIMI McLaughlin, Mark ENDORSE Kotenko, Igor Massif Vinagre, Isabel Effectsplus Howker, Keith Effectsplus Rieke, Roland MASSIF Soria-Rodriguez, Pedro MASSIF Larsson, Mats B-O VIKING Papanikolaou, Nick Effectsplus Presenza, Domenico ASSERT4SOA Peter, Steffen WSAN4CIP,Tampres Surridge, Mike SERSCIS Leijtens, Arthur Actor ~ TDL Sommestad, Teodor VIKING - EA models and analysis Plate, Henrik Posecco Casalino, Matteo PoSecCo Lioy, Antonio POSECCO / TCLOUDS / WEBINOS Olivier, BETTAN PoSecCo baldoni, roberto comifin Olkkonen, Kaisa Nokia Davey, James Fraunhofer Villasante, Jesus European Commission Markatos, Evangelos SysSec Howker, Keith effectsplus Alan Yeung - Llewellyn-Jones, David Aniketos Dlamini, Bheki internet networking Ludwig, Mike TwisNet Ponta, Serena PoSecCo Paci, Federica Secure Change Wolkerstorfer, Peter uTRUSTit Gran, Glenn GINI-SA Meland, Per Håkon Aniketos Wainwright, Nick Effectsplus Bezzi, Michele Effects+ Levitt, Karl - Mallery, John - Badii, Atta MOSIPS Martinelli, Fabio NeSSos Shiu, Simon HP Tiemann, Marco HYDRA Middleware Clustering 23
  • 24. Appendix C: Cluster Participants Services & Cloud Cluster Participants Name Organisation Isabel Vinagre ATOS Peter Wolkerstorfer CURE Nick Papanikolaou HP Michele Bezzi SAP Serema Ponta SAP Henrik plate SAP Masco Tiemann Uk Reading Kaisa Olkkonen NOKIA Crispo Bruno UNITN Fabio Martinelli CNR Per Hakon Meland SINTEF Pedro soria Rodriguez ATOS Glenn Gran IKED Ernesto Damiani UNIMI Frances cleary WIT-TSSG Systems and Networks Cluster Participants Name Organisation Keith howker WIT-TSSG Roberto baldoni UniRomai Olivier bettan Thales Mike Surridge IT Innovation Domenico Presenza Engineering IT James Davey Fraunhofer IGD Matteo Casalino SAP Federica Paci UNITN Antonio Lioy Polito Teodor sommestad KTH Mats B-O larsson MML AB Evangelos marketos Forth David Lewellyn-Jones LJmn Steffen Peter IHP Mark Mc loughlin WIT-TSSG Nigel Jefferies Huawei Roland Reike Fraunhofer SIT Clustering 24
  • 25. APPENDIX D Cluster Communication Dedicated email lists and LinkedIn Groups have been setup to support the activities of the defined clusters. Services and clouds cluster Subscription to this cluster email list via the following link http://listserv.tssg.org/mailman/listinfo/ts-services_cloud Cluster LinkedIn Group: http://www.linkedin.com/e/rdhgt3-gk6q5r9l-3e/vgh/3788378/ Systems and networks cluster Subscription to this cluster email list via the following link : http://listserv.tssg.org/mailman/listinfo/ts-systems_networks Cluster LinkedIn Group: http://www.linkedin.com/e/rdhgt3-gk6qqejg-16/vgh/3788408/ Networking and coordination cluster Subscription to this cluster email list via the following link : http://listserv.tssg.org/mailman/listinfo/ts-networking_coordination Cluster LinkedIn Group: http://www.linkedin.com/e/rdhgt3-gk6qxudg-3h/vgh/3788418/ Clustering 25
  • 26. APPENDIX E : Cloud & Services Workshop on Software Assurance & Trust Aniketos: Supporting trustworthy and secure composition in service and cloud environ- ments Per Håkon Meland, David Llewellyn-Jones, Erkuden Rios Velasco For some time the trend in provision of functionality in networked environments has been towards the use of services that offer self-contained capabilities, but which can be composed in various ways in order to provide richer services to end users. Moving from today’s static compositions, we will in the Future Internet see a more dynamic mix and match of cloud and non-cloud services depending on service availability, quality, price, trustworthiness and security features. Neelie Kroes, Vice-President of the European Commission and responsible for the Digital Agenda, re- cently stated that2“We want to extend our research support and focus on critical issues such as security and availability of cloud services.” The main objective of Aniketos is to help establish and maintain trustworthiness and secure behaviour in a dynamically changing environment of composite services. In order to achieve this objective, a multi-disciplinary effort involving research and industrial partners is currently tackling the following challenges. Trust in the Internet of services: There must be some acceptable trust relationship between the different actors in a composite service. Aniketos will offer a way of expressing different aspects of trustworthiness and provide design-time and runtime modules for evaluating and moni- toring the trust level between service stakeholders. Secure service composition at design-time and runtime: Trust alone does not guarantee a se- cure service, service components are bound to change and absolute security is an impossible goal. To achieve an open and secure service ecosystem in the Future Internet, we need to assure all par- ties about expected behavior and usage terms. A Service Level Agreement (SLA) is a common way to specify the conditions under which a service is to be delivered, but unfortunately, security is not provided or used as a contract term in existing SLAs. Aniketos is developing security SLAs that make it possible to create and monitor composite services where strong trust rela- tionships do not exist beforehand. Threat detection and response: According to the FORWARD3initiative by the European Com- mission: “identifying the adversarial model and anticipating emerging threats is the first step that is necessary to build a secure, future Internet”. Service providers will have to deal with a fluctuat- ing threat picture; the users will be in changing operating conditions, new attack methods will emerge, and the services themselves may contain vulnerabilities that result in information leakage or open back-doors. To be prepared for the future, Aniketos is investigating threats to com- posite services in order to understand their nature and how to deal with them. Societal acceptance and effective security: Trust and security are not only technical matters, but depend heavily on the human factors in order to be effective in everyday use. Though a composite service might be complex, the service end user should have an easy and understandable way of relying on its trustworthiness. Aniketos will contribute to a user-centred view on service trust and security by investigating user acceptance and their practical usability through case studies for future European services. Clustering 26
  • 27. uTrust-It: Usable Trust in the Internet of Things Peter Wolkerstorfer, wolkerstorfer@cure.at, CURE We present uTRUSTit, a 3-year project funded by the EC. Built around 3 main scenarios (smart home, smart office, e-voting) the aim of uTRUSTit is to close the loop of trust between the technological and psychological layers in the IoT. To achieve this objective uTRUSTit will provide a “trust feedback toolkit”. The toolkit aims at enhancing user trust perception. Usable trust – as defined in the project – is the basis for users to decide if they want to use a certain IoT technology or not, hence it is about technology accep- tance (If users don’t trust a certain technology they will reject to use it). In uTRUSTit we use a user-centric procedural approach based on the user-centric design process defined in ISO/TR 16982:2002: Usability methods supporting human-centred design to create human-centric trustworthy solutions for the internet of things (IoT). The presentation focuses on human-computer interaction (HCI) work in the project and presents two results: on the one hand we show which Personas we created for the project to support user-centric development. Personas are a nearly none-intrusive method to raise empathy for the users of technological artefacts during the development to ensure usable outcome. On the other hand we explain how we extended the requirements engineering process with focus groups to include the „usable trust“ elements on a methodological basis. We conclude with an outlook to the challenges we expect. The three main HCI chal- lenges we see are: reduction of complexity in interaction mechanisms and processes, re- search in trust, and research in the underlying cognitive-psychological mechanisms – the research on mental models. Posecco: “Leveraging Security Models to Automate Audits and Improve their Level of Assurance” (Serena Ponta) Audits allow gaining assurance about the existence and effectiveness of controls to meet certain objectives, e.g., security objectives motivated by an organization’s business risks or legal environ- ment. Though auditing standards and frameworks such as SAS70 and COBIT provide guidelines for performing auditing activities in a standard and repeatable way, the process of collecting and evaluating information about the auditee’s business, systems, and risks is still a mostly manual activity, thus subject to individual discretion. Complementary to these high-level, risk-driven au- dit standards, the Security Content Automation Protocol (SCAP) is a suite of specifications to cope with the need for security automation on the lower, technical level. Besides well-known standards for vulnerability enumeration and measurement (CVE, CVSS), SCAP also includes specifications which allow to (i) automate checks for known vulnerabilities, (ii) automate the veri- fication of security configuration settings, and (iii) generate reports that link low-level settings to high-level requirements. The PoSecCo project aims at establishing and maintaining a traceable link between high-level, business-driven security and compliance requirements and low-level technical configuration set- tings of individual services through landscape-aware security models. A natural question is how the SCAP emerging standards together with the knowledge about the landscape and its security requirements can be used to improve the effectiveness and efficiency of the current auditing prac- tices. In this talk we illustrate how SCAP standards together with comprehensive security models can support different phases of an audit process by (i) facilitating the information retrieval by auditees and auditors to build an audit program and (ii) increasing efficiency and/or assurance of activities performed during the execution of that audit program. Clustering 27
  • 28. Assert4SOA: Advanced Security Service Certificate for SOA (Ernesto Damiani) You live in a certified house, you drive a certified car, why would you use an uncertified service? The term "certification" has several different meanings in ICT. Software practitioners can earn a certificate for expertise in a certain hardware or software technology. The maturity of crucial IT processes, such as software development, can be and is often certified. Even individual software systems can be certified as having particular non-functional properties, including safety, security or privacy. However, the latter type of certification (e.g. Common Criteria) has had only a limited use to this day. Current trends in the IT industry suggest that software systems in the future will be very different from their counterparts today, due to greater adoption of Service-Oriented Architec- tures (SOAs) and the wider spread of the deployment of Software-as-a-Service (SaaS). These trends point to large-scale, heterogeneous ICT infrastructures hosting applications that are dynamically built from loosely-coupled, well-separated services, where key non-functional prop- erties like security, privacy, and reliability will be of increased and critical importance. In such scenarios, certifying software properties will be crucial. Current certification schemes, however, are either insufficient in addressing the needs of such scenarios or not applicable at all and thus, they cannot be used to support and automate run-time security assessment. As a result, today’s certification schemes simply do not provide, from an end-user perspective, a reliable way to assess the trustworthiness of a composite applications in the context where (and at the time when) it will be actually executed. ASSERT4SOA will fill this gap by producing novel techniques and tools – fully integrated within the SOA lifecycle – for expressing, assessing and certifying security properties for complex ser- vice-oriented applications, composed of distributed software services that may dynamically be selected, assembled and replaced, and running within complex and continuously evolving soft- ware ecosystems NESSoS : “A General Method for Assessment of Security in Complex Ser- vices” (Fabio Martinelli) Abstract: NESSoS is a project devoted to perform research activities on engineering secure and trustworthy Future Internet Services. The ares of interest is very broad. In the workshop, we present a paper with focus on the assessment of the security of business processes. We assume that a business process is composed from abstract services, each has several concrete instantiations. Essential peculiarity of our method is that we express security metrics used for the evaluation of security properties as semirings. First, we consider primitive decomposition of the business process into a weighted graph which describes possible implementations of the business process. Second, we evaluate the security using semiring-based methods for graph analysis. Finally, we exploit semirings to describe mapping between security metrics which is useful when different metrics are used for the evaluation of security properties of services. Clustering 28
  • 29. APPENDIX F : Systems and Networks Workshop on models Objectives of the Systems & Networks Cluster W orkshop on Models Presentation: Roland Rieke, pro ject EFFECTS+/MASSIF The vision of the Future Internet, where multiple services are transpar- ently and seamlessly mixed, already created a paradigm which promises to largely enrich our abil- ity to create new applications and businesses within this new environment. But this paradigm also enables new possibilities for threats and scales up the risks of financial and also physical impact. In many cases, the information itself will be the essential product which deserves to be protected, in the Internet of Things however, real and virtual cyber- physical resources deserve our attention. Various projects in the ICT Framework Programme are currently using “Models” of different kinds in order to assess upcoming security and privacy challenges as well as miti- gation strategies w.r.t. their possible impact. The Effectsplus FP7 funded Coordination & Support Action, within the activity of Systems and Networks cluster, organises this workshop, which aims to provide a forum for discussing the different approaches of projects in this area. At the end of the workshop, we expect to have a better understanding of possible ar- eas of collaboration among projects. Specifically, we are interested to find out, which con- crete models are publicly available and re-usable in related projects, the gaps between existing approaches and promising areas for future research. Clustering 29
  • 30. Analytical attack modeling and security eval- uation in MASSIF Presentation: Igor Kotenko, pro ject MASSIF The talk suggests the common approach, architecture and main models for analytical attack modeling and security evaluation investigated in the EU FP7 MASSIF Project. The approach is based on processing current alerts, modeling of malefactor’s behavior, gener- ating possible attack subgraphs, cal- culating different security metrics and providing com- prehensive risk analysis procedures. Key elements of suggested architectural solutions for attack modeling and security evaluation are using security repository (including system con- figuration, malefactor models, vulnerabilities, attacks, scores, countermea- sures, etc.), effective attack tree gen- eration techniques, taking into account as known as well as new attacks based on zero-day vulnerabilities, stochastic analytical modeling, combined use of attack graphs and service dependency graphs, calculation metrics of attack and security countermeasures (including attack impact, response efficiency, response collateral damages, attack po- tentiality, at- tacker skill level, etc.), interactive decision support to select the solutions on security measures/tools by defining their preferences regarding different types of requirements (risks, costs, benefits) and setting trade-offs between several high-level security objectives. This talk considers shortly the analysis of state-of-the-art in attack mod- eling, main functional requirements and essence of the approach to analytical attack modeling, main models as well as generalized architecture of Attack Modeling and Security Evaluation Component (AMSEC) suggested to be developed and implemented in MASSIF project. Clustering 30
  • 31. Enterprise Architecture Models for Secu- rity Analysis Presentation: Teodor Sommestad, pro ject VIKING Enterprise architecture is an approach to management of information systems, in- cluding control systems, that relies on models of the systems and their environment. This section briefly outlines the structure of the work carried out by the VIKING project on the topic of cyber security analysis and modeling. It combines attack- and defense graphs with Bayesian statistics and enterprise architecture modeling. Attack graphs are a notation used to depict ways that a system can be attacked. It shows the attack steps involved in attacks (nodes) and the dependencies that exists between them (arcs). Defense graphs extend this notation by including security measures in the graph to represent the attack steps they influence. Both of these notations can be used to create mod- els over systems and to assess the system’s security, e.g. by assess- ing if a particular attack is possible, given that the graph is parameterized. The VIKING project has produced a tool where defense graphs are pro- duced pro- grammatically from a model of an information system or control system and its environ- ment. A user of this tool produces architectural draw- ings of their enterprise (e.g. in- cluding network zones, machines, services, security processes executed) and the based on this the tool generates a de- fense graph that represent this specific enterprise’s situation. Based on logical relationships and quantitative data collected from literature and domain ex- perts the user can also calculate approximate values for the probability that an at- tempted attacks would succeed against the system. The workshop in Amsterdam will present the work done in VIKING on Enterprise Architecture Modeling and how we believe the research work can extended to practical tools to evaluate existing and new control system for security and to do ”what-if” stud- ies on different control system configura- tions. Clustering 31
  • 32. Virtual City Simulator (ViCiSi) Presentation: Mats B-O Larsson, pro ject VIKING One of the main objectives of the Viking project is to assess the cost to the society coming from power outages. In order to do this a virtual society simulator has been de- veloped. The virtual society is created by the Viking City Simulator, ViCiSi. In short ViCiSi is creating a virtual society, with all necessary functions, and it is based on pa- rameters from the EU database Eurostat. ViCiSi can be parameterized to any country in EU country plus Switzerland and Norway. In summary ViCiSi is: • A virtual society with all necessary infra-structure built on blocks, apartments, streets, etc. • With companies, public and private service operations producing wel- fare • With people living in the city consuming welfare. • Includes a distribution electrical grid with all common voltage levels to give realistic load curves • Calculates the activity in the society at all moments, in terms of Busi- ness Activity • Calculates cost for power outages as lost GDP • Can scale to all EU countries In the workshop in Amsterdam we will present the ViCiSi. We will show how it is designed, how it can used to calculate societal costs at power out- ages, how we present the results and how ViCiSi will be integrated into the VIKING Test bed. Clustering 32
  • 33. BlockMon: a framework for Distrib- uted Network Monitoring and Real-Time Data Intensive Analysis Presentation: S. Rao, pro ject DEMONS DEMONS project will address the ‘decentralised, cooperative and privacy preserving monitoring for trustworthiness’. The monitoring scenario of the system architecture tar- gets both intra-domain and inter-domain aspects. Intra-domain monitoring, primary requirements here being scalability, resilience and innetwork distribution of monitoring tasks; performance effec- tiveness in terms of detec- tion and mitigation reaction time; and authorized and controlled access to monitoring data in accordance to domain-specific operational workflow processes and policies; Inter-domain monitoring, core requirement here being the tight con- trol of inter- domain cooperation in terms of which monitoring data is ex- changed and under which conditions, which protocols should be used for guaranteeing inter-domain inter- operability, and how to exploit and support advanced cryptographic data protection tech- nologies for improving inter- domain cooperation ability and permitting secure joint analysis and com- putation over monitoring information provided by the multiple in- volved do- mains. The presentation will address the BlockMon Monitoring Overlay (BMO) monitoring infrastructure chosen as the basis of the DEMONS’ Measurement Layer and Coordination Layer for what concerns the intra-domain monitoring scenario. The internet Exchange Point (IXP) will coordinate across inter- domains. Clustering 33
  • 34. Ontologies in ASSERT4SOA Presentation: Domenico Presenza, pro ject ASSERT4SOA The presentation intend to deal with the use of ontologies in the context of the AS- SERT4SOA Project. ASSERT4SOA Project aims to produce novel techniques and tools for expressing, assessing and certifying security properties for service-oriented applications, composed of distributed software services that may dynami- cally be selected, assembled and re- placed, and running within complex and continuously evolving software ecosystems. ASSERT4SOA Advanced Security Certificates (a.k.a. ASSERTs) are ma- chine read- able documents stating that a given Web Service has a given Se- curity Property. An ASSERT also contains a model of the service and a ”proof” that can be used by the requesters of that Web Service to re-check the asserted Security Property. Based on the type of provided proof, three different types of ASSERT will be considered: evi- dence-based ASSERT (a.k.a. ASSERT- E), ontology-based ASSERT (a.k.a. ASSERT-O) and model-based ASSERT (a.k.a. ASSERT-M) The use of OWL-DL Ontologies within ASSERT4SOA is twofold: (1) to investigate the use of an ontology-based approach to describe security properties of services (2) to enable the interoperability and comparison of the other kinds of ASSERTs. The envisaged ASSERT4SOA Ontology will contain the description of both general concepts and ASSERT specific ones. The instances of all types of ASSERTs will refer the terms defined in the ASSERT4SOA Ontology. Within the ASSERT4SOA Ontology concepts are represented as OWL- DL classes thus allowing to express decision problems about ASSERTS (e.g. mapping between differ- ent kind of ASSERTs) as Description Logic inference problems (e.g. Class Expression Subsumption). Clustering 34
  • 35. Managing Security and Changes at Model Level throughout the whole System Engi- neering Process Presentation: Federica Paci, pro ject NESSoS/SecureChange Security engineering is not a goal per see. Security applies to a system or software, whether large IT or embedded system, which must itself be engineered. Security engi- neering must therefore comply with the constraints and pace of the mainstream system / software engineering processes, methods and tools. Assuming a model driven approach to the mainstream system / software engineering, we explain how to support evolution while maintaining security at all levels of the system / software development process, from requirements engineering down to deployment and configuration. A system / software lifecycle typically has seven phases: (i) specification, (ii) design, (iii) realisation or acquisition, (iv) integration and verification, (v) validation and de- ployment, (vi) operation and maintenance, and (vii) disposal. In some cases, a sys- tem / software may occupy several of these phases at the same time. Security engineer- ing can be conducted regardless of the system / software lifecycle phase; however the pursued goals may significantly differ (see Figure 1). During the specification phase, the main goal of security engineering is to influence the definition of the system / software requirements, and thus gain early assurance that the proposed architectural solution is sound with respect to security concerns. This step encompasses customer security need elicitation and early risk assessment. This early ap- proach contrasts sharply with current-day practices in which risks are only analysed when require- ments have been elicited, and sometimes even later, when the main system design is frozen or developed. With standard approaches: (i) safeguards may be very expensive to implement; (ii) some elicited requirements may reveal themselves as too risky to be fulfilled; (iii) some requirements may be error-prone; (iv) locally designed safeguards to cope after hand with risky requirements may obstruct the fulfilment of other requirements. Clustering 35
  • 36. PoSecCo Models Presentation: Antonio Lioy, pro ject PoSecCo PoSecCo aims at addressing some of the main service provider challenges for the vi- ability of Future Internet (FI) applications, that will see dynamic compositions of ser- vices providing a broad diversity of functions, starting with business functionality down to infrastructure services. In fact, in a FI scenario, service providers will need to achieve, maintain and prove compli- ance with security requirements stemming from internal needs, third-party demands and international regulations, and to cost-efficiently manage poli- cies and security configuration in operating conditions. PoSecCo overcomes this by establishing a traceable and sustainable link between high-level requirements and low-level configuration settings through decision support sys- tems. To achieve this goal a consistent effort is being put into system and network model- ling, whose main purpose is to create a set of meta-models and a security ontology that will be presented at the Network and System Workshop. First of all, reaching the PoSecCo objectives requires the modelling of FI services, a challenge that PoSecCo is addressing through a refinement loop between the Service Pro- vider partners, providing the requirements ensuring the practical usage, and academia ensuring the self- coherence, extensibility and the possibility to be formally used. The result is the functional system meta-model, including a business and an IT layer. Moreover, since services will be actually implemented on existing (physical or virtual) net- worked systems, the functional system meta-model includes an infrastructural layer that refers to a landscape meta-model. Also the policy is represented at three different layers of abstraction, the business, the IT and the landscape configuration layers, therefore the design of three policy meta- models is in progress. The PoSecCo security ontology is being developed to vertically connect all the ab- straction layers and horizontally connecting each abstraction layer with the corresponding policy-meta model, and to enrich the knowledge of the systems using the expressive power that ontologies can guarantee. Clustering 36
  • 37. Assessment models to Improve the Usabil- ity of Security in Wireless Sensor Networks Presentation: Peter Steffen, pro ject WSAN4CIP/TAMPRES Wireless Sensor Networks play a major role in the Future Internet. They deliver data that may influence important decisions in further process steps. To improve the security and reliability as they are required for such networks, many protocols, algorithms, and ser- vices have been proposed in recent years. The complexity of the approaches is often sig- nificantly and the trade-offs are hardly understood by even by experts. This is a particular issue in projects such as WSAN4CIP (wireless sensor networks for critical infra- struc- ture protection) where eventually domain experts apply networks in critical envi- ronments. As solution we propose a model-based approach that maps requirements and system properties on exchangeable security models, expressed in a flexi- ble meta-model-language. The initial requirements are understood by users, and the system properties are assessed based on properties of the individ- ual components, which can be stored in pre- configured repositories. The exchangeable security models allow to focus on specific security aspects such as vulnerabilities, attacks, or resistances. As example the models shall evaluate the effects of tamper resistant sensor nodes, as they are investigated in the TAMPRES project. Naturally, the existence or non- existence of such tamper resistance in the network alters the security properties of the entire network and its application significantly. This has to be respected by the models. The model approach as well as the implications for the projects WSAN4CIP and TAMPRES are addressed in the presentation. Clustering 37
  • 38. Multi-Dimensional Clustering for the Pur- poses of Root-Cause Analysis Presentation: James Davey, pro ject VIS-SENSE One of the goals of the VIS-SENSE project is to generate an overview of the mal- ware and spam landscapes in the Internet. A major part of this process is root-cause analysis, which is the search for and identification of coordinated criminal campaigns. Through a better understanding of how these campaigns evolve over time, security ex- perts should be able to improve the protection of their networks. When analysing the behaviour of spam or malware, a very large number of alerts are collected every day. What constitutes an alert is defined by the data collection infrastruc- ture used to collect information for the purposes of analyses. The alerts are the starting point for our root-cause analysis. The next phase in the analysis process involves the generation of events, based on the alerts. These events are essentially groups of alerts, together with some additional anno- tations. The groups and annotations are derived with the help of rule-based or experi- ence-based models. Events are the first level of aggregation in the root-cause analysis. While this aggrega- tion does increase understanding of the threat landscape, it is not condensed enough to provide an overview. To attain an overview, a further aggregation step is undertaken. In this step, each feature of the events is first considered individually. Based on the data type of the feature, similarity measures are chosen and, if necessary, parameterised. The feature-based similarities can be used to cluster events on a feature-by- feature basis. These clusters provide clues for the specification of a multi-dimensional similarity measure. With the help of this measure, multi-dimensional clustering is possible. Visualizing the re- sults of multi-dimensional clustering reveals a much more insightful overview of the origi- nal malware and spam alerts. Many models exist for the feature-by-feature as well as for the multi- dimensional similarity measures. The choice of models and their param- eteriza- tion has direct implications for the results of the multi-dimensional clustering step. An overview of these models will be presented, as well as a description of techniques for the support of iterative visualisation and ad- justment of parameters. Through the targeted use of visualization in the analysis process VIS-SENSE will assist the analyst in the gen- eration of use- ful overviews of the threat landscape. Clustering 38
  • 39. Introducing the ENDORSE Privacy Rules Definition Language Presentation: Mark McLaughlin, pro ject ENDORSE One of the core outputs of the ENDORSE project will be a Privacy Rules Definition Language (PRDL). This language will allow organisations to cod- ify their data protection and privacy operating policies regarding sensitive user data. PRDL will be used for internal compliance and transparency with regard to external parties. The ENDORSE system will use PRDL rules to ensure that personal data are processed legally and appro- priately within the organisation in terms of access control and meeting obligations for data handling over the lifetime of the data. ENDORSE is taking a model driven architec- ture (MDA) approach to building the ENDORSE platform. As such, the definition of PRDL is also crucial for generating many of the platform software components. An early draft of the PRDL metamodel will be pre- sented. Collaborative Security for Protection of Financial Critical Infrastructures: The Se- mantic Room abstraction model Presentation: Roberto Baldoni, pro ject CoMiFin The growing adoption of Internet in the financial ecosystem has exposed financial institutions to a variety of security related risks, such as increas- ingly sophisticated cy- ber attacks aiming at capturing high value and sensitive information, or disrupting service operation for various purposes. To date, single financial institutions have faced individu- ally these attacks using tools that re-enforce their defence perimeter (e.g. intrusion detection systems, firewalls). However, today’s attacks are more sophisticated making this kind of defences inadequate. Attacks are typically distributed in space and time meaning that they can be coordinated on a large scale basis and often con- sist of a preparation phase spanning over days or weeks, involving multiple preparatory steps aiming at identi- fying vulnerabilities (e.g., open ports). In order to detect these attacks a larger view of what is happening in the Internet is required, which could be obtained by sharing and combining the informa- tion available at several financial sites. This information must be processed and correlated ”on-the-fly” in order to anticipate threats and frauds, and mitigate their possible damages. Even though this sharing can result in a great advantage for financial institutions, it should be carried out only on a clear contractual base and in a trusted and secure environment capable of meeting privacy and confidentiality requirements of financial institutions. In this context, the CoMiFin project, ended last April 2011, devel- oped an open source middleware system for monitoring the Financial Critical In- fra- structure domain. The system is currently a research prototype and has been demon- strated in several occasions even to financial stakeholders such as SWIFT board members and a number of Italian banks. It facilitates the shar- ing and processing of critical opera- tional data among interested parties (e.g., financial institutions, telco providers, power grid operators), and is utilized for timely activating local protection mechanisms. In doing so, the CoMiFin project introduced a novel abstraction model named Semantic Room (SR). Clustering 39