Edge enabled Privacy and Security Platform for Multi Modal Transport

As the internet grows, the detection of and reaction to cyber attacks is critical. The EU-funded SIFIS-HOME project aims to provide a secure-by-design and consistent software framework that will improve the security and resilience of interconnected smart home systems at all stack levels. The project also targets software developers, empowering them to create safe, secure and privacy aware applications to provide additional smart home functionalities. The consortium mainly comprises leading industry players in the Internet of Things, telecommunications and cybersecurity markets, as well as research and academic institutions.

Read More

Edge enabled Privacy and Security Platform for Multi Modal Transport

The EU is paving the way to multimodality in the transport sector. Multimodal mass transport – the use of different means of transport on the same journey – boasts more convenience, speed, reliability and predictability. But, as the threat of cyberattacks continues to rise, intelligent transportation systems need to be secured. The EU-funded E-CORRIDOR project will develop a flexible, secure and privacy-aware framework aimed at ensuring the safety and security of multimodal transport systems. Specifically, it will design a framework for the security of passengers and transportation operators. Collaborative policy-aware edge-enabled information sharing, analysis and protection-as-a-service will form the basis of the new framework.

Read More

Re-imagining the way cybersecurity research, innovation, and training are performed in the European Union

SPARTA is a novel Cybersecurity Competence Network, supported by the EU’s H2020 program, with the objective to develop and implement top-tier research and innovation collaborative actions. Strongly guided by concrete challenges forming an ambitious Cybersecurity Research and Innovation Roadmap, SPARTA will setup unique collaboration means, leading the way in building transformative capabilities and forming a world-leading Cybersecurity Competence Network across the EU. From basic human needs (health) to economic activities (energy, finance, and transport) to technologies (ICT and industry) to sovereignty (eGovernment, public administration), four research and innovation programs will push the boundaries to deliver advanced solutions to cover emerging challenges. The SPARTA consortium assembles a balanced set of 44 actors from 14 EU Member States at the intersection of scientific excellence, technological innovation, and societal sciences in cybersecurity. Together, along with SPARTA Associates, they aim at re-imagining the way cybersecurity research, innovation, and training are performed in Europe across domains and expertise, from foundations to applications, in academia and industry. In sharing experiences and excellence, challenges and capabilities, SPARTA makes decisive contributions to European strategic autonomy.

Read More

Trusted Cloud & Internet of Things

With smart monitoring using IoT, health organisations have the opportunity to cut costs and provide better healthcare continuity. They are able to tap into the world of IoT to build live, and continuous monitoring which benefit patients. This monitoring is generating an abundance of data automatically which is subsequently transmitted from the point of creation into databases, hosted in clouds, to be delivered to health professionals. This data is not just personal, and sensitive, it is private and belongs to its owner. Because of its nature health data must be protected from the time of creation to the place where it is stored. We are implementing a framework which harnesses IoT data suitable for health organisations. TC&IoT provides a solution to give data owners total control on who can access their data and when. The project proposes an architecture with logical separation between data creation, access management, and data storage allowing data owners to manage access to data and enforce data access policy changes in near real time

Collaborative and Confidential Information Sharing and Analysis for Cyber Protection

C3ISP mission is to define a collaborative and confidential information sharing, analysis and protection framework as a service for cyber security management. C3ISP innovation is the possibility to share information in a flexible and controllable manner inside a collaborative multi-domain environment to improve detection of cyber threats and response capabilities, still preserving the confidentiality of the shared information. C3ISP paradigm is collect, analyse, inform, and react.

Read More

HIGH IMPACT INITIATIVE

The goal of the European Trusted Cloud Ecosystem High Impact Initiative (HII) is to provide consumers and businesses with better tools and services to take greater control over the use of sensitive and personal data created by, about and for them. At the same time this data is enabling and stimulating the business growth – companies within the trusted service eco-system, accelerated by the HII, are developing innovative and trusted products and services which can be tailored to and personalized for the specific needs of the individuals and businesses.

Read More

Confidential and Compliant Clouds

Coco Cloud aims at allowing the cloud users to securely and privately share their data in the cloud. This will increase the trust of users in the cloud services and thus increase their widespread adoption with consequent benefits for the users and in general for digital economy. Coco Cloud will facilitate the writing, understanding, analysis, management, enforcement and dissolution of data sharing agreements, going from high level descriptions (close to natural language) to system enforceable data usage policies, and it will consider the most appropriate enforcing mechanisms depending on the underlying infrastructure and context for enforcing data usage policies. Coco Cloud will also address key challenges for legally compliant data sharing in the cloud. By taking a “compliance by design” approach, the project places an early emphasis on understanding and incorporating legal and regulatory requirements into the data sharing agreements

Read More

Network of Excellence on Engineering Secure Future Internet Software Services and Systems

The Network of Excellence on Engineering Secure Future Internet Software Services and Systems (NESSoS) aims at constituting and integrating a long lasting research community on engineering secure software-based services and systems. The NESSoS engineering of secure software services is based on the principle of addressing security concerns from the very beginning in system analysis and design, thus contributing to reduce the amount of system and service vulnerabilities and enabling the systematic treatment of security needs through the engineering process. In light of the unique security requirements the Future Internet will expose, new results will be achieved by means of an integrated research, as to improve the necessary assurance level and to address risk and cost during the software development cycle in order to prioritize and manage investments. NESSoS will integrate the research labs involved; NESSoS will re-address, integrate, harmonize and foster the research activities in the necessary areas, and will increase and spread the research excellence. NESSoS will also impact training and education activities in Europe to grow a new generation of skilled researchers and practitioners in the area. NESSoS will collaborate with industrial stakeholders to improve the industry best practices and support a rapid growth of software-based service systems in the Future Internet. The research excellence of NESSoS will contribute to increase the trustworthiness of the Future Internet by improving the overall security of software services and systems. This will support European competitiveness in this vital area.

Read More

Open Computing Infrastructures for Elastic Services

In the future of corporate IT, companies will rely on highly dynamic distributed IT infrastructures. Federation models are envisioned where a given organisation will be both a Cloud provider during periods when its IT infrastructure is not used at its maximal capacity, and a Cloud customer in periods of peak activity. The main contribution of CONTRAIL will be the development of an integrated approach to virtualization, offering Infrastructure as a Service (IaaS), services for federating IaaS Clouds, and Platform as a Service (PaaS)on top of federated Clouds. This service stack will be part of the CONTRAIL open source system, facilitating industrial up-take of Cloud computing. The main outputs of CONTRAIL are a collection of infrastructures ervices offering network, computation and storage as a service; services to federate IaaS Clouds; a set of highlevel services and runtime environments for typical Cloud applications, including efficient map/reduce, scalable service-oriented application hosting, and automatic workflow execution; and a set of applications and use FP7-ICT-2009-5 Integrated project proposal CONTRAIL cases from the domains of e-business, e-science, telecommunication and media using and demonstrating the CONTRAIL system. CONTRAIL leverages the open source XtreemOS system, developed in the successful XtreemOS European integrated project and which was designed for large scale dynamic infrastructures. XtreemOS integrates services for data, application, security and community management that can be adapted to provide a unified solution for building private, public and federated Cloud infrastructures. CONTRAIL has core virtualization technology integrated with its high-level services and its Cloud management facilities. This unique approach of covering "the whole Cloud", from the core infrastructure, via federation mechanisms, to management services, enables the construction of transparent, trusted and reliable Cloud platforms with operations governed by service level agreements.

Read More

Security and Trust for GRID systems

Il progetto GridTrust is addressing the following objective of the 2005-2006 Work Programme - Call 5: "2.5.4 Advanced Grid Technologies, System and Services". GridTrust is focusing on Grid Foundations: Architecture, design and development of technologies and systems for building the invisible Grid. The overall objective of the GridTrust project is to develop the technology to manage trust and security for the Next Generation Grids (NGG). We propose to have a vertical approach tackling issues of trust, security and privacy (TSP) from the requirement level down to the application, middleware and foundation levels. Our emphasis is on models and tools to assist in reasoning about trust and security properties along the NGG architecture. GridTrust consortium involves a large industrial partner (HP European Innovation Center), end users (De Agostini), SMEs (Moviquity, Interplay) and European research groups covering the areas of requirement engineering, grid technology and security among others (CETIC, CCLRC, CNR, VUA). Moviquity, HP and Interplay are providing important test cases to validate the GridTrust framework, including innovative applications such as "inter-enterprise knowledge management" and "distributed authoring". Moviquity and De Agostini are committed to implementation and exploitation of the results of the projects.

Read More

Security of Software and Services for Mobile Systems

The objective of S3MS is to create a framework and a technological solution for trusted deployment and execution of communicating mobile applications in heterogeneous environments. S3MS would enable the opening of the software market of nomadic devices (from smart phones to PDA) to trusted third party applications beyond the sandbox model, without the burden of roaming trust infrastructure but without compromising security and privacy requirements. A contract-based security mechanism will lie at the core of the framework. The new paradigm will not replace, but enhance todays security mechanism, and will provide a flexible, simple and scalable security and privacy protection mechanism for future mobile systems. It will allow a network operator and a user to decide what an application is allowed to do, prevent bad code from running, and allow good code to be easily designed and deployed. The new paradigm of security-by-contract affects the entire life cycle of mobile applications and services: Contracts must be accommodated in high level design of security and privacy requirements of applications and mobile platforms, programming languages for the formulation of contracts must be developed, compilers must be modified to produce executable contracts for a piece of software, loaders must be aware of the static contract information that can be checked at load time, and runtime systems must be equipped with the mechanisms needed to ensure that the contracts are fulfilled during execution.

Read More