telecommunications and software, computer programming, mecatronics, security, e-health, ITC for transport, new media, irrespectively networks of the future, internet services, software and visualization, media network and 3d
networks, cybernetic security, safe software systems, mobile applications design, etc. Horizontal priorities The Northeast regional Smart Specialization Strategy is designed to operate at 4 levels:
Geophysics ICT Mathematics Materials (new) Veterinarian Environment Nanotech Naval Optics Patrimony Health Security Socioeconomic Space Textiles Agro-Food ICT Intelligent
sys. Health Energy Pharmaceuticals Environment Security Space Materials Biotechnologies Transport Socioeconomic 13 Panels 90 Micro-visions 29 domains+Exploratory Online
ICT Analysis, management and security of big data Future internet Software development technologies, instruments, and methods High performance computing and new computational models A3.
Health, Space and Security, and Heritage and cultural identity. Process: http://www. poscce. research. ro/ro/node/node/nid/2438 Project version Dec. 2013 Public debate (mandatory according to the law of transparency) version Apr
2014 Smart specialization fields Bioeconomy ICT Energy & Environment Eco-technologies Public interest priorities Health Security & Space National heritage & identity, cohesion and cross-cultural
linkages Smart specialization fields Bioeconomy ICT, Security & Space Energy, Environment & Climate changes Eco-nano-technologies & Advanced Materials Public interest priorities Health National
heritage & identity Emerging technologies RIS3 Priorities 16 ICT, Security & Space Focus on changes related to Smart Specialization so far Micro-vision fiches after refining (see the Annex for the full process:
Security; Intelligent Systems; Socioeconomics; Space medicine Science; Transport ICT Rationale: ICT prioritized for information security & space security because of new info regarding the sectoral strategies (not available at the time of the first version;
RO is external border of UE. Energy & Environment Energy, Environment & Climate change Rationale:
"In terms of technological capability Romania has the potential for regional clusters in ICT, nanosciences and nanotechnologies, automotive, security and new production technologies".
Security; Intelligent Systems; Socioeconomics; Space medicine Science; Transport)- Prioritization and version Dec. 2013. Public debate-National R&d institutes-Romanian Academy-Private companies-Changes as for version Apr. 2014.
providing relevant content and ensuring necessary preconditions for information, education and security. Starting from the fundamental pillars of the strategy we developed a set of indicators accompanied by the related target values,
education and security (preconditions-the degree of digital alphabetization of the population-%of employees with experience in using computers
and services (i e. secure Web services in EU) to enjoy high levels of security and confidence, a balanced regulatory framework with well defined rights,
These include (i) keeping operational security and quality of supply, (ii) enabling the new operations at the distribution level (including non--discriminatory and effective real-time grid capacity monitoring and management of injections/withdrawals),(iii) market based congestion management,(iv
Innovative Society and Security IT Services The next steps We are moving forward in the process with the help of a consultant.
information and communication technologies, security, biotechnology and logistics. The industrial policy of the Regional Government has established four main priorities in the support of emerging clusters:
The region's ICT sector has specialisation capacities in the fields of mobility and security.
ICT sector specialized in mobility and security. Building the evidence base for RIS3 (II) SWOT Analysis Knowledge Digital Society 15 Weaknesses Large region with difkicult orography:
and urgent, from ageing societies, climate change, to energy efficiency and security...but there is a clear lack of exploitation of innovative solutions to address these social challenges.
and they have a certain security and knowledge of what the future will Hold in turn in the neoliberal or Anglo-saxon model,
2004), mechanisms for ensuring trust and security (Kippert & Swiercz, 2007; Garrison & Posey, 2006), easy-to-use environments, social computing,
Computer security Checklist for Non-Security Technology Professionals, Journal of International Technology and Information management, 15 (3), 87-91.
In ICT, how will we manage the security and privacy of personal data with global digital content doubling every eighteen months,
and zero breaches of security. This will also lead to many Zero initiatives like zero emails, zero time business incubation,
Includes the entire smart solutions ecosystem in energy, infrastructure, transportation, buildings, security, governance, education and healthcare.
nuclear power will continue to present significant opportunities for players that can successfully address the dominant issues of safety and security.
or more employees via their website were company introduction (90.5%),privacy policy statement or certification related to website security (65.2%)and access to catalogues and price lists (52.8%).
related to website security 65.2 Access to product catalogues or price lists 52.8 Links or references to the social media profiles of the company 34.7 Possibility of electronic submission of complaint forms 26.4 Posting vacancies
and security as defined in the regulation on data protection and processes it only for the explicit and legitimate purposes declared
of which underlie the Commission's security decisions and provisions established by the Directorate of Security for these kind of servers and services.
The information you provide will be treated as confidential and aggregated for analysis. Data verification and modification In case you want to verify the personal data
such as interactions with the real world through sensor/actuator networks, network virtualization and cloud computing, enhanced privacy and security features and advanced multimedia capabilities.
Foundations-Architectural Issues-Socioeconomic Issues-Security and Trust-Experiments and Experimental Design Future Internet Areas-Networks-Services-Content Applications FIA Budapest will be the seventh FIA
Security and Trust Introduction to Part III...163 Security Design for an Inter-Domain Publish/Subscribe Architecture...
167 Kari Visala, Dmitrij Lagutin, and Sasu Tarkoma Engineering Secure Future Internet Services...177 Wouter Joosen, Javier Lopez, Fabio Martinelli,
and Fabio Massacci Towards Formal Validation of Trust and Security in the Internet of Services...
security including trust and privacy. The content of this area includes eight chapters covering some of the above architectural research in Future Internet.
privacy, licensing, security, provenance, consistency, versioning and availability; it glues together reusable information fragments into meaningful structured and integrated documents without the need of a predefined schema.
Lack of data integrity, reliability and trust, targeting the security and protection of data; this issue covers both unintended disclosure and damage to integrity from defects or failures,
Security requirements of the transmission links: Communications privacy does not only mean protecting/encrypting the exchanged data
v. Security of the whole Internet Architecture. The Internet architecture is not intrinsically secure and is based on add-ons to, e g. protocols,
On the other hand, mobility is realized still in most cases by means of dedicated/separated architectural components instead of Mobile IP. see Subsection 3. 5. Point 6 Accountability of resource usage and security without impeding
see Subsection. 3. 5. Point. 2 Security: see Subsection. 3. 5 point 5, Subsection 3. 1. Point. 2 and 3. Generality e g. support of plurality of applications
Trust and Security. The authors would like to acknowledge and thank all members of the group for their significant input and the EC Scientific Officers Isidro Laso Ballesteros, Jacques Babot, Paulo De Sousa, Peter Friess, Mario Scillia
and promises security and increased manageability. We define In-Network clouds as an integral part of the differentiated Future Internet architecture,
Applications compliant with these framework services share common security metadata, administration, and management services. The DOC enables the following functions across the orchestration plane:
Since each domain may have different SLAS, security and Towards In-Network Clouds in Future Internet 23 administrative policies,
monitoring and measuring, road safety, security/identity checking, video surveillance, etc. Predictions state that there will be 225 million cellular M2m devices by 2014 with little traffic per node but resulting significant growth in total,
However, from a management system perspective, the scope of this scenario rely in the fact on how the use of semantic models capturing knowledge relating to security functionality
and addressing functionality and associated security mechanisms that are required to enable dynamic looselycoupled systems. The number of participants can be m:
A comprehensive security framework provides functions for the realization of a variety of different trust relationships.
privacy, licensing, security, provenance, consistency, versioning and availability; it glues together reusable information fragments into meaningful structured and integrated documents without the need of a predefined schema.
privacy, licensing, security, provenance, consistency, versioning and availability 5. IDN glues together reusable information fragments into meaningful structured and integrated documents without the need of a predefined schema.
when the exponential growth of small and/or mobile devices and sensors, of services and of security requirements began to show that current Internet is becoming itself a bottleneck.
The follow-up of Nets, Netse 5 proposes a clean-state approach to properly meet new requirements in security, privacy and economic sustainability.
A so-called Supervisor and Security Module (not shown for clarity reason in Fig. 2) is embedded in each Cognitive Manager supervising the whole Cognitive Manager and,
at the same time, assuring the overall security of the Cognitive Manager itself (e g.,, including end-to-end encryption, Authentication, Authorization and Accounting (AAA) at user and device level, Service Security, Intrusion Detection, etc..
Another key role of this module is to dynamically decide, consistently with the application protocols,
Low latency, low jitter, bandwidth, addressing, delivery guarantee, management, mobility, Qos and security. The changing needs of the entities may vary depending on the context of the entities in communication,
OVM (Ontology for Vulnerability Management) to support security needs 35; Netqosont (Network Qos Ontology) to meet the needs of service quality 27;
and studies concerning the unique identification of the entities and the formalization of security mechanisms for the Entity Title Model.
IEEE/IFIP New Technologies, Mobility and Security Conference (2009) 24 Pereira, J. H. S.,Kofuji, S. T.,Rosa, P. F.:
IEEE/IFIP New Technologies, Mobility and Security Conference (2009) 25 Pereira, J.,Sato, L.,Rosa, P.,Kofuji, S.:
An Ontological Approach to Computer system Security. Information security Journal: A Global Perspective (2010) 36 Wong, W.:
6) The investigation of (European) regulation for e-services markets and security regulations;(7) The investigation of the physical environment of e-services in terms of availability, worldwide vs. highly focused (cities),
since detailed and specific security demands, electronic identities, or Quality-of-Experience (Qoe) will outline societal requirements to be met by technological support means,
and has some security benefit. As a counterexample, IPV6 deployment has a cost to the end host to support the dual stack,
But for some protocols the wider scenario requires extra critical functionality for example, security features, if the initial scenario is trusted within a domain.
and quantifying security risks in organizations. The situations analyzed by the aforementioned methodologies are associated often with certain kinds of tussles.
and politicians as well as security and trust experts. 4 Survey of Work on Social and Economic Tussles as Highlighted in FP7 Projects In this section, SESERV looks at specific projects in the FP7 Future Networks project portfolio,
but no mechanism has been suggested to deal with this security problem and the fears that it raises among end-users.
Security and Trust Part III: Future Internet Foundations: Security and Trust 163 Introduction If you are asking for the major guiding principles of Future Internet technology and applications,
the answer is likely to include sharing and collaboration. Cloud computing, for instance, is built on shared resources and computing environments,
it also raises security and privacy concerns and introduces additional protection needs. The Future Internet is characterized by deliberate exposure of precious information
The challenge is to design security and trust solutions that scale to Future Internet complexity and keep the information and resource owner in control, balancing potentially conflicting requirements while still supporting flexibility and adaptation.
as well as providing assurance about security properties of exposed services and information. 164 Part III: Future Internet Foundations:
Security and Trust The chapters presented in the Security and Trust section of this volume look at the challenges mentioned above from three different angles.
which address potential security issues from the beginning, but also imply the need for novel solutions like integrity and availability.
The chapter, Security Design for an Inter-domain Publish/Subscribe Architecture by K. Visala et al. looks into security implications of a data-centric approach for the Future Internet,
The authors introduce a security architecture based on self-certifying name schemes and scoping that ensure the availability of data
It is a good example of how clean-slate approaches to the Future Internet can support security needs by design,
The second group of chapters investigates the provision of assurance of the security properties of services and infrastructures in the future Internet.
The provision of evidence and a systematic approach to ensure that best security practices are applied in the design
Such a discipline is required to particularly emphasize multilateral security requirements, the composability of secure services,
The authors propose security support in programming and execution environments for services, and suggest using rigorous models through all phases of the SDLC, from requirements engineering to model-based penetration testing.
Their considerations lead to the identification of Future Internet specific security engineering research strands. One of the major ingredients of this program, the provision of security assurance through formal validation of security properties of services, is investigated in detail in the chapter‘Towards Formal Validation of Trust and Security in the Internet of Services by R
. Carbone et al. They introduce a language to specify the security aspects of services and a validation platform based on model-checking.
A number of distinguished features ensure the feasibility of the approach to Future Internet scenarios and the scalability to its complexity:
The two chapters demonstrate the way towards rigorous security and trust assurance in the future Internet addressing one of the major obstacles preventing businesses
Security and Trust 165 chapters looks into specific instances of the information sharing and collaboration principle and introduces novel means to establish their security.
The chapter Trustworthy Clouds underpinning the Future Internet of R. Glott et al. discusses latest trends in cloud computing and related security issues.
but also faces new security risks, from the breach of separation between tenants to the compliance challenge in case of distribution over different regulatory domains.
and provide an outlook to their mitigation, embedded in a systematic security risk management process. In cloud computing,
With the three groups of chapters, this section of the book provides directions on how security
The Author (s). This article is published with open access at Springerlink. com. Security Design for an Inter-Domain Publish/Subscribe Architecture Kari Visala1, Dmitrij Lagutin1,
In this paper we present a security design through the network stack for a data-centric pub/sub architecture that achieves availability, information integrity,
and allows application-specific security policies while remaining scalable. We analyse the solution and examine the minimal trust assumptions between the stakeholders in the system to guarantee the security properties advertised.
Keywords: Future Internet, publish/subscribe networking, network security 1 Introduction Data-centric pub/sub as a communication abstraction 2, 3,
and the security design presented here covers all these as a whole. In this paper we refine and extend our work in 5
and S. Tarkoma support many types of application-specific security policies. Some of the techniques used in our architecture
Our security goals concur with 1 except that confidentiality and privacy are expected to be handled on top of the network layer
The security goals are: Availability, which means that the attackers cannot prevent communication between a legitimate publisher and a subscriber inside a trusted scope.
Application-specific security policies, which mean that the architecture can cater for the specialized security policies of different types of applications
while partially same resources can be shared by them. In addition to aforementioned goals, the solution is restricted by the requirements of scalability and efficiency.
The Security Design for an Inter-Domain Publish/Subscribe Architecture 169 scope must be trusted by the communicating nodes to function as promised and much of the security of our architecture is based on this assumption as we explain in 5. Scopes are identified with a special type
Here the security model only guarantees the integrity of the association between an identifier and its content.
but they are assumed not to have a long life-time as the security mechanism is coupled with the identifier.
Security Design for an Inter-Domain Publish/Subscribe Architecture 171 Fig. 1. Publications can refer to other publications persistently using long-term Aids.
in order to keep the publica Security Design for an Inter-Domain Publish/Subscribe Architecture 173 tion data or pending subscription alive.
We refer to our work in 5 for a detailed description of the rendezvous security mechanisms.
Thus we claim that the deployment of new transport functionality in the network to be run at branching points of graphlets can be done scalably. 5 Related Work This section covers related work for publish/subscribe systems and network layer security solutions.
Security issues of the content-based pub/sub system have been explored in 7. The work proposes secure event types
Security Design for an Inter-Domain Publish/Subscribe Architecture 175 5. 1 Security Mechanisms Most of existing network layer security proposals utilize hash chains
Accountable Internet Protocol (AIP) 11 aims to improve security by providing accountability on the network layer.
Security issues and requirements for Internet-scale publish-subscribe systems. In: HICSS'02, Hawaii, USA (2002) 2. Visala, K.,Lagutin, D.,Tarkoma, S.:
Roles and Security in a Publish/Subscribe Network architecture. In: ISCC'10, Riccione, Italy (2010) 6. Clark, D.,Wroclawski, J.,Sollins, K.,Braden, R.:
of service engineering and security engineering. Generic solutions that ignore the characteristics of Future Internet services will fail,
in order to jointly enable the security and trustworthiness of Future Internet services. 1 Introduction 1. 1 Future Internet Services The concept named Future Internet (FI) aggregates many facets
and security breaches in these services may lead to large financial loss and damaged reputation. 1. 3 Research Focus on Developing Secure FI Services Our focus is on the creation and correct execution of a set of methodologies, processes and tools for secure software development.
in order to link security concerns with business needs and thus supporting a business case for security matters.
1) security requirements for FI services,(2) creating secure service architectures and secure service design,
and compose-able services,(4) enabling security assurance, integrating the former results in (5) a risk-aware and cost-aware software development life-cycle (SDLC),
Both the security assurance programme and the programme on Risk and Cost aware SDLC will interact with each of the initial three activities,
and techniques that we consider useful for engineering secure Future internet services. 2 Security Requirements Engineering The main focus of this research strand is to enable the modeling of high-level requirements that can be expressed in terms of
The need for assurance in the future Internet demands a set of novel engineering methodologies to guarantee secure system behavior and provide credible evidence that the identified security requirements have been met from the point of view of all stakeholders.
The security requirements of Future Internet applications will differ considerably from those of traditional applications.
and each one will have his own security requirements. Hence, eliciting, reconciling, and modeling all the stakeholders'security requirements become a major challenge 5. Multilateral Security Requirements Analysis techniques have been advocated in the state of the art 14
but substantial research is needed still. In this respect, agent-oriented and goal-oriented approaches such as Secure Tropos 12 and KAOS 8 are recognized currently well as means to explicitly take the stakeholders'perspective into account.
Furthermore, it is important that security requirements are addressed from a higher level perspective, e g.,, in terms of the actors'relationships with each other.
Unfortunately, most current requirements engineering approaches consider security only at the technological level. In other words current approaches provide modeling and reasoning support for encryption, authentication, access control, non-repudiation and similar requirements.
Such deployments inherit security risks from the classical Internet and, at the same time create new and more complex security challenges.
Examples include illicit tracking of RFID tags (privacy violation) and cloning of data on RFID tags (identity theft).
The definition of techniques for the identification of all stakeholders (including attackers), the elicitation of high-level security goals for all stakeholders,
and the identification and resolution of conflicts among different stakeholder security goals; The refinement of security goals into more detailed security requirements for specific services and devices;
The identification and resolution of conflicts between security requirements and other requirements (functional and other quality requirements;
The transformation of a consolidated set of security requirements into security specifications. The four objectives listed above obviously remain generic by nature,
one should bear in mind though that the forthcoming techniques and results will be applied to a versatile set of services,
so security enforcement mechanisms are indispensable. The design phase of the software service and/or system is a timely moment to enforce
and reason about these security mechanisms, since by that phase one must have grasped already a thorough understanding of the application domain
The security architecture for the system must enforce the visible security properties of components and the relationships between them.
assess and reason about security mechanisms at an early phase in the software development cycle. The research topics one must focus on in this subarea relate to model-driven architecture and security, the compositionality of design models and the study of design patterns for FI services and applications.
The three share the common ambition to maximize reuse and automation while designing secure FI services and systems.
So, it would be possible to specify a first high-level model with some high-level security policies.
which the security policies become more detailed, closer to the enforcement mechanisms that will fulfil them.
The integration of security aspects into this paradigm is called the so modeldriven security 6, leading to a design for assurance methodology in
which every step of the design process is performed taking security as a primary goal. A way of carrying out this integration includes first decomposing security concerns,
so that the application architecture and its security architecture is decoupled. This makes possible for architects to assess more easily tradeoffs among different security mechanisms,
simulate security policies and test security protocols before the implementation phase, where changes are typically far more expensive.
In order to achieve this, it is needed first to convert the security requirements models into a security architecture by means of automatic model transformations.
These transformations are interesting since whilst requirements belong to the problem-domain, the architecture and design models are within the solution-domain,
so there is an important gap to address. In the context of security modeling, it is extremely relevant to incept ways to model usage control (e g.,
, see 21,22, 18), which encompasses traditional access control, trust management and digital rights management and goes beyond these building blocks in terms of definition and scope.
further research is necessary to find out what kind of security architecture is required in the context and how to carry out the decomposition of such fairly novel architectures.
Until this point in the software and service development process, different concerns security among them of the whole application have been separated into different models,
each addressing different concerns even different security sub-architectures for different security requirements it is required to assure that the composition of all these architectures is accomplished
There are large catalogues and surveys on security patterns available 26,13, but the FI applications yet to come
both from a general perspective and from a security perspective for security-critical software systems. 4 Security Support in Programming Environments Security Support in Programming Environments is not new;
The search for security support in programming environments has to take this context in account.
The requirements and architectural blueprints that will be produced in earlier stages of the software engineering process cannot deliver the expected security value
unless the programs (code) respect these security artefacts that have been produced in the preceding stages. This sets the stage for model driven security in which transformations of architecture and design artefacts is essential,
as well as the verification of code compliance with various 184 W. Joosen et al. properties. Some of these properties have been embedded in the security specific elements of the software design;
other may simply be high priority security requirements that have articulated such as the appropriate treatment of concurrency control and the avoidance of race conditions in the code,
as a typical FI service in the cloud may be deployed with extreme concurrency in mind. Supporting security requirements in the programming code level requires a comprehensive approach.
The service creation means must be improved and extended to deal with security needs. Service creation means both aggregating
and composing services from preexisting building blocks (services and more traditional components), as well as programming new services from scratch using a state-of-the-art programming language.
One could argue that security support for service creation must focus on and enable better static verification.
and building blocks that facilitate effective security enforcement at run-time. Dependent on the needs and the state-of-the-art this may lead to interception and enforcement techniques that simply ensure that the application logic consistently interacts with underpinning security mechanisms such as authentication or audit services.
Otherwise, the provisioning of the underpinning security mechanisms and services (e g. supporting mutual non repudiation, attribute based authorization in a cloud platform etc.)
will be required as well for many of the typical FI service environments. Next we further elaborate on the needs
and hosted by various organizations and providers), each with its own security characteristics. The business compositions are very dynamic in nature,
including their security policies, and tools to generate code for service compositions that are able to fulfil these requirements based on the available services.
composition languages must support means to preserve at least the security policy of those services being composed. The research community needs to consider the cases where only partial
Secure Service Programming Many security vulnerabilities arise from programming errors that allow an exploit. Future Internet will further reinforce the prominence of highly distributed and concurrent applications,
making it important to develop methodologies that ensure that no security hole arises from implementations that exploit the computational infrastructure of the Future Internet.
and revisit methods from language-based security, in particular type systems, to enforce best-practises currently used
while still maintaining security. 4. 3 Platform Support for Security Enforcement Future Internet applications span multiple trust domains,
and the hybrid aggregation of content and functionality from different trust domains requires complex cross-domain security policies to be enforced,
In effect, the security enforcement techniques that are triggered by built-in security services and by realistic in the FI setting,
and on the enforcement of fine-grained security policies via execution monitoring. 186 W. Joosen et al. Secure Cross-Domain Interactions.
and from a security perspective, the SOP is not strong enough to achieve the appropriate application isolation.
Trustworthy applications need run-time execution monitors that can provably enforce advanced security policies 19,3 including fined-grained access control policies usage control policies
Supporting Security Assurance for FI Services. Assurance will play a central role in the development of software based services to provide confidence about the desired security level.
Assurance must be treated in a holistic manner as an integral constituent of the development process
and artefacts satisfy their functional and security requirements and constraints. Obviously the security support in programming environments that must be delivered will be essential to incept a transverse methodology that enables to manage assurance throughout the software and service development life cycle (SDLC.
The next section clarifies these issues. 5 Embedding Security Assurance and Risk management during SDLC Engineering secure Future Internet services demands for at least two traversal issues,
security assurance and risk and cost management during SDLC. 5. 1 Security Assurance The main objective is to enable assurance in the development of software based services to ensure confidence about their trustworthiness.
Our core goal is to incept a transverse methodology that enables to manage assurance throughout the software development life cycle (SDLC.
Early detection of security failures in Future Internet applications reduces development costs and improves assurance in the final system.
and applying assurance methods and techniques for early security verification. These methods are applied to abstract models that are developed from requirements to detailed designs.
One main area of research is stepwise refinement of security by developing refinement strategies, from policies down to mechanisms, for more complex Engineering Secure Future Internet Services 187 secure protocols, services, and systems.
where functional and security-related design aspects can be refined independently. Model composition must preserve the refinement relation and component properties.
Our aim is to offer developers support for smoothly integrating security aspects into the system development process at any step of the development.
when possible, automated) reasoning about the security policies models. The methodologies must be supported by automatic protocol verification tools,
but also the ability to deal with more complex primitives and security properties. Moreover, the Dolev-Yao attacker model 9 used by these tools needs to be extended to include new attack possibilities such as adaptive corruptions
Security Assurance in Implementation. Several assurance techniques are available to ensure the security at the level of an implementation.
Security policies can be implemented correctly by construction through a rigorous secure programming discipline. Internet applications can be validated through testing.
In that case, it is possible to develop test data generation that specifically targets the integration of services
Moreover, implementations can be monitored at run-time to ensure that they satisfy the required security properties.
automated generation in XML-based input data to maximize the efficiency in the security testing process,
Security concerns are specified at the business-level but have to be implemented in complex distributed and adaptable systems of FI services.
in order to guarantee that security concerns are taken correctly into account through the whole SDLC. A chain of techniques and tools crossing the above areas is planned.
Security Metrics. Measurements are essential for objective analysis of security systems. Metrics can be used directly for computing risks (e g.,
Security metrics in the future Internet applications become increasingly important. Service-oriented architectures demand for assurance indicators that can explicitly indicate the quality of protection of a service,
when implementing security measures during various stages of the SDLC. We can envision several aspects of this kind of SDLC support (see also 4). Process:
evolving security requirements, etc.,both during system development and operation. Based on the modular approach to risk and cost analysis one needs methods to manage the dynamics of risks.
The methodology of this strand spans the orthogonal activities of security requirement engineering, secure architecture and design,
During security requirements engineering risk analysis facilitates the identification of relevant requirements. Furthermore, methods for risk and cost analysis offer support for the prioritization and selection among requirements through e g. the evaluation of trade-off between alternatives or the impact of priority changes on the overall level of risks and cost.
In the identification of security mechanisms intended to fulfil the security requirements risk and cost analysis can be utilized in selecting the most cost efficient mechanisms.
The following architecture and design phase incorporates the security requirements into the system design. The risk and cost models resulting from the previous development phase can at this point be refined
Such cost metrics may also be used in combination with security metrics for the optimization of the balance between risk and cost.
and in supporting the identification of means for risk mitigation based on security metrics. 190 W. Joosen et al. 6 Conclusion We have advocated in this paper the need
and the opportunity for firmly establishing a discipline for engineering secure Future Internet Services, typically based on research in the areas of software engineering, security engineering and of service engineering.
Composing security policies with polymer. SIGPLAN Not. 40,305 314 (2005) 4. Braber, F.,Hogganvik, I.,Lund, M. S.,Stølen, K.,Vraalsen, F.:
Model-based security analysis in seven steps a guided tour to the coras method. BT Technology Journal 25,101 117 (2007) 5. Bresciani, P.,Perini, A.,Giorgini, P.,Giunchiglia, F.,Mylopoulos, J.:
Model-driven security in practice: An industrial experience. In: Schieferdecker, I.,Hartman, A. eds. ECMDAFA 2008.
and analysis of security protocols. In: Gupta, A.,Malik, S. eds. CAV 2008. LNCS, vol. 5123, pp. 414 418.
On the security of public key protocols. In: Proceedings of the 22nd Annual Symposium on Foundations of Computer science, WASHINGTON DC, USA, pp. 350 357.
Proceedings of the 2000 IEEE Symposium on Security and Privacy, WASHINGTON DC, USA, pp. 246 255.
Modelling security and trust with secure tropos. In: Integrating Security and Software engineering: Advances and Future Vision, IDEA (2006) 13.
Group, O.:Security design pattern technical guide, http://www. opengroup. org/security/gsp. htm 14.
G urses, S f.,Berendt, B.,Santen, T.:Multilateral security requirements analysis for preserving privacy in ubiquitous environments.
In: Proc. of the Workshop on Ubiquitous Knowledge discovery for Users at ECML/PKDD, pp. 51 64 (2006) 15.
Extracting relations among security patterns. In: SPAQU'08 (Int. Workshop on Software Patterns and Quality)( 2008) 18.
Security services architecture for secure mobile grid systems. Journal of Systems Architecture. In Press (2010) 24.
Language-based information-flow security. IEEE Journal on Selected Areas in Communications 21 (1), 2003 (2003) 25.
A survey on security patterns. Progress in Informatics 5, 35 47 (2008) Towards Formal Validation of Trust and Security in the Internet of Services Roberto Carbone1, Marius Minea2, Sebastian Alexander M odersheim3
, Serena Elisa Ponta4, 5, Mathieu Turuani6, and Luca Vigan`o7 1 Security & Trust Unit, FBK, Trento, Italy 2 Institute e-Austria, Timi¸soara, Romania 3 DTU, Lyngby
, Denmark 4 SAP Research, Mougins, France 5 DIST, Universit`a di Genova, Italy 6 LORIA & INRIA Nancy Grand Est, France 7
and security impact of an option, a minor change, a combination of functionalities, etc.,due to the subtle and unforeseeable situations and behaviors that can arise from this panoply of choices.
The formal verification of trust and security of the Internet of Services will significantly boost its development
techniques and tools are provided to ensure security. Deploying services in future network infrastructures entails a wide range of trust and security issues
but solving them is extremely hard since making the service components trustworthy is not sufficient:
and associated exploits that are already plaguing complex web-based security-sensitive applications, and thus severely affect the development of the future internet.
Moreover, security validation should be carried out at all phases of the service development process, in particular during the design phase by the service designers themselves or by security analysts that support them in their complex tasks,
so as to prevent the production and consumption of already flawed services. Fortunately, a new generation of analyzers for automated security validation at design time has been recently put forth;
this is important not just for the results these analyzers provide, but also because they represent a stepping stone for the development of similar tools for validation at service provision and consumption time,
thereby significantly improving the all-round security of the Ios. In this chapter, we give a brief overview of the main scientific and industrial challenges for such verification tools,
the AVANTSSAR Validation Platform (or AVANTSSAR Platform for short) is integrated an toolset that has been developed in the context of the AVANTSSAR project (www. avantssar. eu, 4) for the formal specification and automated validation of trust and security of service
and service infrastructures, enhance their security and robustness, and thus increase the development and public acceptance of the Ios. We proceed as follows.
some of the main features of specification languages and automated validation techniques that have been developed for the verification of trust and security of services.
and reasoning about trust and security of SOAS is complex due to three main characteristics of service orientation.
Towards Formal Validation of Trust and Security in the Internet of Services 195 Second, SOAS are also distributed systems,
SOAS and their security requirements are continuously evolving: services may be composed at runtime, agents may join or leave,
and client credentials are affected by dynamic changes in security policies (e g.,, for incidents or emergencies. Hence, security policies must be regarded as part of the service specification
and as first-class objects exchanged and processed by services. The security properties of SOAS are,
moreover, very diverse. The classical data security requirements include confidentiality and authentication/integrity of the communicated data.
Various languages have been proposed to model trust and security of SOAS, e g.,, BPEL 24, p calculus 19, F#5, to name a few.
One needs a language fully dedicated to specifying trust and security aspects of services, their composition,
++which we have defined to be close to specification languages for security protocols/services and to procedural and object-oriented programming languages.
they can be used to describe service workflows and steps in security protocols. For instance, an employee (Alice) changing group membership at the command of her manager (Peter) can be formalized as:
Finally, we need to model the security properties. While this can be done by using different languages,
we may require a separation of duty property, namely that for privacy Towards Formal Validation of Trust and Security in the Internet of Services 197 purposes,
Rather, novel and different validation techniques are required to automatically reason about services, their composition, their required security properties and associated policies.
and the heterogeneous security contexts is to integrate different technologies into a single analysis tool,
and implement a variety of e-business scenarios possibly bound to complex security policies. When security constraints are to be respected,
it can be very complex to discover or even to describe composition scenarios. This motivates the introduction of automated solutions to scalable services composition.
and our main motivation is to take into account the security policies while computing an orchestration. The AVANTSSAR Platform, for example, implements an idea presented in 11 to automatically generate a mediator.
and is constructed with respect to security goals using the techniques we developed for the verification of security protocols. 3. 2 Model Checking of SOAS Model checking 13 is a powerful and automatic technique for verifying concurrent systems.
and, more recently, important results have been obtained for the analysis of security protocols. In the context of SOAS, a model-checking problem is the problem of determining
whether a given model representing the execution of the service under scrutiny in a hostile environment enjoys the security properties specified by a given formula.
these security properties can be complex, requiring an expressive logic. Most model-checking techniques in this context make a number of simplifying assumptions on the service
Yet we might be interested in establishing the security of a service that relies on a less insecure channel.
In fact, services often rely on transport protocols enjoying some given security properties (e g. TLS is used often as a unilateral or a bilateral communication authentic and/or confidential channel
thus important to develop model-checking techniques that support reasoning about communication channels enjoying security-relevant properties, such as authenticity, confidentiality, and resilience.
by supporting reasoning about LTL formulae, allows one to reason about complex trace-based security properties.
In particular, the AVANTSSAR Platform integrates a bounded model-checking technique for SOAS 1 that allows one to express complex security goals that services are expected to meet as well as assumptions on the security offered by the communication channels. 3. 3 Channels
It is, Towards Formal Validation of Trust and Security in the Internet of Services 199 of course,
and security requirements of a goal service and a description of the available services (including a specification of their security-relevant behavior,
in order to build an orchestration of the available services that meets the security requirements stated in the policy.
and a security goal formally specified in ASLAN, and automatically checks whether the orchestration meets the security goal.
If this is the case, then the ASLAN specification of the validated orchestration is given as output,
Towards Formal Validation of Trust and Security in the Internet of Services 201 Vulnerability: Policy:
Trust and Security CS: Composed Service CP: Composed Policy S: Service insecure P Policy Composed service/policy CP CS Secured service/policy TS Wrapper CS CP secure Services feedback BPMN
and Industry Migration The landscape of services that require validation of their security is very broad.
and the security mechanisms that implement them independently of their use in particular workflows. There is thus a clear advantage in having a language allowing the specification of policies via clauses (e g.,
Classes of properties that have been verified include authorization policies, accountability, trust management, workflow security, federation and privacy.
the OASIS SAML security standard is written in natural language that is often subject to interpretation. Since the many configuration options, profiles, protocols, bindings, exceptions,
it is hard to establish which message fields are mandatory in a given Towards Formal Validation of Trust and Security in the Internet of Services 203 profile and
to perform the same security-critical operations as the legitimate token user. Formal validation of trust and security will become a reality in the Internet of Services
only if and when the available technologies will have migrated to industry, as well as to standardization bodies (which are driven mostly by industry 204 R. Carbone et al
First, in the trail of the successful analysis of Google's SAML-based SSO, an internal project has been run to migrate AVANTSSAR results within SAP Netweaver Security
and identity provider services fulfill the expected security desiderata in the considered SAP relevant scenarios.
For instance, the authentication flaw in the SAML standard helped SAP business units to get major insights in the SAML standard than the security considerations described in Towards Formal Validation of Trust
and Security in the Internet of Services 205 there and helped SAP Research to better understand the vulnerability itself
The AVANTSSAR technology has been integrated also into the SAP Net-Weaver Business Process Management (NW BPM) product to formally validate security-critical aspects of business processes.
and development of a security validation plug-in that enables a business process modeler to easily specify the security goals one wishes to validate such as least privilege
A scalability study has also been conducted on a loan origination process case study with a few security goals
as it allows for validating all the potential execution paths of the BP under-design against the expected security desiderata.
In particular, the migration activity succeeded in overcoming obstacles for the adoption of model-checking techniques to validate security desiderata in industry systems by providing an automatic generation of the formal model on
as well as highlighting the model-checking results as a comprehensive feedback to a business analyst who is neither a model-checking practitioner nor a security expert.
the security validation plug-in is listed currently in the productization road-map of SAP products for business process management. 6 Conclusions
and security of the Ios. The research innovation put forth by AVANTSSAR aims at ensuring global security of dynamically composed services
Together, all these research efforts will result in a new generation of tools for automated security validation at design time
These advances will significantly improve the all-round security of the Ios, and thus boost its development and public acceptance.
LTL Model Checking for Security Protocols. Journal of Applied Non-classical logics, special issue on Logic and Information security, 403 429 (2009) 2. Armando, A.,Carbone, R.,Compagna, L.,Cu'ellar, J.,Pellegrino
Proceedings of the 6th ACM Workshop on Formal Methods in Security Engineering (FMSE 2008), pp. 1 10.
Automated Validation of Trust and Security of Service-Oriented Architectures. FP7-ICT-2007-1, Project No. 216471, http://www. avantssar. eu, 01.01.2008 31.12.2010 5. Bhargavan, K.,Fournet, C.,Gordon, A d.:
Verified Reference Implementations of WS-Security Protocols. In: Bravetti, M.,N'u nez, M.,Zavattaro, G. eds.
A security tool for web services. In: de Boer, F. S.,Bonsangue, M m.,, Graf, S.,de Roever, W.-P. eds.
Static validation of security protocols. Journal of Computer security 13 (3), 347 390 (2005) 9. Boichut, Y.,H'eam, P.-C.,Kouchnarenko, O.:
Automatic Composition of Services with Security policies. In: Proceedings ofweb Service Composition and Adaptation Workshop (held in conjunction with SCC/SERVICES-2008), pp. 529 537.
Safely composing security protocols. Formal Methods in System Design 34 (1), 1 36 (2009) 16.
Proceedings of the 19th MFPS, ENTCS 83, Elsevier, Amsterdam (2004) Towards Formal Validation of Trust and Security in the Internet of Services 207 17.
On the Security of Public-Key Protocols. IEEE Transactions on Information theory 2 (29)( 1983) 18.
Abstraction by Set-Membership Verifying Security Protocols and Web Services with Databases. In: Proceedings of 17th ACM conference on Computer and Communications security (CCS 2010), pp. 351 360.
The Open-source Fixed-Point Model Checker for Symbolic Analysis of Security Protocols. In: Aldini, A.,Barthe, G.,Gorrieri, R. eds.
The Transport Layer Security (TLS) Protocol, Version 1. 2. IETF RFC 5246 (Aug. 2008) 27.
This article introduces upcoming security challenges for cloud services such as multi-tenancy, transparency and establishing trust into correct operation,
and security interoperability. For each of these challenges, we introduce existing concepts to mitigate these risks
and security architectures and mechanisms. 4 For which the Internet pioneer Vint Cerf has suggested recently the term Intercloud J. Domingue et al.
Trust and security are regarded often as an afterthought in this context, but they may ultimately present major inhibitors for the cloud-of-clouds vision.
and discuss the complex trust and security requirements. Furthermore, we survey existing components to overcome these security and privacy risks.
We will explain the state-of-the-art in addressing these requirements and give an overview of related ongoing international,
and Security Limitations of Global Cloud Infrastructures 2. 1 Cloud Security Offerings Today According to the analyst enterprise Forrester research and their study Security and the Cloud 17 the cloud security market is expected to grow to 1
1. securing commercial clouds to meet the requirements of specific market segments 2. bespoke highly secure private clouds 3. a new range of providers offering cloud security services to add external security to public clouds
Other cloud providers also adapt basic service security to the needs of specific markets and communities.
This allows tailor made solutions to specific security concerns-in particular in view of the needs of larger customers.
In the same way, the base security of Microsoft public cloud services is adapted to the targeted market.
even though they offer only limited base security and largely transfer responsibility for security to the customer.
Therefore in parallel to the differentiated security offerings via bespoke private or community clouds, there is also a growing complementary service market to enable enhanced security for public clouds.
Here a prime target is the small to mid-size enterprise market. Examples for supplementary services are threat surveillance (e g.
For the security objectives when adopting clouds for hosting critical systems we believe that today's datacenters are the benchmark for new cloud deployments.
For security this argument leads to two requirements for cloud adoption by enterprises: The first is that with respect to security and trust,
new solutions such as the cloud or cloud-of-clouds will be compared and benchmarked against existing solutions such as enterprise or outsourced datacenters.
We will use these requirements in our subsequent arguments. 3 New Security and Privacy Risks and Emerging Security Controls Cloud computing being a novel technology introduces new security risks 7 that need to be mitigated.
As a consequence cautious monitoring and management of security risks 13 is essential (see Figure 1 for a sketch following 12.
We now survey selected security and privacy risks where importance has been increased by the cloud and identify potential security controls for mitigating those risks. 1. Survey of Risks 2. Design of Controls 3. Implement. of Controls 4. Monitoring of Effectiveness Fig. 1. Simplified Process for Managing
Security Risks 12) Trustworthy Clouds Underpinning the Future Internet 213 3. 1 Isolation Breach between Multiple Customers Cloud environments aim at efficiencies of scale by increased
sharing resources between multiple customers. As a consequence, data leakage and service disruptions gain importance and may propagate through such shared resources.
An important requirement is that data cannot leak between customers and that malfunction or misbehavior by one customer must not lead to violations of the service-level agreement of other customers.
and moderate all undesired information flows 19.214 R. Glott et al. 3. 2 Insider Attacks by Cloud Administrators A second important security risk is the accidental
since security controls need to strike a balance between the power needed to administrate and the security of the administrated systems.
A practical approach to minimize this risk is to adhere to a least-privilege approach for designing cloud management systems.
Due to the corresponding logging, the security auditors can later determine which employee has held what privileges at any given point in time.
security incidents are largely invisible to a customer: Data corruption may not be detected for a long time. Data leakage by skilled insiders is unlikely to be detected.
the right to correction and deletion as well as the necessity of reasonable security safeguards for the collected data.
Transparency, technical and organizational security safeguards and contractual commitments (e g.,, Service Level Agreements, Binding Corporate Rules.
which security measures are deployed. Therefore, the utmost transparency Trustworthy Clouds Underpinning the Future Internet 217 regarding the processes within the cloud is required to enable the user to carry out his legal obligations.
Also, the cloud service provider could prove to have an appropriate level of security measurements by undergoing acknowledged auditing
Security Integration and Transparency. The third challenge is to allow customers to continue operating a secure environment.
This means that security infrastructure and systems within the cloud such as intrusion detection event handling and logging, virus scans,
and access control need to be integrated into an overall security landscape for each individual customers. Depending on the type of systems,
but may also require security technology within the cloud. One example is intrusion detection: In order to allow customers to'see'intrusions on the network within the cloud and correlate these intrusions with patterns in the corporate network,
From a security perspective, this will raise new challenges. Customers need to provide a consistent security state over multiple clouds
and provide means to securely fail-over across multiple clouds. Similarly, services will be composed from underlying services from other clouds.
As such, it can rely on security and privacy mechanisms that were developed for service-oriented architectures and outsourcing.
We surveyed security risks that gain importance in this setting and surveyed potential solutions. Today, demand for cloud security has increased
but the offered security is limited still. We expect this to change and clouds with stronger security guarantees will appear in the market.
Initially they will focus on security mechanisms like isolation, confidentiality through encryption, and data integrity through authentication.
However, we expect that they will then move on to the harder problems such as providing verifiable transparency,
to integrate with security management systems of the customers, and to limit the risks imposed by misbehaving cloud providers and their employees.
Acknowledgments. We thank Ninja Marnau and Eva Schlehahn from the Independent Centre for Privacy Protection Schleswig-Holstein for substantial and very helpful input to our chapter on privacy risks.
Virtualizing networking and security in the cloud. SIGOPS Oper. Syst. Rev. 44,86 94 (2010), doi:
Towards automated security policy enforcement in multi-tenant virtual data centers. J. Comput. Secur. 18,89 121 (2010) 220 R. Glott et al. 5. Chien, E.:
ACM Workshop on Cloud computing Security (CCSW'09), pp. 85 90. ACM Press, New york (2009) 7. Cloud Security Alliance (CSA:
Top threats to cloud computing, version 1. 0. March 2010), http://www. cloudsecurityalliance. org/topthreats/csathreats. v1. 0. pdf 8. Computer and Communication
Proceedings of the 2010 ACM workshop on Cloud computing security workshop, Chicago, Illinois, USA. CCSW'10, pp. 77 86.
Security and the cloud: Looking at the opportunity beyond the obstacle. Forrester research (October 2010) 18.
Cloud computing and security. Lecture Univ. Stuttgart (November 2009) 26. Weichert, T.:Cloud computing und Datenschutz (2009), http://www. datenschutzzentrum. de/cloud-computing/Data Usage Control in the future Internet Cloud Michele Bezzi and Slim Trabelsi SAP Labs
On top of this a wide variety of applications has different requirements with regard to quality, reliability and security from the underlying networks.
The control and verification of service level agreements (SLAS) between domains as well as inter-domain security have to be addressed in federated testbeds as well as in the real Internet.
and data exchange among providers (e g. 8). Intrusion detection systems can increase situation awareness (and with this overall security) by sharing information.
Applications, Security, Safety, and Architectures. IEEE Communications Surveys 2 (1)( 1999), http://www. comsoc. org/pubs/surveys/1q99issue/psounis. html 17.
Trust Management and Security, privacy and data protection mechanisms of distributed data. An addressing scheme, where identity and location are embedded not in the same address.
Support of security, reliability, robustness, mobility, context, service support, orchestration and management for both the communication resources and the services'resources.
even greater challenges appear, with many concerns relevant to privacy, security and governance and with a diversity of issues related to Internet's effectiveness and inclusive character.
security and data protection with transparent and democratic governance and control of offered services as guiding principles (10,11). 1. 1 Autonomicity
Dependability and security; scalability; services (i e.:cost, service-driven configuration, simplified services composition over heterogeneous networks, large scale and dynamic multi-service coexistence, exposable service offerings/catalogues;
In addition, security risks currently present in network environments request for immediate attention. This could be achieved by building trustworthy network environments to assure security levels
and manage threats in interoperable frameworks for autonomous monitoring. 1. 2 The Vision of a Modern Self-Managing Network The future vision is that of a self-managing network
whose nodes/devices are designed in such a way that all the so-called traditional network management functions, defined by the FCAPS management framework (Fault, Configuration, Accounting, Performance and Security) 14,
security, reliability and Enhanced Network Self-Manageability in the Scope of Future Internet Development 283 robustness.
service levels and application management, security, ongoing maintenance, troubleshooting, planning, and other tasks ideally all coordinated and supervised by an experienced and reliable entity (known as the network administrator).
In this context, we argue that the performance, control, security and manageability issues, considered as non-priority features in the 70s 3 should be addressed now 6. In this chapter,
and Qos, including manageable security services. A new layered architecture for the Control and Management Plane that allows dynamic services composition
The proposed architecture also addresses two major security aspects: secure operation of the VI provisioning process,
and provisioning dynamic security services, to address challenge#5. Fig. 1 shows the reference model of our architecture as it has been modeled in the context of the GEYSERS project.
security, compute power and energy efficiency. In order to enable realistic and effective reasoning at provisioning and run time,
Management, Mobility, Qoe, Qos and Security. This ontology at the intermediate layers is represented in FINLAN by the Net-Ontology and the DL-Ontology (Data link) layers.
One application example is the encryption for security at the intermediate layer. In this example in the actual TCP IP protocols architecture, the layers 3 and 4 are not able to understand the security need in a context
and its complexities usually must be controlled by the Application layer. However, in FINLAN, the Application layer can inform semantically this security need to the Net-Ontology layer.
By this, the related complexities can be handled at the Net-Ontology layer level, instead of the Application layer level.
delivery guarantee, Qos, security and others. 2. 1 Collaboration to the Autoi Planes One of the Autonomic Internet project expectations is to support the needs of virtual infrastructure management to obtain self management
which can cover heterogeneous networks and services like mobility, reliability, security and Qos. The FINLAN project can contribute in its challenges,
Through the FINLAN Net-Ontology layer, requirements such as Qos and Security, can be requested to the network,
Security"/>owl: Individual><owl: Individual rdf: about="&entity; Multimediaconference"><rdf: type rdf: resource="&entity; Content"/>hasneedof rdf:
IEEE/IFIP New Technologies, Mobility and Security Conference (2009) 8 Pereira, J. H. S.,Kofuji, S. T.,Rosa, P. F.:
IEEE/IFIP New Technologies, Mobility and Security Conference (2009) 9 Pereira, J. H. S.,Kofuji, S. T.,Rosa, P. F.:
A large number of additional specifications such as WS-Addressing, WS-Messaging and WS-Security complement the stack of technologies.
The architecture also relies on autonomous systems to supply users with the necessary infrastructure and a security framework.
media caching, security, etc. Thus, the HB, which can be seen as the evolution of today's Home Gateway,
routing/forwarding and security. The goal of the Virtual CAN layer is to offer to higher layers enhanced connectivity services,
which together with the associated managers and the other elements of the ecosystem, offer content-and context-aware Quality of Service/Experience, adaptation, security,
allowing association with the correct CAN. 3. 2 Content-Aware Networks (CAN) The SPS may request the CANP to create multi-domain VCANS in order to benefit from different purposes (content-aware forwarding, Qos, security
Specialization of VCANS may exist (content-type aware), in terms of forwarding, Qos level of guarantees Qos granularity, content adaptation procedures, degree of security, etc.
and offer Qos specific treatment. 3. 3 CAN Layer Security The aim of the security subsystem within the CAN Layer is twofold:
a selection of three degrees of security, being: public traffic, secret content, and private communications.
In public traffic no security or privacy guarantees are enforced. Secret content addresses content confidentiality and authentication by applying common cryptographic techniques over the packets'payload.
The adopted strategy is to evaluate the required end-to-end security along all CAN domains and discretely apply the security mechanisms only where necessary to guarantee the required security level,
with respect to the security degree invoked. The evaluation algorithm considers the user flow characteristics CAN policies and present network conditions.
In order to attain the required flexibility, the related security architecture was designed according to the hop-by-hop model 7 on top of the MANES routers.
The second objective will pursue a content-aware approach that will be enforced by MANE routers over data in motion.
Such security enforcement will be done accordingly to policies and filtering rules obtained from the CANMGR. In turn, CANMGR will compute policies
and traffic filtering rules by executing security related algorithms over information gathered by the monitoring subsystem.
Content-aware security technologies typically perform deep content inspection of data traversing a security element placed in a specific point in the network.
MANE's related security functions are then to perform attacks'identification (e g. port-scan, IP spoofing,
security, and monitoring features, in cooperation with the other elements of the ecosystem. The chapter has indicated also the novel business opportunities that are created by the proposed Media-Ecosystem.
security and privacy as well as IPR protection; operation and research monitoring as well as experiment control; and the issue of defining
with to the aim of blending the fruition of the city's natural 442 H. Schaffers et al. and cultural heritage with safety and security in urban spaces.
and prioritisation of the cultural heritage in their city and also to an exploration of the privacy and security issues that are central to the acceptance and success of Future Internet services for the safety of urban environments.
The extensive use of ICT is also empowering the development of essential services for health, security, police and fire departments, governance and delivery of public services.
Specific information management policies should also be addressed to ensure the required level of security and privacy of information.
Public Safety and Security: sensor-activated video surveillance systems; locationaware enhanced security systems; estimation and risk prevention systems (e g. sensitivity to pollution, extreme summer heating.
as well as security, privacy, and trust 12 13. Cross-domain NG Iot platforms may foster the creation of new services taking advantage of the increasing levels of efficiency attained by the reuse of deployed infrastructures.
trust, security, and privacy) in a standard, easy and flexible way. Now that a number of different approaches towards future GSDP are being addressed in several EU research projects such as SOA4ALL, SLA@SOI, MASTER, NEXOF-RA, etc.
Telco2. 0 (TID) Common Testbed/Gateway Testbed management Testbed Access Interface Testbed Portal Overlay Enabler Security, Privacy and Trust Smart Santander
Node WISELIB User Developed App Tinyos Contiki Sunspot Opencom Middleware Mobility support Horizontal support Federation support Security, Privacy and Trust Fig
i) Access control and IOT Node Security subsystem, ii) Experiment Support Subsystem, iii) the Facility Management Support Subsystem,
Overtext Web Module V3.0 Alpha
Copyright Semantic-Knowledge, 1994-2011