23,794 research outputs found
Authentication and authorisation in entrusted unions
This paper reports on the status of a project whose aim is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions. This aim will be achieved by designing a framework with assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption to address the security and confidentiality requirements of large distributed infrastructures. The framework supports collaborative secure distributed storage, secure data processing and management in both the cloud and offline scenarios and is intended to be deployed and tested in two pilot studies in two different domains, viz, Bio-security incident management and Ambient Assisted Living (eHealth). Interim results in terms of security requirements, privacy preserving authentication, and authorisation are reported
Recommended from our members
Evaluating the resilience and security of boundaryless, evolving socio-technical Systems of Systems
Recommended from our members
The THREAT-ARREST Cyber-Security Training Platform
Cyber security is always a main concern for critical infrastructures and nation-wide safety and sustainability. Thus, advanced cyber ranges and security training is becoming imperative for the involved organizations. This paper presets a cyber security training platform, called THREAT-ARREST. The various platform modules can analyze an organization’s system, identify the most critical threats, and tailor a training program to its personnel needs. Then, different training programmes are created based on the trainee types (i.e. administrator, simple operator, etc.), providing several teaching procedures and accomplishing diverse learning goals. One of the main novelties of THREAT-ARREST is the modelling of these programmes along with the runtime monitoring, management, and evaluation operations. The platform is generic. Nevertheless, its applicability in a smart energy case study is detailed
Secure Cloud-Edge Deployments, with Trust
Assessing the security level of IoT applications to be deployed to
heterogeneous Cloud-Edge infrastructures operated by different providers is a
non-trivial task. In this article, we present a methodology that permits to
express security requirements for IoT applications, as well as infrastructure
security capabilities, in a simple and declarative manner, and to automatically
obtain an explainable assessment of the security level of the possible
application deployments. The methodology also considers the impact of trust
relations among different stakeholders using or managing Cloud-Edge
infrastructures. A lifelike example is used to showcase the prototyped
implementation of the methodology
ERAWATCH country reports 2011 : Malta
Acknowledgement: The University of Malta would like to acknowledge its gratitude to the European Commission, Joint Research Centre for their permission to upload this work on OAR@UoM. Further reuse of this document can be made, provided the source is acknowledged. This work was made available with the help of the Publications Office of the European Union, Copyright and Legal Issues Section.The main objective of the ERAWATCH Annual Country Reports is to characterise and assess the performance of national research systems and related policies in a structured manner that is comparable across countries. EW Country Reports 2011 identify the structural challenges faced by national innovation systems. They further analyse and assess the ability of the policy mix in place to consistently and efficiently tackle these challenges. The annex of the reports gives an overview of the latest national policy efforts towards the enhancement of European Research Area and further assess their efficiency to achieve the targets. These reports were originally produced in November - December 2011, focusing on policy developments over the previous twelve months. The reports were produced by the ERAWATCH Network under contract to JRC-IPTS. The analytical framework and the structure of the reports have been developed by the Institute for Prospective Technological Studies of the Joint Research Centre (JRC-IPTS) and Directorate General for Research and Innovation with contributions from ERAWATCH Network Asblpeer-reviewe
Secure data sharing and processing in heterogeneous clouds
The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors
- …