Threats Management Throughout the Software Service Life-Cycle

Software services are inevitably exposed to a fluctuating threat picture. Unfortunately, not all threats can be handled only with preventive measures during design and development, but also require adaptive mitigations at runtime. In this paper we describe an approach where we model composite services and threats together, which allows us to create preventive measures at design-time. At runtime, our specification also allows the service runtime environment (SRE) to receive alerts about active threats that we have not handled, and react to these automatically through adaptation of the composite service. A goal-oriented security requirements modelling tool is used to model business-level threats and analyse how they may impact goals. A process flow modelling tool, utilising Business Process Model and Notation (BPMN) and standard error boundary events, allows us to define how threats should be responded to during service execution on a technical level. Throughout the software life-cycle, we maintain threats in a centralised threat repository. Re-use of these threats extends further into monitoring alerts being distributed through a cloud-based messaging service. To demonstrate our approach in practice, we have developed a proof-of-concept service for the Air Traffic Management (ATM) domain. In addition to the design-time activities, we show how this composite service duly adapts itself when a service component is exposed to a threat at runtime.Comment: In Proceedings GraMSec 2014, arXiv:1404.163

A Policy Specification Language for Composite Services

Creating complex systems by combining smaller component services is one of the fundamental concepts in Service Oriented Architecture. Service compositions are built by combining loosely coupled services that are, usually, offered and operated by different service providers. While this approach offers several benefits, it makes the implementation and representation of the security requirements difficult. This paper reviews several requirement specification languages and analyses their suitability for composite services. A set of requirements is identified and a comparison between different specification languages is presented along with some conclusion on the suitability of each language in expressing security requirements for composite services

Modelling, validating, and ranking of secure service compositions

This is the author accepted manuscript. The final version is available from the publisher via the DOI in this recordIn the world of large-scale applications, software as a service (SaaS) in general and use of microservices, in particular, is bringing service-oriented architectures to a new level: Systems in general and systems that interact with human users (eg, sociotechnical systems) in particular are built by composing microservices that are developed independently and operated by different parties. At the same time, SaaS applications are used more and more widely by enterprises as well as public services for providing critical services, including those processing security or privacy of relevant data. Therefore, providing secure and reliable service compositions is increasingly needed to ensure the success of SaaS solutions. Building such service compositions securely is still an unsolved problem. In this paper, we present a framework for modelling, validating, and ranking secure service compositions that integrate both automated services as well as services that interact with humans. As a unique feature, our approach for ranking services integrates validated properties (eg, based on the result of formally analysing the source code of a service implementation) as well as contractual properties that are part of the service level agreement and, thus, not necessarily ensured on a technical level

Identifying and mitigating security risks for secure and robust NGI networks

Smart city development is important to achieve sustainable cities and societies which help enhance urban services, reduce resource consumption and decrease overall cost. The incorporation of smart cities with the Internet has given us the Next Generation of Internet (NGI) where every smart device exploits the interconnected services and infrastructure of the Internet. The underlying structure of NGI is composed of large scale heterogeneous multilevel systems-of-systems (SoSs) where each system represents a sensor, mobile phone, computer or smart device. Security and privacy is a fundamental requirement of NGI which is heavily dependent on the composition of services and connectivity of the underlying systems. Meaning any unsecure system can affect the security of the entire networked infrastructure/SoSs. Therefore, it is important to analyse and understand the composition of different systems at different levels in NGI in order to identify and mitigate vulnerabilities. This paper proposes a solution to identify and mitigate vulnerabilities within multilevel SoSs, to enhance security without deploying additional security at endpoints, and quantify security levels of individual systems and the entire composed system. The solution was tested and evaluated using simulation and a network testbed. Results show that NGI security can be enhanced with better composition of systems. © 2020 Elsevier Lt

Remote policy enforcement for trusted application execution in mobile environments

n/

DevOps for Trustworthy Smart IoT Systems

ENACT is a research project funded by the European Commission under its H2020 program. The project consortium consists of twelve industry and research member organisations spread across the whole EU. The overall goal of the ENACT project was to provide a novel set of solutions to enable DevOps in the realm of trustworthy Smart IoT Systems. Smart IoT Systems (SIS) are complex systems involving not only sensors but also actuators with control loops distributed all across the IoT, Edge and Cloud infrastructure. Since smart IoT systems typically operate in a changing and often unpredictable environment, the ability of these systems to continuously evolve and adapt to their new environment is decisive to ensure and increase their trustworthiness, quality and user experience. DevOps has established itself as a software development life-cycle model that encourages developers to continuously bring new features to the system under operation without sacrificing quality. This book reports on the ENACT work to empower the development and operation as well as the continuous and agile evolution of SIS, which is necessary to adapt the system to changes in its environment, such as newly appearing trustworthiness threats

DevOps for Trustworthy Smart IoT Systems

ENACT is a research project funded by the European Commission under its H2020 program. The project consortium consists of twelve industry and research member organisations spread across the whole EU. The overall goal of the ENACT project was to provide a novel set of solutions to enable DevOps in the realm of trustworthy Smart IoT Systems. Smart IoT Systems (SIS) are complex systems involving not only sensors but also actuators with control loops distributed all across the IoT, Edge and Cloud infrastructure. Since smart IoT systems typically operate in a changing and often unpredictable environment, the ability of these systems to continuously evolve and adapt to their new environment is decisive to ensure and increase their trustworthiness, quality and user experience. DevOps has established itself as a software development life-cycle model that encourages developers to continuously bring new features to the system under operation without sacrificing quality. This book reports on the ENACT work to empower the development and operation as well as the continuous and agile evolution of SIS, which is necessary to adapt the system to changes in its environment, such as newly appearing trustworthiness threats

Un meta-modèle de composants pour la réalisation d'applications temps-réel flexibles et modulaires

The increase of software complexity along the years has led researchers in the software engineering field to look for approaches for conceiving and designing new systems. For instance, the service-oriented architectures approach is considered nowadays as the most advanced way to develop and integrate fastly modular and flexible applications. One of the software engineering solutions principles is re-usability, and consequently generality, which complicates its appilication in systems where optimizations are often used, like real-time systems. Thus, create real-time systems is expensive, because they must be conceived from scratch. In addition, most real-time systems do not beneficiate of the advantages which comes with software engineering approches, such as modularity and flexibility. This thesis aim to take real time aspects into account on popular and standard SOA solutions, in order to ease the design and development of modular and flexible applications. This will be done by means of a component-based real-time application model, which allows the dynamic reconfiguration of the application architecture. The component model will be an extension to the SCA standard, which integrates quality of service attributs onto the service consumer and provider in order to stablish a real-time specific service level agreement. This model will be executed on the top of a OSGi service platform, the standard de facto for development of modular applications in Java.La croissante complexité du logiciel a mené les chercheurs en génie logiciel à chercher des approcher pour concevoir et projéter des nouveaux systèmes. Par exemple, l'approche des architectures orientées services (SOA) est considérée actuellement comme le moyen le plus avancé pour réaliser et intégrer rapidement des applications modulaires et flexibles. Une des principales préocuppations des solutions en génie logiciel et la réutilisation, et par conséquent, la généralité de la solution, ce qui peut empêcher son application dans des systèmes où des optimisation sont souvent utilisées, tels que les systèmes temps réels. Ainsi, créer un système temps réel est devenu très couteux. De plus, la plupart des systèmes temps réel ne beneficient pas des facilités apportées par le genie logiciel, tels que la modularité et la flexibilité. Le but de cette thèse c'est de prendre en compte ces aspects temps réel dans des solutions populaires et standards SOA pour faciliter la conception et le développement d'applications temps réel flexibles et modulaires. Cela sera fait à l'aide d'un modèle d'applications temps réel orienté composant autorisant des modifications dynamiques dans l'architecture de l'application. Le modèle de composant sera une extension au standard SCA qui intègre des attributs de qualité de service sur le consomateur et le fournisseur de services pour l'établissement d'un accord de niveau de service spécifique au temps réel. Ce modèle sera executé sur une plateforme de services OSGi, le standard de facto pour le developpement d'applications modulaires en Java

Proceedings of the 23rd International Congress of Byzantine Studies : Thematic Sessions of Free Communications

This volume contains the abstracts of the free communications sessions from the 23rd International Congress of Byzantine Studies, taking the form of one hundred and seventeen thematic sessions and twenty poster presentations. The success of forty three sessions should be attributed above all to the conveners who designed and realised them in cooperation with other participants, and then presided over them at the Congress. This type of sessions was the organisers’ response to the challenge posed by a large number of high-quality proposals for round table discussion. Since it was not possible to implement all the received proposals into the round table sessions, the proposers were encouraged to present their ideas as Thematic Sessions of Free Communications. The remaining seventy-four sessions were selected by the organizer out of approximately six hundred abstracts submitted. Stanoje Bojanin (The Institute for Byzantine Studies) created the initial classification of abstracts according to thematic compatibility, and the final form of the sessions was determined by Vujadin Ivanišević (The Institute of Archeology), Srđan Pirivratić, Dejan Dželebdžić, Ljubomir Milanović and Miloš Živković (The Institute for Byzantine Studies). Tamara Matović and Miloš Cvetković (The Institute for Byzantine Studies), prepared the abstracts for the Congress website, and then for this publication. Bojana Pavlović (The Institute for Byzantine Studies) made a significant contribution to organizing the sessions by taking on the bulk of the correspondence with the participants. In principle, all the abstracts in this book are published in the form they were submitted to the organizer, but certain minor, sometimes unavoidable alterations were made to the headings. The index of the participant’s names, which is customary and necessary in printed publications, has been omitted from this searchable electronic book. We believe that the main purpose of this book is to present in one place the wide range of topics featured at the Congress, which accurately reflects contemporary trends in Byzantine Studies. We present this book to the public in the hope that the larger part of the communications read at the Congress will find their way into published research papers