Trust and privacy management support for context-aware service platforms

In a context-aware service platform, service providers adapt their services to the current situation of the service users using context information retrieved from context information providers. In such a service provisioning platform, important trust and privacy issues arise, because different entities responsible for different tasks have to collaborate in the provisioning of the services. Context information is privacy sensitive by nature, making the communication and processing of this information a potential privacy threat. The main goal of this thesis is to learn how to support users and providers of context-aware services in managing the trade-off between privacy protection and context-based service adaptation. More and more precise context information retrieved from trustworthy context information providers allows context-aware service provider to adapt their services more reliably. However, more and more precise context information also means a higher risk for the service users in case of a privacy violation

European Cybersecurity Centre of Expertise - Cybersecurity Competence Survey

In its September 2017 Joint Communication "Resilience, Deterrence and Defence: Building strong cybersecurity for the EU" the European Commission announced the intention to support the creation of a network of cybersecurity competence centres to stimulate the development and deployment of technology in cybersecurity. In the scope of this initiative, the main goal of this document is to present the design and results of the survey conducted in order to identify the cybersecurity competence centres (e.g. research organisations, laboratories, associations, academic groups, institutions, operational centres) in Europe. The survey was open for participation from middle January until middle March of 2018 and 665 centres participated. This report also presents a scientific and technological development analysis comparing the survey results presented here with a desktop research mapping exercise performed by JRC.JRC.E.3-Cyber and Digital Citizens' Securit

Blockchain in Energy Communities, A proof of concept

This report aims at exploring the use of the distributed ledger paradigm to incentive the participation of the citizen to a truly free, open and interoperable energy market, producing a feasibility study and a first demo testbed, taking also into consideration privacy, cybersecurity and big-data issues of the smart-home in the Energy market context. This study is intended to support point 4.1, 4.2 and 4.3 of the DSM (COM(2015)192) and point 2.2 of the Energy Union package (COM(2015)80.JRC.E.3-Cyber and Digital Citizens' Securit

European Cybersecurity Centres of Expertise Map - Definitions and Taxonomy

The Commission made a commitment in the Communication adopted in September to launch a pilot phase under Horizon 2020 to help bring national cybersecurity centres together into a network. In this context, the goal of this document is that of aligning the cybersecurity terminologies, definitions and domains into a coherent and comprehensive taxonomy to facilitate the categorisation of EU cybersecurity competencies.JRC.E.3-Cyber and Digital Citizens' Securit

A Dynamic SNMP to XML Proxy Solution

Abstract: The network management area has some proposals to use XML to encode information models and managed object instances. In this paper we present a solution to dynamically create SNMP to XML proxies using a SAX parser and the translation facilities from the libsmi tools. We also present an analysis system that uses the management information provided by the proxies in XML

A Proposal for a European Cybersecurity Taxonomy

The Commission made a commitment in the Communication adopted in September 2018 (COM(2018) 630 final) to launch a pilot phase under Horizon 2020 to help bring national cybersecurity centres together into a network. In this context, the goal of this document is that of aligning the cybersecurity terminologies, definitions and domains into a coherent and comprehensive taxonomy to facilitate the categorisation of EU cybersecurity competencies.JRC.E.3-Cyber and Digital Citizens' Securit

Cybersecurity, our digital anchor: A European perspective

The Report ‘Cybersecurity – Our Digital Anchor’ brings together research from different disciplinary fields of the Joint Research Centre (JRC), the European Commission's science and knowledge service. It provides multidimensional insights into the growth of cybersecurity over the last 40 years, identifying weaknesses in the current digital evolution and their impacts on European citizens and industry. The report also sets out the elements that potentially could be used to shape a brighter and more secure future for Europe’s digital society, taking into account the new cybersecurity challenges triggered by the COVID-19 crisis. According to some projections, cybercrime will cost the world EUR 5.5 trillion by the end of 2020, up from EUR 2.7 trillion in 2015, due in part to the exploitation of the COVID-19 pandemic by cyber criminals. This figure represents the largest transfer of economic wealth in history, more profitable than the global trade in all major illegal drugs combined, putting at risk incentives for innovation and investment. Furthermore, cyber threats have moved beyond cybercrime and have become a matter of national security. The report addresses relevant issues, including: - Critical infrastructures: today, digital technologies are at the heart of all our critical infrastructures. Hence, their cybersecurity is already – and will become increasingly – a matter of critical infrastructure protection (see the cases of Estonia and Ukraine). - Magnitude of impact: the number of citizens, organisations and businesses impacted simultaneously by a single attack can be huge. - Complexity and duration of attacks: attacks are becoming more and more complex, demonstrating attackers’ enhanced planning capabilities. Moreover, attacks are often only detected post-mortem . - Computational power: the spread of malware also able to infect mobile and Internet of Things (IoT) devices (as in the case of Mirai botnet), hugely increases the distributed computational power of the attacks (especially in the case of denial of services (DoS)). The same phenomenon makes the eradication of an attack much more difficult. - Societal aspects: cyber threats can have a potentially massive impact on society, up to the point of undermining the trust citizens have in digital services. As such services are intertwined with our daily life, any successful cybersecurity strategy must take into consideration the human and, more generally, societal aspects. This report shows how the evolution of cybersecurity has always been determined by a type of cause-and-effect trend: the rise in new digital technologies followed by the discovery of new vulnerabilities, for which new cybersecurity measures must be identified. However, the magnitude and impacts of today's cyber attacks are now so critical that the digital society must prepare itself before attacks happen. Cybersecurity resilience along with measures to deter attacks and new ways to avoid software vulnerabilities should be enhanced, developed and supported. The ‘leitmotiv’ of this report is the need for a paradigm shift in the way cybersecurity is designed and deployed, to make it more proactive and better linked to societal needs. Given that data flows and information are the lifeblood of today’s digital society, cybersecurity is essential for ensuring that digital services work safely and securely while simultaneously guaranteeing citizens’ privacy and data protection. Thus, cybersecurity is evolving from a technological ‘option’ to a societal must. From big data to hyperconnectivity, from edge computing to the IoT, to artificial intelligence (AI), quantum computing and blockchain technologies, the ‘nitty-gritty’ details of cybersecurity implementation will always remain field-specific due to specific sectoral constraints. This brings with it inherent risks of a digital society with heterogeneous and inconsistent levels of security. To counteract this, we argue for a coherent, cross-sectoral and cross-societal cybersecurity strategy which can be implemented across all layers of European society. This strategy should cover not only the technological aspects but also the societal dimensions of ‘behaving in a cyber-secure way’. Consequently, the report concludes by presenting a series of possible actions instrumental to building a European digital society secure by design.JRC.E.3-Cyber and Digital Citizens' Securit

Um Modelo hierárquico baseado em políticas para o gerenciamento integrado de redes de computadores e grids computacionais

Como resultados constatou-se que o modelo de tradução de políticas proposto permite automatizar o gerenciamento da infra-estrutura de grid e rede. Além disso, a solução apresentada fornece novas facilidades de gerenciamento em comparação as soluções de gerenciamento de grid baseadas em políticas encontradas na literatura. A implementação do protótipo do modelo junto ao sistema QAME permitiu que o gerenciamento do grid e da rede fosse realizado de maneira integrada usando uma hierarquia de tradução de políticas