3 research outputs found
PALANTIR demo: leveraging SecaaS model for managing threats in industrial environments
PALANTIR, an EU-funded Innovation Action project, delivers tailored and pervasive resource protection through the Security-as-a-Service paradigm. This demo presents the architecture and validates the prototype against three threat scenarios with botnet, data breach and tampering attacks
PALANTIR: an NFV-based security-as-a-service approach for automating threat mitigation
Small and medium enterprises are significantly hampered by cyber-threats as they have inherently limited skills and financial capacities to anticipate, prevent, and handle security incidents. The EU-funded PALANTIR project aims at facilitating the outsourcing of the security supervision to external providers to relieve SMEs/MEs from this burden. However, good practices for the operation of SME/ME assets involve avoiding their exposure to external parties, which requires a tightly defined and timely enforced security policy when resources span across the cloud continuum and need interactions. This paper proposes an innovative architecture extending Network Function Virtualisation to externalise and automate threat mitigation and remediation in cloud, edge, and on-premises environments. Our contributions include an ontology for the decision-making process, a Fault-and-Breach-Management-based remediation policy model, a framework conducting remediation actions, and a set of deployment models adapted to the constraints of cloud, edge, and on-premises environment(s). Finally, we also detail an implementation prototype of the framework serving as evaluation material.The work described in this article has received funding by the European Union Horizon 2020 research and innovation programme, supported under Grant Agreement no. 883335—PALANTIR (Practical Autonomous Cyberhealth for resilient SMEs and Microenterprises)