Aniketos: Ensuring Trustworthiness and    Security in Service Composition       Exploitation and Impact               Davi...
Contents Aniketos overview    Security policies    Trustworthiness    Threats    Composition and adaptation    Social-Tech...
Aniketos Project Main objective   Help establish and maintain trustworthiness and secure behaviour   in a dynamically chan...
Aniketos Workflow           Effectsplus, Padua, Italy, 6 September 2012   4
Security Policies                        <specification>                                           <scope>session</scope> ...
Trustworthiness Security × Contract × Trust paradigm   Service properties monitored against policy   Violations affect tru...
Threats Runtime and environmental threats    Changing threats may cause user    alert or policy change Threat repository  ...
Deployment and Adaptation Service Composition Framework Compositions specified using BPMN Services replaced to maintain po...
Socio-Technical Modelling Architectural approach for specifying    Service composition    Security policy    Trustworthy r...
Workflow Incorporates comprehensive workflow Relies on significant input   From developers, providers and end-users   Comm...
Exploitation and Impact                                                         R&D Four fronts                           ...
Tutorials and Training Led by SearchLab Building up standardised documentation    Standard templates for all prototype    ...
Demonstrations Led by Italtel Trade shows and conferences Demo events   February 2012 – Internal Aniketos   May 2012 – Sel...
Community Building Led by TSSG Aim to build communities   Contribute to standardisation   Generate interest   Foster open ...
Dissemination and Exploitation Led by ATOS Publications Case Studies    Future telecom services    eGovernance: land buyin...
Future Telecoms Scenario                                         Bob accesses the WebShop                                 ...
Audience Reached Commercial Sector (ICT Industry)     Software developers and providers     Service architecture providers...
Industrial Audience   Air Traffic Management experts, industries, practitioners and researchers   (thanks to Aniketos ATC ...
Industrial Audience   Internal research and innovation department   Atos internal stakeholders   Business development dire...
Industrial Audience   Software developers   Presented in several inter industry-academia scientific events   Technical tea...
Academic Audience Targeting academics   Workshops, seminars, conferences      Submitters or organisers for more than 40 ev...
Academic Partners                       CNR     LJMU     PLUS     SINTEF     Tecnalia   TSSG   UNITNEvents participated/  ...
Promoting Website Visits Website intended to be main channel   Currently role less crucial   Mainly due to lack of technic...
Outreach Boost PlanKey ideas to boostoutreachKey messagespecification andcommunication                     Effectsplus, Pa...
Outreach Boost PlanKey resultsKey outputs              Effectsplus, Padua, Italy, 6 September 2012   25
Outreach Boost Plan           Effectsplus, Padua, Italy, 6 September 2012   26
Conclusion Four targeted areas for increasing impact    Tutorials and training    Demonstrations    Community building    ...
http://aniketos.euAthens Technology Center SAAtos OriginDAEM S.A.DeepBlueSELEX ELSAG (ex Elsag Datamat)ItaltelLiverpool Jo...
Upcoming SlideShare
Loading in...5
×

Aniketos effects plus_6sep_2012-v04

176

Published on

@effectsplus 3rd cluster workshop
Impact of results of FP7 Security and Trust Research Projects

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
176
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Aniketos effects plus_6sep_2012-v04

  1. 1. Aniketos: Ensuring Trustworthiness and Security in Service Composition Exploitation and Impact David Llewellyn-Jones Zeta Dooly Marina Egea González http://aniketos.eu 6th September 2012 Effectsplus Clustering Event, Padua, Italy 1
  2. 2. Contents Aniketos overview Security policies Trustworthiness Threats Composition and adaptation Social-Technical Modelling Exploitation and Impact Tutorials and training Demonstrations Community building and standardisation Dissemination and exploitation Case studies Effectsplus, Padua, Italy, 6 September 2012 2
  3. 3. Aniketos Project Main objective Help establish and maintain trustworthiness and secure behaviour in a dynamically changing environment of composite services ICT FP7 Objective 1.4 Secure, dependable and trusted infrastructures Duration August 2010 until February 2014 Website http://aniketos.eu Effectsplus, Padua, Italy, 6 September 2012 3
  4. 4. Aniketos Workflow Effectsplus, Padua, Italy, 6 September 2012 4
  5. 5. Security Policies <specification> <scope>session</scope> <rule> <before> <identifier>*</identifier> Define properties of a service or </before> <perform> service composition <reaction> <guard> Used in several forms <invocation> <identifier> Service developer/provider’s eu.aniketos.predicates.dSOD </identifier> claimed properties for a service <argument> <identifier> Service user’s desired s1.method1 </identifier> properties </argument> <argument> Contract agreed by both <identifier> s2.method2 Technologies </identifier> </argument> Written using ConSpec </invocation> </guard> <update/> </reaction> </perform> </rule> </specification> Effectsplus, Padua, Italy, 6 September 2012 5
  6. 6. Trustworthiness Security × Contract × Trust paradigm Service properties monitored against policy Violations affect trust Trustworthy services avoid verification step Technologies Trust monitoring Trust composition Security verification Effectsplus, Padua, Italy, 6 September 2012 6
  7. 7. Threats Runtime and environmental threats Changing threats may cause user alert or policy change Threat repository Community list of relevant threats Threats associated with possible solutions Runtime threat monitoring Based on information in threat repository and policy Effectsplus, Padua, Italy, 6 September 2012 7
  8. 8. Deployment and Adaptation Service Composition Framework Compositions specified using BPMN Services replaced to maintain policy Effectsplus, Padua, Italy, 6 September 2012 8
  9. 9. Socio-Technical Modelling Architectural approach for specifying Service composition Security policy Trustworthy requirements Threat requirements Goal-oriented modelling Effectsplus, Padua, Italy, 6 September 2012 9
  10. 10. Workflow Incorporates comprehensive workflow Relies on significant input From developers, providers and end-users Commercial or community Ecosystem BPMN service compositions ConSpec policy files Trust management The actual services Services may be ‘Aniketos compliant’ Effectsplus, Padua, Italy, 6 September 2012 10
  11. 11. Exploitation and Impact R&D Four fronts WP1: Requirements and architectural approach OUTREACH WP7: Verification and enduser evaluation Tutorials and WP3: Secure composition WP2: Define, establish training changes and threats of dynamic services WP4: Response to and maintain trust T1 TF 1 WP8: Tutorials and training Demonstrations TF 2 - TF 3 WP9: Demonstration Community TF n building and WP10: Community building standardisation and standardization Dissemination WP11: Dissemination and WP5: Platform construction Exploitation and exploitation WP6: Realisation of industry case studies WP12: Project management Effectsplus, Padua, Italy, 6 September 2012 11
  12. 12. Tutorials and Training Led by SearchLab Building up standardised documentation Standard templates for all prototype deliverables Automated document generation tools Workshops and events February 2011 – STS and S×C×T July 2011 – STS Modelling Language More planned Effectsplus, Padua, Italy, 6 September 2012 12
  13. 13. Demonstrations Led by Italtel Trade shows and conferences Demo events February 2012 – Internal Aniketos May 2012 – Selex Elsag demo July 2012 – Wind demonstration July 2012 – SummerSOC More planned Building software VMs Effectsplus, Padua, Italy, 6 September 2012 13
  14. 14. Community Building Led by TSSG Aim to build communities Contribute to standardisation Generate interest Foster open source community Targeting open source alone is risky Requirement for external input Capitalise on social networking Github, YouTube, LinkedIn, Twitter, etc. Aim to combine both commercial and open source Effectsplus, Padua, Italy, 6 September 2012 14
  15. 15. Dissemination and Exploitation Led by ATOS Publications Case Studies Future telecom services eGovernance: land buying Air traffic service pool Demos Real-world deployment with project partners SESAR Effectsplus, Padua, Italy, 6 September 2012 15
  16. 16. Future Telecoms Scenario Bob accesses the WebShop application in order to purchase an electronic item he wishes.The end user (Bob) owns a mobiledevice which is equipped with a 2GPS receiver and a presence 1 Application Server Platformenabled VoIP client when Bob requests the help of anaccessing the web portal of his assistant by starting a click-TLC Operator. Converged SIP/HTTP to-call VoIP communication application The services involved are: 3 a. WebShop for general electronic commerce access; SIP servlets b. StoreLocator for making users choose the store where to pick up items selected; 5 He decides to purchase the item he was interested in 4 Bob is finally asked to confirm his 6 7 mail address (that was retrieved through the IdP) to inform him when he can pick-up the purchased itemThe StoreLocator service gives users two options,1) a manual selection of the pick-up stores that Bob selects option 2) for automatic store …to collect Bob’s current position information and to can be selected from an offered list; localization. By doing so a service generate maps and addresses of the stores which are2) letting StoreLocator service propose a list of recomposition is started… closer to Bob closest stores. Effectsplus, Padua, Italy, 6 September 2012 16
  17. 17. Audience Reached Commercial Sector (ICT Industry) Software developers and providers Service architecture providers Security Experts ICT providers, IT vendors Internet Service Providers, Cloud Providers End-users from Safety and Security Critical Domains Aniketos strategic partners Other EU projects working in similar domain EU technology platforms Other research initiatives and big IT companies Academia Scientists, Students (especially, Master and PhD students) European Commission, European Society Effectsplus, Padua, Italy, 6 September 2012 17
  18. 18. Industrial Audience Air Traffic Management experts, industries, practitioners and researchers (thanks to Aniketos ATC case study) Own customers FinMeccanica companies R&D managers and employees Academia SAP internal stakeholders external partners and SAP developers Employees, technical and marketing departments Effectsplus, Padua, Italy, 6 September 2012 18
  19. 19. Industrial Audience Internal research and innovation department Atos internal stakeholders Business development director FI-WARE, ChoREOS, NESSoS, etc. Inter industry-academia event co-organizer (MDSec @ MoDELS 2012) Joined new group addressing standardization of trustworthy, secure composable services Greek public sector and government Athens (previous) city council and other IT companies Effectsplus, Padua, Italy, 6 September 2012 19
  20. 20. Industrial Audience Software developers Presented in several inter industry-academia scientific events Technical teams Centre for evaluation of the security of information technology, software engineers Security experts, head of the security architecture unit, security consultants, technical and strategy managers Technical and marketing departments Intranet community Internet users Effectsplus, Padua, Italy, 6 September 2012 20
  21. 21. Academic Audience Targeting academics Workshops, seminars, conferences Submitters or organisers for more than 40 events Organizers or PC members Around 20 events Papers Over 40 papers on Aniketos research results (out of 80 submissions) Targeting industry Participation in around 20 events Including worldwide event reaching global SAP developer community Effectsplus, Padua, Italy, 6 September 2012 21
  22. 22. Academic Partners CNR LJMU PLUS SINTEF Tecnalia TSSG UNITNEvents participated/ 5 8 5 7 3 7 15organizedParticipated Master,PhD programs, 1 3 2 1 2 10 6Seminars,consultancyPress Release 4 1 1 1Platforms/clusters/ 1 2standardizationPapers 11 5 1 9 12 9 Effectsplus, Padua, Italy, 6 September 2012 22
  23. 23. Promoting Website Visits Website intended to be main channel Currently role less crucial Mainly due to lack of technical and training material Strategy therefore to publish more material Publish multimedia content when ready Embedded videos being shown on web front page Embedded from Aniketos YouTube channel Deliverables Demo material on success stories Broadcast new achievements via social channels Aim to cross-link between project websites Effectsplus, Padua, Italy, 6 September 2012 23
  24. 24. Outreach Boost PlanKey ideas to boostoutreachKey messagespecification andcommunication Effectsplus, Padua, Italy, 6 September 2012 24
  25. 25. Outreach Boost PlanKey resultsKey outputs Effectsplus, Padua, Italy, 6 September 2012 25
  26. 26. Outreach Boost Plan Effectsplus, Padua, Italy, 6 September 2012 26
  27. 27. Conclusion Four targeted areas for increasing impact Tutorials and training Demonstrations Community building Dissemination and exploitation Dissemination through outreach boost Key message Targeted user groups Key results Success story publication Key outputs Code and business models Improved sharing Effectsplus, Padua, Italy, 6 September 2012 27
  28. 28. http://aniketos.euAthens Technology Center SAAtos OriginDAEM S.A.DeepBlueSELEX ELSAG (ex Elsag Datamat)ItaltelLiverpool John Moores UniversityNational Research Council of ItalySAPSEARCH Lab LtdStiftelsen SINTEFTecnalia Research & InnovationThalesUniversity of SalzburgUniversity of TrentoWaterford Institute of TechnologyWind Telecomunicazioni S.p.A. Effectsplus, Padua, Italy, 6 September 2012 28
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×