RESEARCH PROJECTS
SELFNET
A Framework for Self-Organized Network Management in Virtualized and Software Defined Networks (EU H2020 RIA, H2020-ICT-2014-2)
The SELFNET project will design and implement an autonomic network management framework to achieve self-organizing capabilities in managing network infrastructures by automatically detecting and mitigating a range of common network problems that are currently still being manually addressed by network operators, thereby significantly reducing operational costs and improving user experience. SELFNET explores a smart integration of state-of-the-art technologies in Software-Defined Networks (SDN), Network Function Virtualization (NFV), Self-Organizing Networks (SON), Cloud computing, Artificial intelligence, Quality of Experience (QoE) and Next-generation networking. SELFNET is driven by use cases designed to address major network management problems including Self-protection capabilities against distributed cyber-attacks (see
IEEE Internet Computing post), Self-healing capabilities against network failures, and Self-optimization to dynamically improve the performance of the network and the QoE of the users.
DHARMA
Dynamic Heterogeneous threAts Risk Management and Assessment (TIN2014-59023-C2-1-R)
DHARMA aims to provide a framework for the achievement of an efficient Dynamic Risk Management and Assurance in ICT environments taking into account new types of threats known as APTs (Advanced Persistent Threats). These threats are characterised for not using just the classical means of penetration based on software vulnerabilities, but a combination of heterogeneous attack vectors customized for the organization and its employees, including the use of physical intrusions, employees' deception, sensitive information abuse, side channels, etc. Thus, the current methodologies cannot manage adequately this dynamicity, with changes in context being a possible symptom of a new vulnerability and implying a potential modification in the list of risks identified for the organization. DHARMA is devoted to provide an answer to this shortcoming, proposing a multilevel architecture where a remarkable number of heterogeneous sensors will capture any change in the organization context (not just traditional network attacks, but any type of context change), namely: variations in the normal usage of systems and networks, electric consumption deviations, physical security incidents with presence detectors and video surveillance, ambient sensors, social networks activity sensors, and even the characterization of labour unrest in the organization in order to anticipate possible insider attacks by malicious employees. As a result, the DHARMA framework will enable different types of organizations to deploy specific sensors, integrating all their information in a Dynamic Risk Assessment engine that will provide updated information of the organization risk levels, even in the case of new threats, thus allowing a quick reaction and minimising the exposure time to potential risky situations and events for the organization.
SEMIRAMIS
Secure Management of Information across multiple Stakeholders (EU FP7, CIP-ICT PSP-2009-3 250453)
SEMIRAMIS defines a pilot infrastructure to provide e-services with the required underlying secure authentication and management approach and tests it through two scenarios representing a large number of options related to ID Management and Secure Data Transfer. In this context, SEMIRAMIS will provide an easy-to-implement and easy-to-use solution for single sign-on and secure access to services on which novel offerings can be easily deployed. Technology SEMIRAMIS will be based on leading edge technologies based on XML derivatives, mainly SAML 2.0 which is largely considered a key technology in the area of federated identity management. SEMIRAMIS will take advantage of the RADIUS (Remote Authentication Dial-In User Service) infrastructure which has been successfully brought into production in the last two years, implemented into an access process based on 802.1X. For achieving data security, a PKI (Public Key Infrastructure) will be used.
SEGUR@
Security and Trust in the Information Society
During last years, with the Information Society development, both people and organizations have been involved on a transformation process that has changed their communication habits. Thus, electronic banking, e-business, e-administration and companies competitiveness improvement by digitizing their offer has become a priority for both public organizations and private entities. Nevertheless, this transformation process has also brought new risks and threats due to the quick introduction of new technologies and to the high specialization level of malicious sources. This makes security innovation a key factor on success of business process, increasing the confidence on the process and the confidence between the diferent actors involved on the process. During next years, this problem will extend to the real life with ambiental intelligence, and its resolution will allow the development of new service opportunities for public heath, domestic security and leisure time.
DESEREC
DEpendability and Security by Enhanced REConfigurability (EU-IST FP6, IST-2004-026600)
Most of European critical activities rely on networked Communication and Information Systems (CIS), highly interconnected. CIS performance could be jeopardized by incidents of various kinds. A multi-disciplinary approach is compulsory to leverage their dependability by an alliance of three approaches: modelling and simulation, detection and response.
SEINIT
Security Expert INITiative (EU-IST FP6, IST-2002-2.3.1.5)
The SEINIT project will develop a trusted and dependable security framework, ubiquitous, working across multiple devices and heterogeneous networks, being organization independent (inter-operable) and centered around an end-user. In particular, SEINIT defines innovative security models and policies to address the new issues of the pervasive computer world.
PISCIS
e-Commerce Based on an Advanced Certification Infrastructure and Smart Cards
The main goal of the PISCIS Project is to remedy the lack of deployment of real e-Commerce environments at the present time. Consequently, and using novel research proposals related to communication security, we have defined an advanced e-Commerce scenario composed of a certification infrastructure, smart cards and a payment model.
MIMICS-II
Mobile Intelligent Model incorporating Independent Control and Sensorisation
The goal of the project is the development of an intelligent platoon of vehicles, where the leading vehicle (which is manned) acts as a guide for the following vehicles (which are unmanned). For practical reasons the real prototype has been limited to only two cars. The operation of the leading car is simple: it uses its sensors to send information to the following car. This uses both its sensors and the information received to control the actuators. All the information is shared using wireless links. A base station can monitor both vehicles, and it includes an application integrated with a Geographical Information System (GIS).