Search web site
 
About Euro-NFActivitiesEventsPublicationsInternational InitiativesJob OffersContactsIntranetVirtual LabKnowledge Map ToolWeb contact centerCDC tool
  Home>Activities>Workpackages list >WP.JRA.3.4 Print page  
Workpackages list
WP.IA.1.1
WP.IA.2.1
WP.IA.3.1
WP.IA.4.1
WP.IA.5.1
WP.IA.6.1
WP.IA.7.1
WP.IA.7.2
WP.IA.7.3
WP.IA.7.4
WP.IA.7.5
WP.IA.7.6
WP.IA.8.1
WP.JRA.1.1
WP.JRA.1.2
WP.JRA.1.3
WP.JRA.1.4
WP.JRA.1.5
WP.JRA.1.6
WP.JRA.1.7
WP.JRA.2.1
WP.JRA.2.2
WP.JRA.2.3
WP.JRA.2.4
WP.JRA.2.5
WP.JRA.2.6
WP.JRA.2.7
WP.JRA.3.1
WP.JRA.3.2
WP.JRA.3.3
WP.JRA.3.4
WP.JRA.S.1
WP.SEA.1.1
WP.SEA.2.1
WP.SEA.3.1
WP.SEA.5.1
WP.SEA.6.1
WP.SEA.6.2
WP.SEA.6.3
WP.SEA.6.4
WP.SEA.7.1
WP.SEA.7.2
WP.SEA.7.3
WP.SEA.8.1
WP.SEA.8.2
WP.SEA.9.1
WP.SEA.10.1
WP.MA.1.1
WP.MA.2.1

WPs short description
Integrating Activities
Joint executed Research Activities
Spreading Excellence
Management Activities

Joint Research Projects


Workpackage number

JRA 3.4

Start date or starting event:

T0

Workpackage title

Trust, Privacy and Security

Activity type

OTH

Participant number

02

11

12

13

20

27

29

Participant short name

TUKL

GET

UNI PASSAU

AUEB-RC

IT

NTNU

WUT

Person-months per participant

5

5

5

15

5

5

5

 

Objectives :

The growth of the Internet in size and traffic volume with the increasing sophistication, mobility, and variety of capabilities of the end-nodes and the introduction of various middle-boxes, as well as the established ethics, and finally, the legislation framework, demand for new, revised, security, privacy and trust establishment mechanisms in order to support the required security and privacy environment. The objectives of this workpackage are to research how the identified security services of privacy, integrity, authentication, identity protection, signature, authorization, key agreement and distribution, validation, time-stamping, witnessing, anonymity, non-repudiation, reliability and availability (the so called network-protection form attacks) could be achieved for the Future Internet.

The objectives of this workpackage include:

·       the study of the lessons learned from the existing Internet security, privacy, trust and availability paradigm, and the identification of the weak points in the design, deployment and enforcement of security countermeasures

·       the identification of the security, privacy, trust and availability challenges related to the FI architecture

·       the survey of the proposed security, privacy, trust and availability frameworks for the FI

·       the identification of evaluation criteria for the new era security frameworks

·       the detection of promising protocols and architectures that will be considered for further research

·       the integration, as well as the evaluation under common simulation environments and common defined criteria, of novel and complementary security, privacy, trust and availability protocols, models, frameworks and architectures which are under design and development by the partners

·       the discussion of ideas, lessons learned, experiences of protocols, models, mechanisms, and architectures that each research group develops

the provision of future Internet roadmap in the security topics

 

Description of work

This WP will first focus on the lessons learned from the existing Internet security paradigm and the specification of the new security challenges, such as anonymity, reliability and self-protection, of the envisioned architecture of the forthcoming Internet. To this end, the Quality of Protection (QoP), that is the set of the features such as security, trust and the protection against attacks will be bound to the Quality of Services (QoS) that the future Internet supports. The state-of-the-art of the security, privacy, self-protection and trust mechanisms, architectures and protocols will be reported. Finally, innovative security, privacy, network protection, and trust establishment schemes will be designed, examined, and evaluated in real or simulated environments, in terms of applicability, performance, reliability, scalability and robustness. 

 

Task 1: Lessons Learned from the existing Internet security paradigm

Starting from this activity this taskwill first evaluate the existing security frameworks that reside on the Internet, trying to answer why a lot of scepticism is still valid for the effectiveness of the existing and applicable security mechanisms, protocols and architectures. Why threats are still exist in the data link, network, transport and application layers, and how the engineering of the Internet security failed to respond.  

 

Task 2: Security, Privacy, Availability and Trust Challenges of the Future Internet

This taskwill consider the future Internet, Internet in general and its new service architectures (see JRA 1.7) and what new challenges are introduced in the security concepts. It will address how QoP fits to the QoS, it will consider the new distributed, AmI paradigm and the miniature networking and computing facilities, as well as how the new integrated media architecture (data, voice, media broadcasting) revises the security, privacy, trust and network protection concepts. 

 

Task 3: State of the art report on Future Internet security

In this task a survey of the future internet security, privacy, availability and trust mechanisms, protocols and architectures will be reported. Theoretical evaluation of these schemes will be performed in terms of challenges identified during the previous activity. At this end, the new security challenges and the state-of-the-art review have been contacted, and, thus, some of the security, privacy, availability and trust mechanisms, protocols and architectures will be considered for further research that will take place in task 4.

 

Task 4: Future Internet Security Architecture

We foresee three main directions of this activity. The first one deals with traditional security and privacy aspects in the network, such as authentication, confidentiality, non-repudiation, integrity, authorization, anonymity etc. The second activity, availability services, focuses on the network and individual node’s protection from attacks, focussing on prevention models. Finally, the Trust Services activities deal with the evaluation of trust on services, nodes, and people.

Sub-Task 4.1 Network Security and Privacy Services

In this sub-task the project will investigate, study, design and evaluate:

  • Approaches that define and disseminate toolboxes of low-cost, efficient, security and privacy primitives that can be assembled and used with various Internet protocols
  • Protocols and models that enable the adaptive set-up of security and privacy services, based on high-level profiles of the services, sessions and end-users
  • AAA schemes for multi-domain environment
  • Methods that mitigate security and privacy overheads and produce more efficient implementations of security components, stacks and architectures
  • Assessment methods of the mechanisms that support security and privacy. Definition of new evaluation criteria and metrics, modelling, building and evaluating secure implementations using simulation, analytical reasoning (including formal methods), and real-life data
  • New, efficient, scalable, security and privacy approaches for supporting Internet protocols in the areas of addressing, dynamic host configuration, routing/forwarding, naming, and mobility
  • Novel privacy enhancement technologies as a fundamental tool for Internet users to enhance the current level of anonymity, unlinkability, and unobservability services that help to bridge the gap between the need to protect the anonymity of the end-user and the need for collective security
  • High-level security and policy definition languages to minimize the required level of end-users’ knowledge on security and privacy techniques, offering understandable definitions
  • Physical-Layer and Link-Layer Security, exploiting the intrinsic security of network coding (i.e. mixing of different flows by means of coding) to devise security solutions; identifying the vulnerabilities of currently proposed cooperation schemes at the physical layer (“user cooperation diversity”) and developing security mechanisms under this new paradigm

Sub-Task 4.2 Network Protection and Availability Services

In this sub-task the project will investigate, study, design and evaluate:

  • Models and architectures for the self-protection of networks, as well as, the autonomous adaptation of networking devices to changes in threats.
  • Attack identification (early warning) and prevention tools, such as epidemic models
  • Self-protection clustering architectures that force network support for end-node security, by distributing fire walling functions in the network.
  • New network forensics tools to be used as an input for analysing, evaluating and preventing similar or correlated attack in the FI
  • Analytical or empirical methods to evaluate the capability of protection solutions to prevent or recover from attacks.

Sub-Task 4.3 Trust Services

In this activity the project will investigate, study, design and evaluate:

  • The usage of economic and social models for measuring and modelling trust, including tools for analysing and validating the trust properties of network elements and services.
  • Architectures that support secure and authenticated trust assertions, and recommendations, such as overlays, especially in the Cross-Domain and Multi-Domain paradigm

Trusted behaviour enforcement tools, such as reputation, incentives and economic models, with the goal of attaining a network equilibrium which is satisfactory only for those nodes which play by the rules of the protocol.

 

Deliverables

No formal deliverable foreseen for this permanently active workpackage integrating research activities. Achieved objectives, obtained results and work in progress are planned to be reported every year in the Periodic Report. Completed specific joint research projects are reported separately (see JRA S.1 for more details and the whole list).
Terms and conditions  - Site version 1.4.6