AVANTSSAR - Automated Validation of Trust and Security of Service-oriented Architectures

Profile Card Research project

Share this record with your favourite social network: Facebook    Delicious    add to Connotea    add to CiteUlike
Starting date
January 1, 2008

Duration (months)
36

Departments
Computer Science

Person in charge
Vigano' Luca

URL
www.avantssar.eu

Keyword
security, internet of services, validation

Description

Driven by rapidly changing requirements and business needs, IT systems and applications are undergoing a paradigm shift: components are replaced by services, distributed over the network, and composed and reconfigured dynamically in a demand-driven way into service-oriented architectures.
Exposing services in future network infrastructures entails a wide range of trust and security issues. Solving them is extremely hard since making the service components trustworthy is not sufficient: composing services leads to new subtle and dangerous vulnerabilities due to interference between component services and policies, the shared communication layer, and application functionality. Thus, one needs validation of both the service components and their composition into secure service architectures.

AVANTSSAR proposes a rigorous technology for the formal specification and Automated VAlidatioN of Trust and Security of Service-oriented ARchitectures. This technology will be automated into an integrated toolset, the AVANTSSAR Validation Platform, tuned on relevant industrial case studies.

The project has been developing:
- ASLan, the first formal language for specifying trust and security properties of services, their associated policies, and their composition into service architectures.
- Automated techniques to reason about services, their dynamic composition, and their associated security policies into secure service architectures.
- The AVANTSSAR Validation Platform, an automated toolset for validating trust and security aspects of service-oriented architectures.
- A library of validated composed services and service architectures, proving that our technology scales to envisaged applications.

Migrating project results to industry and standardisation organisations will speed up the development of new network and service infrastructures, enhance their security and robustness, and increase the public acceptance of emerging IT systems and applications based on them.

Sponsors:

Unione Europea
Funds: assigned and managed by the department
Syllabus: EUROPA - Progetti Europei

Project participants

Michele Barletta
Alberto Calvi
Ph.D. Student
Carlo Combi
Full Professor
Alessandra Di Pierro
Associate Professor
Simone Marchesini
Massimo Merro
Associate Professor
Silvio Ranise
Marco Rocchetto
Ph.D. Student
Luca Vigano'
Associate Professor
Marco Volpe
Research Associate
ornamento
Top