SPaCIoS: Secure Provision and Consumption in the Internet of Services

Data inizio
1 ottobre 2010
Durata (mesi) 
Responsabili (o referenti locali)
Vigano' Luca
Parole chiave
security, internet of services, validation

The vision of the Internet of Services (IoS) entails a major paradigm shift in the way ICT systems and applications are designed, implemented, deployed and consumed: they are no longer the result of programming components in the traditional meaning but are built by composing services that are distributed over the network and aggregated and Consumed at run-time in a demand-driven, flexible way. In IoS, services are business functionalities that are designed and implemented by producers, deployed by providers, aggregated by intermediaries and used by consumers. However, the new opportunities opened by IoS will only materialise if concepts, techniques and tools are provided to ensure security. State-of-the-art security validation technologies, when used in isolation, do not provide automated support to the discovery of important vulnerabilities and associated exploits that are already plaguing complex web-based security-sensitive applications, and thus severely affect the development of the IoS. Moreover, security validation should be applied not only at production time but also when services are deployed and consumed. Tackling these challenges is the main objective of the project, which will lay the technological foundations for a new generation of analysers for automated security validation at service provision and consumption time, thereby significantly improving the security of the IoS. This will be achieved by developing and combining state-of-the-art technologies for penetration testing, security testing, model checking and automatic learning. These will all be integrated into the SPaCIoS Tool, which we shall apply proof of concept on a set of security testing problem cases drawn from industrial and open-source IoS application scenarios. This will pave the way to transfer project results successfully in industrial practice. We shall execute 2 concrete migration paths: to SAP and SIEMENS business units, and to industrial interest groups, standardisation bodies and open-source communities.

Enti finanziatori:

Unione Europea
Finanziamento: assegnato e gestito dal dipartimento
Programma: ART66 - Attività Commerciale

Partecipanti al progetto

Alberto Calvi
Carlo Combi
Professore ordinario
Alessandra Di Pierro
Professore associato
Massimo Merro
Professore associato
Michele Peroli
Marco Rocchetto
Luca Vigano'
Professore associato
Marco Volpe
Titolo Autori Anno
A Hierarchy of Knowledge for the Formal Analysis of Security-Sensitive Business Processes Marchesini S.; Vigano' L. 2011
Attack Interference in Non-collaborative Scenarios for Security Protocol Analysis Fiazza Maria-Camilla; Peroli Michele; Vigano' Luca 2011
Blocking Underhand Attacks by Hidden Coalitions Cristani Matteo; Karafili Erisa; Vigano' Luca 2011
Distributed Temporal Logic for the Analysis of Security Protocol Models BASIN David; CALEIRO Carlos; RAMOS Jaime; VIGANO' Luca 2011
Towards Formal Validation of Trust and Security in the Internet of Services Carbone Roberto; Minea Marius; Moedersheim Sebastian Alexander; Ponta Serena Elisa; Turuani Mathieu; Vigano' Luca 2011
Workflow and Access Control Reloaded: a Declarative Specification Framework for the Automated Analysis of Web Services BARLETTA Michele; CALVI Alberto; RANISE Silvio; VIGANO' Luca; ZANETTI Luca 2011