SPaCIoS: Secure Provision and Consumption in the Internet of Services

Starting date
October 1, 2010
Duration (months)
36
Departments
Computer Science
Managers or local contacts
Vigano' Luca
URL
www.spacios.eu
Keyword
security, internet of services, validation

The vision of the Internet of Services (IoS) entails a major paradigm shift in the way ICT systems and applications are designed, implemented, deployed and consumed: they are no longer the result of programming components in the traditional meaning but are built by composing services that are distributed over the network and aggregated and Consumed at run-time in a demand-driven, flexible way. In IoS, services are business functionalities that are designed and implemented by producers, deployed by providers, aggregated by intermediaries and used by consumers. However, the new opportunities opened by IoS will only materialise if concepts, techniques and tools are provided to ensure security. State-of-the-art security validation technologies, when used in isolation, do not provide automated support to the discovery of important vulnerabilities and associated exploits that are already plaguing complex web-based security-sensitive applications, and thus severely affect the development of the IoS. Moreover, security validation should be applied not only at production time but also when services are deployed and consumed. Tackling these challenges is the main objective of the project, which will lay the technological foundations for a new generation of analysers for automated security validation at service provision and consumption time, thereby significantly improving the security of the IoS. This will be achieved by developing and combining state-of-the-art technologies for penetration testing, security testing, model checking and automatic learning. These will all be integrated into the SPaCIoS Tool, which we shall apply proof of concept on a set of security testing problem cases drawn from industrial and open-source IoS application scenarios. This will pave the way to transfer project results successfully in industrial practice. We shall execute 2 concrete migration paths: to SAP and SIEMENS business units, and to industrial interest groups, standardisation bodies and open-source communities.

Sponsors:

Unione Europea
Funds: assigned and managed by the department
Syllabus: ART66 - Attività Commerciale

Project participants

Alberto Calvi
Carlo Combi
Full Professor
Alessandra Di Pierro
Associate Professor
Massimo Merro
Full Professor
Michele Peroli
Marco Rocchetto
Luca Vigano'
Marco Volpe
Publications
Title Authors Year
A Hierarchy of Knowledge for the Formal Analysis of Security-Sensitive Business Processes Marchesini, Simone; Vigano', Luca 2011
Attack Interference in Non-collaborative Scenarios for Security Protocol Analysis Fiazza Maria-Camilla; Peroli Michele; Vigano' Luca 2011
Blocking Underhand Attacks by Hidden Coalitions Cristani, Matteo; Karafili, Erisa; Vigano', Luca 2011
Distributed Temporal Logic for the Analysis of Security Protocol Models Basin, David; Caleiro, Carlos; Ramos, Jaime; Vigano', Luca 2011
Towards Formal Validation of Trust and Security in the Internet of Services Carbone Roberto; Minea Marius; Moedersheim Sebastian Alexander; Ponta Serena Elisa; Turuani Mathieu; Vigano' Luca 2011
Workflow and Access Control Reloaded: a Declarative Specification Framework for the Automated Analysis of Web Services Barletta, Michele; Calvi, Alberto; Ranise, Silvio; Vigano', Luca; Zanetti, Luca 2011

Activities

Research facilities

Share