SECURED

SECURity at the network EDge

 Partecipanti

Mappa

 Word cloud

Esplora la "nuvola delle parole (Word Cloud) per avere un'idea di massima del progetto.

 Obiettivo del progetto (Objective)

Protection of mobile devices from Internet threats is usually achieved by installing appropriate tools (e.g. anti-virus, personal firewall, parental control) on each device. However, this poses several issues: it requires privileged access on the device, appropriate protection tools may not exist on all the platforms or their capabilities may vary greatly across the different devices, and tools may consume too many resources.nThis results in ineffective or inconsistent protection for the users that will experience wide variation in security when using different devices and/or networks (for example, typically WiFi access inside a corporate network is protected by a border firewall while this is not the case for a 3G network).nnThe SECURED project proposes an innovative architecture to achieve protection from Internet threats by offloading execution of security applications into a programmable device at the edge of the network such as a home gateway or an enterprise router.nThis architecture creates a trusted and virtualized execution environment allowing different actors (e.g. single users, corporate ICT managers, network providers) to install on-demand and execute multiple security applications on the network edge device to protect the traffic of a specific user. This approach reduces the load onto the mobile devices, guaranteeing enforcement of user-specific and device-independent security policies, and uniform protection across different devices and networks.nTransition mechanisms are also defined to support legacy network devices and deploy this new technology incrementally. The proposed architecture will be validated in corporate and individual environments, considering various network settings (e.g. 3G/4G, WiFi, xDSL, corporate LAN).nnThe project targets citizens, network providers, and companies. The latter will be able to enforce a company-wide security policy not only when the employee is connected to the corporate network but also when she is on the move (e.g. home network, 3G connection, airport WiFi).nnSECURED will produce concrete results in the form of open specifications and sample open-source implementations for (A) creation of trusted network security applications, (B) policy-based security configuration, with support for hierarchical and multi-source policies, and (C) security marketplace to trade applications and exchange best-practice policies (useful to encourage adoption by non-skilled individuals or companies).nnA uniform security environment will be created, independent of the user device and network connection, offering also protection for Internet-of-Things environments, where nodes typically have limited computational and communication capabilities (e.g. home appliances, sensor networks, or distributed critical infrastructures).nIn summary, the project will empower mobile users with better Internet security and enable different business models for network service providers and security application developers.