PoSecCo
Policy and Security Configuration Management
| Coordinatore | SAP AG
Organization address
address: Av. du Dr. Maurice Donat, BP 1216 805 contact info |
| Nazionalità Coordinatore | Germany [DE] |
| Totale costo | 11˙272˙386 € |
| EC contributo | 6˙999˙987 € |
| Programma | FP7-ICT
Specific Programme "Cooperation": Information and communication technologies |
| Code Call | FP7-ICT-2009-5 |
| Funding Scheme | CP |
| Anno di inizio | 2010 |
| Periodo (anno-mese-giorno) | 2010-10-01 - 2013-12-31 |
Partecipanti
| # | ||||
|---|---|---|---|---|
| 1 |
SAP AG
Organization address
address: Av. du Dr. Maurice Donat, BP 1216 805 contact info |
DE (Mougins-Cedex) | coordinator | 0.00 |
| 2 |
ATOS SPAIN SA
Organization address
address: Calle de Albarracin contact info |
ES (Madrid) | participant | 0.00 |
| 3 |
BERNER FACHHOCHSCHULE
Organization address
address: FALKENPLATZ contact info |
CH (BERN) | participant | 0.00 |
| 4 |
DELOITTE CONSEIL SAS
Organization address
address: 185 AVENUE CHARLES DE GAULLE contact info |
FR (NEUILLY SUR SEINE) | participant | 0.00 |
| 5 |
IBM RESEARCH GMBH
Organization address
address: SAEUMERSTRASSE contact info |
CH (RUESCHLIKON) | participant | 0.00 |
| 6 |
PLATTE CONSULT GMBH
Organization address
address: ALFRED NOBEL PLATZ contact info |
DE (LANDAU) | participant | 0.00 |
| 7 |
POLITECNICO DI TORINO
Organization address
address: CORSO DUCA DEGLI ABRUZZI contact info |
IT (TORINO) | participant | 0.00 |
| 8 |
TECHNISCHE UNIVERSITEIT EINDHOVEN
Organization address
address: DEN DOLECH contact info |
NL (EINDHOVEN) | participant | 0.00 |
| 9 |
THALES SERVICES SAS
Organization address
address: Rue Grange Dame Rose contact info |
FR (VELIZY VILLACOUBLAY) | participant | 0.00 |
| 10 |
UNIVERSITA' DEGLI STUDI DI BERGAMO
Organization address
address: VIA SALVECCHIO contact info |
IT (BERGAMO) | participant | 0.00 |
| 11 |
UNIVERSITAET INNSBRUCK
Organization address
address: INNRAIN contact info |
AT (INNSBRUCK) | participant | 0.00 |
Mappa
Word cloud
Esplora la "nuvola delle parole (Word Cloud) per avere un'idea di massima del progetto.
Obiettivo del progetto (Objective)
Future Internet (FI) applications will see dynamic compositions of services providing a broad diversity of functions, starting with business functionality down to infrastructure services. Their progress crucially depends on the service providers' ability to deal with two interdependent challenges: (1) to achieve, maintain and prove compliance with security requirements stemming from internal needs, 3rd party demands and international regulations and (2) to cost-efficiently manage policies and security configuration in operating conditions.nThe deficiencies of current processes and tools force service providers to trade off profitability against security and compliance. Major causes are (1) ignorance or manual resolution of policy and configuration dependencies, caused by distinct terminologies and languages of security domains, and the complexity of large-scale distributed systems, (2) constant evolution of requirements and regulations as well as service compositions and configurations, and (3) the number of stakeholders involved in security management and requirement definition.nPoSecCo overcomes this by establishing a traceable and sustainable link between high-level requirements and low-level configuration settings. Operations will be supported by self-managed features and decision support systems. Substantial improvements are expected in the areas of policy modeling and conflict detection across architectural layers, decision support for policy refinement processes, policy and configuration change management including validation, remediation and audit support, and security management processes in FI application scenarios. PoSecCo addresses the economic viability of the chosen approach by assessing cost and organizational benefits of an improved policy and configuration management.nPoSecCo continues other EC projects, especially DESEREC, POSITIF, and MASTER, and adopts existing industry-standards for change management and audit to ensure its impact.