BUGYO received the Celtic Excellence Award on February 2008
Building security assurance in open infrastructures
e-mail: bertrand.marquet (at) alcatel.fr
|Alcatel CIT, FR
|Karlstad University, SE
|OnePutt Solutions, SE
|Public Research Center HENRI Tudor, LU
This is a “Celtic” project;
|Project Key Information
|Open systems such as telecommunications infrastructures are massively distributed. They are composed of highly connected sets of managed products. There is no general way to measure the confidence operators and end customers can have in the security of the infrastructure, in end-to-end security services and in the security of end-to-end services above those architectures.This project aims to define a security framework to measure, document and maintain the security assurance level of services based on telecommunication system.
The security framework will provide guidelines and methods, as well as software applications, to assess the overall confidence that can be obtained. The framework will be based on a specific middleware, developed using technologies such as mobile agents, to collect information within infrastructures in a non-disturbing and non-intrusive way. Information will be collected by applications such as vulnerability automatic research engine, protocol security analyzer, and will include configuration management information (linked to databases of certified configuration) to automate security testing.
The project will deliver a system security cockpit, built using the security framework, to help equipment manufacturers, networks architects, and operators reach and maintain a certain level of security assurance. The cockpit could show certified components/configurations within the architecture, identify assurance domains and be an assistant to remotely and automatically launch specific tests on equipment to augment/verify the security quality assurance level (automated, remote non-intrusive audits), etc. Applications of this security cockpit will address interaction and integration into Network Management Systems (NMS) and interfaces to Operation Support Systems (OSS).
|Framework providing means for measuring security assurance of telecoms infrastructure and services