| Add Deliverable |

10 Dec 2013

ASSERT4SOA - Architectural solutions for evidence-based certification

The widespread development of Service-Oriented Architecture (SOA) and web services
is changing the traditional view of information technology. Today, software
applications are increasingly released as services, using web service and SOA standards,
and can be composed to form complex business processes. The specification
of a SOA application includes, on one side, the definition of the application interface
using the Web Services Description Language (WSDL) [11] and, on the other
side, the definition of the application protocol using the Web Services Conversation
Language (WSCL) [17].
As discussed in [31, 32], one of the key aspects fostering the adoption of web
services is their ability to support the dynamics of a service-based scenario. Web
services are subject to continuous and fast changes, and service providers are required
to adapt their services to new contexts, to additional business process requirements,
to changes in law, and to bugs in service definition [32]. Another key aspect derives
from the fact that business processes are increasingly implemented by dynamically
composing web services, seen as commodities to be provisioned on clouds or over
the Internet. In a context where commodity services are continuously and incrementally
(re-)designed, released, and integrated in compositions, an accurate, low
cost, and robust evaluation of incremental and composite service security becomes
a fundamental challenge. Security certification of evolving and composite services
is therefore crucial for a wide diffusion of the service paradigm also in those critical
environments where security is a first-class requirement.
Work Package 4 aims at defining a security certification scheme (based on test
evidence) that can be used at run-time to make trusted assurance information available
in a service ecosystem. Deliverable D4.3 describes the status of the work done in
Task 4.4 “Architectural Solutions for Evidence-based Certificates”, which focuses on
providing architectural patterns that model test-specific interactions between service
providers, certifiers, and users, and guidelines for test-based certification of service
compositions and for the management of incremental certification of evolving services.
D4.3 builds on i) D4.1 focusing on the definition of an infrastructure for the
specification and management of evidence-based security certificates (i.e., ASSERTE)
and ii) D4.2 focusing on matching and comparison algorithms and techniques,
which support run-time service discovery and selection enhanced with test-based
evidence and security properties in ASSERT-E. More in detail, starting from the
definition of the evidence-based certification scheme in D4.1 [8], and its evolution
in D4.2 [9] including matching and comparison approaches, this deliverable has defined
a solution that supports: i) incremental certification of evolving services and
ii) certification of composite services.

21 Oct 2013

Effectsplus - D4.2 FIA 2011 Report

As detailed in the EC document “Future Internet Assembly: What is FIA?”
The activities of FIA are the following: Bi-annual FIA Conferences, Developing Future Internet systems, technologies and architectures through working groups and projects, possibly leading to contributions to standards.

30 Aug 2013

Effectsplus - D4.1_FIA Coordination Plan

The Effectsplus Deliverable 4.1, the FIA Coordination Plan describes how the Effectsplus project will coordinate the activities of the Trust and Security research are a in the Future Internet Assembly. Individuals now working in Effectsplus have been Involved in organising and leading Trust, Security and Identity activities in the Future Internet Assembly since before the first FIA event in Bled in 2008.

30 Aug 2013

Effectsplus - D6.1_Web Portal

This document provides an overview of the effectsplus web portal set up, initialisation, maintenance and content management to date within the effectsplus project. It will also detail search engine optimization options, rss aggregator plans, to be looked into in more detail in the near future in order to increase the usefulness and usability of the effectsplus website, which in turn will actively contribute towards the statistics results coming from effectsplus google analytics account.

29 Aug 2013

Effectsplus - D2.2_The Innovation Potential of FP7 Security and Trust Projects

This report presents a comprehensive study on the innovation potential of FP7 projects funded by the ICT Call 1 for Trustworthy ICT and the Joint ICT and Security Call. This study is based on documental evidence (deliverables, publishable reports, etc) and ethnographic research (interviews and feedback from project coordinators).

29 Aug 2013

Effectsplus - D2.1_Results and Impacts of FP7 Projects

The effects+ project is a coordination and support action whose objective is to support technical clusters among FP7 ICT Trust and Security Unit's projects and to identify missing research gaps in the trust and security landscape for FP8.

Page 177 of 177 pages     ‹ First  < 175 176 177