Antonia Bertolino, Silvano Chiaradonna, Gabriele Costa, Felicita Di Giandomenico, Antinisca Di Marco, Paul Grace, Valérie Issarny, Marta Kwiatkowska, Fabio Martinelli, Paolo Masci, Ilaria Matteucci, Hongyang Qu, Mark Rouncefield, Rachid Saadi, Antonino Sabetta, Romina Spalazzese, and Francois Taiani

Conceptual Models for Assessment and Assurance of Dependability, Security and Privacy in the Eternal CONNECTed World

Deliverable D5.1, CONNECT, Project EU ICT-231162, Rocquencourt (F), February, Rapport INRIA number 00465221 version 1, 2010 (118p.)

This is the first deliverable of WP5, which covers Conceptual Models for Assessment & Assurance of Dependability, Security and Privacy in the Eternal CONNECTed World. As described in the project DOW, in this document we cover the following topics: - Metrics definition - Identification of limitations of current V&V approaches and exploration of extensions/refinements/ new developments - Identification of security, privacy and trust models WP5 focus is on dependability concerning the peculiar aspects of the project, i.e., the threats deriving from on-the-fly synthesis of CONNECTors. We explore appropriate means for assessing/guaranteeing that the CONNECTed System yields acceptable levels for non-functional properties, such as reliability (e.g., the CONNECTor will ensure continued communication without interruption), security and privacy (e.g., the transactions do not disclose confidential data), trust (e.g., Networked Systems are put in communication only with parties they trust). After defining a conceptual framework for metrics definition, we present the approaches to dependability in CONNECT, which cover: i) Model-based V&V, ii) Security enforcement and iii) Trust management. The approaches are centered around monitoring, to allow for on-line analysis. Monitoring is performed alongside the functionalities of the CONNECTed System and is used to detect conditions that are deemed relevant by its clients (i.e., the other CONNECT Enablers). A unified lifecycle encompassing dependability analysis, security enforcement and trust management is outlined, spanning over discovery time, synthesis time and execution time.

complete document


[Maison.png]Back to Home

Last generated on 8 Dec 2019     Valid HTML 4.0!