secfutnet project - secutiry for future network
DESCRIPTION
In this talk I present an overview of SecFuNet project. It is a STREP from EC (European Comission) call FP7-ICT-2011-EU-Brazil targeting the objective Future Internet - security.TRANSCRIPT
![Page 1: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/1.jpg)
1SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Security for Future Networks
SecFuNet
Diego [email protected]
Navigators' team atLaSIGE - Large-Scale Informatics Systems Laboratory
![Page 2: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/2.jpg)
2SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Outline
Context
Challenges
Goals
Specific Objectives
Work-packages
FCUL
![Page 3: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/3.jpg)
3SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Context
● Framework Programme 7
● EC call: FP7-ICT-2011-EU-Brazil Date of publication: 28 September, 2010 Deadline: 18 January, 2011
● Funding Scheme: STREP Small or medium-scale focused research projects
● Objective: Future Internet – security
![Page 4: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/4.jpg)
4SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Context
Project info
Name: Security for Future Networks
Acronym: SecFuNet
Duration: 1 May 2011- 1 November 2013 (30 months)
Coordinator: LIP6 - Guy Pujolle
Kickoff meeting: 11 Jully 2011, Paris
![Page 5: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/5.jpg)
5SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Context
1
1
7
5
9
3
8
6
4
2
7
5
9
38
6
4
2
EU partnersSee also the online map at: http://g.co/maps/8zdxs
![Page 6: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/6.jpg)
6SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Context
BR partners
10
15
11
12
13
14
16
16
14
10
12
13
11
15
See also the online map at: http://g.co/maps/8zdxs
![Page 7: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/7.jpg)
7SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Context
Propose a framework providing:● secure identification and authentication● secure data transfer● secure virtualized infrastructure● privacy in virtual network and clouds
![Page 8: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/8.jpg)
8SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Challenges
Main challenge: improve the degree of security on virtual networks and clouds➔ coherent and robust identification schemes
➔ algorithms robust to intrusions
➔ guarantee security in the virtualized infrastructure
![Page 9: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/9.jpg)
9SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Goals
a)Use microcontroller as anchors of trust
b)Introduce an identification system, using pairs of associated microcontrollers
c)Design an open framework, free of proprietary technologies
d)Create a Radius SIM array to provide a unique strong authentication solution
![Page 10: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/10.jpg)
10SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Goals
e)Develop a secure infrastructure for the virtualized networks and clouds
f) Implement mechanisms for robust provisioning of IP services
g)Develop cryptographic schemes adapted to virtual network and clouds
![Page 11: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/11.jpg)
11SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Specific Objectives
Objective 1: design an extensible context framework for the security of the future networks
Objective 2: authentication with EAP-TLS and legacy solutions
Objective 3: develop a highly secure authentication server
Objective 4: develop a highly secure identification scheme based on AAIs
![Page 12: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/12.jpg)
12SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Specific Objectives
Objective 5: provide a reliable and secure environment
Objective 6: achieve resilience of the communications and authentication / authorization
Objective 7: provide cryptographic algorithms for future networks
![Page 13: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/13.jpg)
13SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Structure
Structure of SecFuNet as an integrated project.
![Page 14: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/14.jpg)
14SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Structure
Overall project structure and components dependency.
![Page 15: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/15.jpg)
15SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Work-packages
WP0: Project Management, Coordination and Dissemination
➔ Dissemination and website and video clip
➔ Standardization and Exploitation Plan
WP1: Requirement and Functional Architecture
➔ Virtual network architecture and secure micro-controller: use cases and first choices
➔ Limitations and requirements of the framework
![Page 16: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/16.jpg)
16SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Work-packages
WP2: Authentication Server
➔ Infrastructure of the authentication server
➔ Array and software of the authentication server
➔ Development and deployment on the network
WP3: Secure Identity Management
➔ Identity management system limitations and requirements, and prospective AAIs
➔ Identity management system development
![Page 17: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/17.jpg)
17SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Work-packages
WP4: Virtual Network Isolation
➔ State-of-the-art and isolation between virtual networks
➔ Profiling and virtual network migration
WP5: Infrastructure Resilience
➔ Architecture components for resilient networks
➔ Trustworthy authentication service architecture
![Page 18: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/18.jpg)
18SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Work-packages
WP6: Cryptographic Schemes
➔ Cryptographic requirements
➔ Cryptographic schemes for virtual networks and cloud accesses
WP7: Testbed
➔ Testbed creation
➔ Test and evaluation experiments
![Page 19: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/19.jpg)
19SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Work-packages
Overall WPs scheduling
Light Blue = milestones with deliverables
![Page 20: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/20.jpg)
20SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Work-packages
MGT = ManagementRTD = Research and Technological Development
![Page 21: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/21.jpg)
21SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
FCUL
WP0: project management (tasks)
1.Dissemination
2.Website and video clip
3.Standardization
4.Exploitation Plan
Intermediate (M12) and final reports (M30)
Duration: 30 months Deliverables: end of each task (M12 and M30)
![Page 22: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/22.jpg)
22SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
FCUL
WP1: architecture requirements (tasks)
1.Virtual network architecture and secure microcontroller: use cases and first choices
2.Limitations and requirements of the framework
FCUL rule: help in defining the items to be studied in virtual networking environment and on the secure framework.
Duration: 7 months Deliverables: end of each task (M3 and M7)
![Page 23: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/23.jpg)
23SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
FCUL
WP5: infrastructure resilience (tasks)
1.Architecture components for resilient networks
2.Trustworthy authentication service architecture
FCUL rule: lead task 1 an help on task 2.
Duration: 22 months Deliverables: end of each task (M18 and M21)
![Page 24: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/24.jpg)
24SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
FCUL
WP6: cryptographic schemes (tasks)
1.Cryptographic requirements
2.Cryptographic schemes for virtual networks and cloud accesses
FCUL rule: participate in the definition of the main security requirements for future virtual networking environments.
Duration: 21 months Deliverables: end of each task (M14 and M27)
![Page 25: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/25.jpg)
25SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
FCULSummary of staff effort.
![Page 26: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/26.jpg)
26SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
FCUL
On-going work (research)● State of art on security of network
management services (WP1, WP5 and WP6)
● State of art on future networks (WP1, WP5)
How they will be
How they will relate with clouds
![Page 27: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/27.jpg)
27SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
FCUL
On-going work (research)● Papers, surveys and projects like:
➔ TRONE (trone.di.fc.ul.pt)➔ MASSIF (www.massif-project.eu)➔ 4WARD (www.4ward-project.eu)➔ EFFECTS+ (www.effectsplus.eu)➔ PASSIVE (ict-passive.eu)➔ SWIFT (www.ist-swift.org)➔ WOMBAT (www.wombat-project.eu)
![Page 28: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/28.jpg)
28SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
FCUL
On-going work (hands-on)● TRONE
(Trustworthy and Resilient Operations in a Network Environment)
![Page 29: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/29.jpg)
29SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
FCUL
On-going work (hands-on)● Typhon
![Page 30: SecFutNet project - Secutiry for Future Network](https://reader031.vdocuments.site/reader031/viewer/2022020306/54969d85ac7959482e8b50b4/html5/thumbnails/30.jpg)
30SecFuNet: STREP 288349 from FP7-ICT-2011-EU-Brazil
Security for Future Networks
SecFuNet
Diego [email protected]
Navigators' team atLaSIGE - Large-Scale Informatics Systems Laboratory