Policy-Assessed system-level Security of Sensitive Information processing in Virtualised Environments. (PASSIVE)
The PASSIVE project proposes an improved model of security for such virtualized systems to ensure that: Adequate separation of concerns (e.g. policing, judiciary) can be achieved even in large scale deployments Threats from co-hosted operating systems are detected and dealt with; Public trust in application providers is maintained even in a hosting environment where the underlying infrastructure is highly dynamic
The PASSIVE project proposes an improved model of security for such virtualized systems to ensure that: Adequate separation of concerns (e.g. policing, judiciary) can be achieved even in large scale deployments Threats from co-hosted operating systems are detected and dealt with; Public trust in application providers is maintained even in a hosting environment where the underlying infrastructure is highly dynamic
UMA leads an activity in WP2 that will analyze existing tools, techniques, algorithms, and methods applicable to security protection and management in a virtualized environment. WP2 will identify current security solutions (state of the art) that fit best the enhanced, fine-grained, policy-based security approach as well as suitable enabling technologies through a focussed review of existing research projects, standards and commercial implementations. This state-of-the-art analysis is the starting point for the building of technologies and architectures in order to realize the project’s approach. UMA’s work in WP3 is focused on the design of the architecture for dynamic security monitoring and enforcement based on software protection scheme for client software. Monitoring should be able to check a set policy-defined conditions at runtime to detect threats or anomalous behavior, enforced through secure software execution methods that comply with the defined policies.
To achieve these aims, the consortium proposes: A policy-based Security architecture, to allow security provisions to be easily specified, and efficiently addressed. Fully virtualized resource access, with fine-grained control over device access, running on an ultra-lightweight Virtual Machine Manager. A lightweight, dynamic system for authenticaton of hosts and applications in a virtualized environment.
PASSIVE will lower the barriers to adoption of virtualized hosting by government users, so that they may achieve the considerable gains in energy efficiency, reduced capital expenditure and flexibility offered by virtualization.
GISUM (Software Engineering Group of the University of Malaga)
Code PAIDI: TIC136
JOSE MARIA TROYA LINERO. Socio.
Universidad de Málaga
Budget of Andalusian group: € 311,680.00
- University of the Aegean-Research Unit
- ANECT A.S.
- ANECT A.S.ENGINEERING - INGEGNERIA INFORMATICA SPA, THALES RESEARCH & TECHNOLOGY (UK) LIMITED
- TECHNISCHE UNIVERSITAET DRESDEN
- UNIVERSIDAD DE MALAGA
- WATERFORD INSTITUTE OF TECHNOLOGY.
