|
|
|
| e-Pub |
Previous | 
Home
Section: Partnerships and Cooperations
European Initiatives
FP7 Projects
Univerself
-
Partner: Universiteit Twente, Alcatel Lucent Ireland, Alcatel Lucent Deutschland, Valtion Teknillinen Tutkimuskeskus (Finland), University of Piraeus, France Telecom, Telecom Italia, National University of Athens, Fraunhofer-Gesellschaft zur Foerderung der Angewandten Forschung, Interdisciplinary Institute for Broadband Technology, Telefonica Investigacion y Desarrollo, Thales Communications, Inria, Nec Europe, University of Surrey, University College London, IBBT (Belgium).
-
See also: http://www.univerself-project.eu/
-
Abstract: UniverSelf unites 17 partners with the aim of overcoming the growing management complexity of future networking systems, and to reduce the barriers that complexity and ossification pose to further growth. Univerself has been launched in October 2010 and is scheduled for four years.
This FP7 European integrated project aims at consolidating the autonomic methods and techniques supporting the management of the future Internet, and at integrating these methods into a unified management framework (UMF). The objective of this framework is to address the management issues of the evolving Internet through the self-organization of the control plane and the empowerment of the management plane with cognition. Our work in the Univerself project mainly concerns the security and safety challenges posed by this unified management framework, with a special interest for the maintenance of safe configurations.
In the Year 2013, we have pursued our efforts on vulnerability management in autonomic networks and systems. In that context, we have worked on the adaptation of observation and operation methods to the specific needs of future networks and services, through the refinement of the Unified Management Framework (UMF) and its network empowerment modules (NEM). A particular focus has been given to methods for assessing past hidden vulnerable configurations [44] as well as techniques for minimizing the impact of the vulnerability assessment process on device resources [45] . We have therefore extended our vulnerability management strategy to the detection of systems compromised in the past by configuration vulnerabilities unknown at that moment, and considered a probabilistic cost-efficient assessment for dealing with resource-constrained environments by taking advantage of the statistical properties of vulnerability description sets.
We have also worked on the design of a configuration assessment service for the UMF framework. NEMs have particular requirements and specific configurations in order to work properly. The interconnections between hundreds of NEMs and the services provided by them increase the complexity of their configuration. This configuration assessment service aims at preventing configuration errors, conflicts between services and inconsistencies that can occur leading to severe operational problems as well as security issues within the framework itself. Even though operating systems where NEMs are deployed and also the NEMs themselves may have security solutions to be protected, such fact does not ensure the security of the whole framework.
FI-WARE
-
Defi: PPP FI: Technology Foundation: Future Internet Core Platform
-
Objectif: PPP FI: Technology Foundation:Future Internet Core Platform
-
See also: http://www.fi-ware.eu
-
Abstract: FI-WARE will deliver a novel service infrastructure, building upon elements (called Generic Enablers) which offer reusable and commonly shared functions making it easier to develop Future Internet Applications in multiple sectors. This infrastructure will bring significant and quantifiable improvements in the performance, reliability and production costs linked to Internet Applications, building a true foundation for the Future Internet.
The goal of the FI-WARE project is to advance the global competitiveness of the EU economy by introducing an innovative infrastructure for cost-effective creation and delivery of services, providing high QoS and security guarantees. FI-WARE is designed to meet the demands of key market stakeholders across many different sectors, e.g., healthcare, telecommunications, and environmental services. FI-WARE unites major European industrial actors.
The key deliverables of FI-WARE will be an open architecture and a reference implementation of a novel service infrastructure, building upon generic and reusable building blocks developed in earlier research projects. We will demonstrate how this infrastructure supports emerging Future Internet (FI) services in multiple Usage Areas, and will exhibit significant and quantifiable improvements in the productivity, reliability and cost of service development and delivery, building a true foundation for the Future Internet.
The MADYNES contributions to the FI-WARE project are:
-
Sicslowfuzzer, a fuzzing framework for the Internet of Things, that allows to assess the robustness of IoT OSes and applications, networkwise. More specifically, the tool uses the Scapy library for packet manipulation, allows users to define interaction scenarios in XML and provides multiple mutation algorithms;
-
Flowoid, a netflow probe for Android-based devices, which also provides a netflow location template to convey location information of the device;
-
XOvaldi4Android, an OVAL interpreter for Android-based devices, that is able to retrieve OVAL definitions using a web service, use them to check the current status of the system, and publish a result, using a second web service;
-
the coordination between the Security Work Package and the Inria teams involved in it. This includes the attending to weekly audio conferences, face to face meetings, and making sure deliverables and tasks were addressed in a timely manner.
Flamingo
-
Partner: University of Twente, Inria, University of Zurich, Jacobs University of Bremen, University des Bundeswehr Munich, Polytechnic University of Catalonia, Interdisciplinary Institute for Broadband Technology, University of Ghent, University College London
-
See also: http://www.fp7-flamingo.eu
-
Abstract: The FP7 FLAMINGO Network of Excellence is composed of 8 partner universities, with complementary knowledge and strong ties to industry. It covers the entire spectrum of network management core functions and application domains, which are required for building, integrating, and disseminating the knowledge of the management plane for the Future Internet.
The objectives of FLAMINGO are (a) to strongly integrate the research of leading European research groups in the area of network and service management, (b) to strengthen the European and worldwide research in this area, and (c) to bridge the gap between scientific research and industrial application. To achieve these goals, FLAMINGO performs a broad range of activities, such as to develop open source software, establish joint labs, exchange researchers, jointly supervise Ph.D. students, develop educational and training material, interact with academia and industry, organize event, and strongly contribute to (IETF and IRTF) standardization [40] .
Our work on network and service monitoring [42] has focused on security attacks in RPL Networks, with a study of DODAG inconsistency attacks jointly with Jacobs University of Bremen. In a RPL network, a malicious node can create artificial DODAG inconsistencies by manipulating IPv6 header options, thereby leading to increased overhead, denial of service and even black-hole attacks that are hard to detect. Our work has consisted in evaluating the impact of DODAG attacks in a RPL network, identifying the key parameters that are required to detect these attacks, developing a mitigation strategy to reduce their effects. Efforts have also been done on a NetFlow/IPFIX Probe for android-based devices, jointly with University of Twente. The major achievements of this collaboration have been the development of a NetFlow and IPFIX metering process for Android devices, the extension of nfdump/Nfsen and SURFmap with location support, and a IETF draft describing a set of information elements for IPFIX metering process location.
We have also contributed to activities on automated configuration and repair [37] , with an in-depth analysis and comparison of existing management architectures. In that context, we have elaborated a survey on autonomic vulnerability assessment, recently published in IEEE Communications Survey and Tutorial [3] . This survey introduces a classification, called D3, to structure the vulnerability assessment activity into three well-defined dimensions: Discovery, Description and Detection. Background and key concepts as well as different leading methods and current techniques have been discussed along this work. We have identified potential applications over diverse contributions that may provide a strong basis for achieving this critical goal within self-governing systems. We have also pointed out several areas such as vulnerability integration models, collaborative vulnerability management approaches and policy-based reasoning systems where the development of novel approaches and solutions are required to provide autonomic environments with the ability of assessing their own exposure.
Collaborations in European Programs, except FP7
-
Objectif: Develop new essential services for city-grade crowd-sourcing platforms and to deploy them on different platforms dedicated to different types of crowd-sourcing activities.
-
Partner: Imperial College of London (UK), BME (HU), KTH (SW), SAP (GE), Cap-Digital (FR), Alcatel-Luccent (FR), Inria (FR)
-
See also: http://www.eitictlabs.eu
-
Abstract: the EIT ICT Labs activity CityCrowdSource is composed of 7 partners, among which 4 partner universities and 3 partner industries. This project tackles the Crowdsourcing services and propose three milestones for such emerging services: trust service, privacy service and process model.
The objective of CityCrowdSource is to develop three new services that are essential for city-grade crowd-sourcing platforms and to deploy and evaluate them on five different existing platforms dedicated to different types of crowd-sourcing activities.
The activity supports to leverage the potential of crowd-based applications in urban contexts. Crowd-based data collection in combination with official data will lead to a vastly improved coverage and quality of digital information for urban areas.The added-value of the proposal is in : (1) the three services: trust, privacy and crowd processes modeling that are not present in any crowd-sourcing platform available today, (2) in the deployment and of these services on top of different crowd-sorucing platforms and (3) the experimentation of these paltforms in real life city scenarios.
Our work in this activity has focused on the design, deployment and experimentation of CrowdOut, a crowdsourcing service for Road Safety. This service has been designed for Android platform and has been tested and evaluated. First, a prototype has been experimented during Futur-en-Seine, the Digital World Festival in Paris (June 2013). Second, we performed experiment in the Grand Nancy Urban Area. The CrowdOut User Interface received support from the Living Lab Inria Sophia-Antipolis.
From this work we published several papers into a national conference (Ubimob) [25] .