Blog of Random Thoughts and Pictures

Protection and Trust in Financial Infrastructures

September 24th, 2010


Not one our first projects to start in the FP7 programme, but our first project to finish. PARSIFAL was a coordination action, funded by the European Research Programme for Critical Infrastructure Protection. Its objective was to define how to better protect Critical Financial Infrastructures (CFI) in Europe.
There were a limited set of partners on the project ATOS Origin Sae, Spain (coordinators), ACRIS GmbH, Switzerland; @bc – Arendt Business Consulting, Germany; Avoco Secure Ltd, UK; EDGE International BV, Netherlands and of coures ourselves from the TSSG.
The key achievement of the project was to strengthened engagement between the European Commission and the Financial Services Industry in terms of trust, security and dependability. Financial Services are seen as a critical ICT infrastructures and so the purpose of this project was to provide direction for future research programmes, helping to align research in this area to the needs of the Financial Services Industry.
Parsifal has produced a whitepaper to highlight its acheivements [pdf].
There is also a document which gives some further details of the main research gaps in the area such as the classification of identity attributes for on-line and mobile users of financial services. The document points out this these identity attributes should be defined and well understood by providers of these services and their customers and in particular the:
3.1 Classification of identity attributes for online and mobile users
3.2 Trust Indicators for financial services to determine risk level
3.3 Multiple-identity management platforms
With the new dimension of cloud computing/architectural changes and de-perimeterization, can lead to new needs for standardization and regulations (flexible virtual concentration)
4.1 Standard and cross border digital identities in the financial market
4.2 Data-linked security policies
4.3 De-perimeterization of organizations: models and cross order issues:
5.1 Design and implementation of secure platforms and applications
5.2 Model Definition
For the full document read Section 3.1 of the Gap analysis report by clicking here
One of the main research items from the project has been the draft ontology of financial risks & dependencies within and without the Financial Sector (D2.1 – V2.0) [pdf].
The aim of the document is to contribute to a common understanding of the key concepts in risk management and financial infrastructures. It presents a simple model combining the ontologies from both the security and the financial sector.
There are ontologies in three work areas (business continuity, control engineering, trusted sharing of sensitive /confidential information). These ontologies lay the ground for further approaches, while one-page roadmaps illustrate the instant benefits of this approach.
ASimpleOntologyofDigitalIdentity.png
There is an extensive structured glossary in the document too. This glossary is based on a compilation of terms, available from public institutions (like the European Central Bank) or known experts. It includes more terms appearing in the other deliverables of the Parsifal project and being especially relevant to our context.
The main contributors to this work were J.-Yves Gresser, B. Haemmerli, S. Morrow, H. Arendt and Keiran Sullivan (TSSG), with Keiran leading a paper in the area “Risk ontologies – Security or Trust? Terminological & Knowledge Organisation”, TKE 2010, Sept. 2010.
All in all not a bad output from a humble CSA.

Looking back on a project that is 4WARD

September 6th, 2010

The ICT 4WARD project has come to a close and it’s time to reflect on what was been billed as a clean slate project which was to combine sets of radical architectural approaches towards the future Internet, building on a strong mobile and wireless background to design inter-operable and complementary families of network architectures.

4WARD was my first project in the FP7 programme, and was quite different from the FP6 projects that I participated in, FP7 has been an interesting experience to say the least! Work on the proposal started in the summer of 2006, and took 8 months to complete, and then another 8 months were taken with its review and contract negoations with the project itself starting in ernest on Janurary 1st 2008.
30 months later, after 7 project meetings stretching from Lisbon to Stockholm and in excess of 32,000km travelled, upteen conference calls and many many more wiki updates, I come to the end of 4WARD.
Well I have to say I worked with some hugely talented people in the project, with Patsy, Zohra, Chris and Eamonn making huge strides to further our research in component based architecture, domain specific languages and in-network management, and all of this work is reflected in the delieverables of 4WARD, which are the main visable output from a project.
WP2
D-2.1 Technical Requirements
D-2.2 Draft Architectural Framework
D-2.3.0 Mechanisms for Generic PathsArchitectural Framework: new release and first evaluation results
D-2.3.1 Final Architectural Framework

WP4
D-4.1 Definition of Scenarios and Use Cases
D-4.2 In-Network Management Concept
D-4.3 In-network management design
Papers are also a clear output form the project and I collaborated on 6 specific 4WARD papers:
1. In the paper “Towards a New Architectural Framework; The Nth Stratum Concept“, we presented our new architectural framework called the Nth Stratum concept, which takes a holistic approach to tackle these new needs and requirements on a future communication system.
2. In the paper “A Framework for In-Network Management in Heterogeneous Future Communication Networks“, we proposed the radically new paradigm of in-network management, which targets the embedding of self-management capabilities deep inside the network nodes. In this paper, we focus on our framework for in-network management, which allows management logic to be embedded and executed within network nodes. Based on a specific use-case of bio-inspired network management, we demonstrate how our framework can be exploited in a network failure scenario using quorum sensing and chemotaxis.
3. In the paper “Mobility Scenarios for the Future Internet: The 4WARD Approach”, we highlight the 4WARD research approach to make a vision of a “network of information” reality. New system design methods for customized architectures on flexible network platforms will be combined with the capabilities of virtualization of all network resources including the wireless access. Together with a new generic path concept for flexible interconnection of objects of any type and a new paradigm for naming, addressing and managing mobile objects, the envisaged “network of information” model will be constructed.
4. In the paper “Architectural Principles and Elements of In-Network Management” we propose the in-network management (INM) paradigm, which adopts a clean slate design approach to the management of future communication networks that is brought about by evolutionary design principles. The proposed paradigm builds on embedded management capabilities to address the intrinsic nature, and hence, close relationship between the network and its management. At the same time, INM assists in the gradual adoption of embedded self-managing processes to progressively achieve adequate and practical degrees of INM. We demonstrate how INM can be exploited in current and future network management by its application to P2P networks.
5. In the paper “An Introduction to Network Stack Design using Software Design Patterns” we present our architectural framework which proposes a component-based architecture consisting of building blocks of reusable functionality, components that allow the construction of these building blocks and the composition of complex functionality, control elements facilitating communication between blocks, and a repository of building blocks. The architecture allows for rapid composition of federations of components, enabling an easy transition from present network infrastructure towards the future Internet and realizing the on-demand creation and configuration of protocol stacks for components.
6. In the paper “A Case Study for defining Interoperable Network Components using MDD”, we present a case study using Model Driven Development addressing interoperability requirements in next generation networks. Our approach focuses on the specification of a high level Contract Domain Specific Language we combine Component-based Software Engineering for the design with our long-term experience of network resource management and performance optimisation. Part of our case study is a tool chain that supports the network engineers who deploy next generation networks.
None of these papers would have seen the light of day without the kind support and drive of my co-authors who included Patsy, Zohra, Sven, Chris, Eamonn, Sasi, Dmitri, D. Dudkowski, M. Brunner, G. Nunzi, C. Mingardi, C. Meirosu, S. Engberg, M. Söllner, C. Görg, K. Pentikousis, J. Mª Cabero Lopez, P. Bertin, M. Johnsson, J. Huusko, T. Frantti, F-U Andersen and T-M-T. Nguyen. I have gained many friends going through this process.
Finally the one surprise output from the project has been the open source release on the CBA concept, which has been the seed for OpenTinos. All in all I see the support of OpenTinos keeping me quite busy in the coming months.

Twitter Weekly Updates for 2010-09-04

September 4th, 2010
  • Just listed an item on eBay, can't wait for the bidding war to start. (Stage 1 Tozood) http://bit.ly/clCqLe #
  • The cinema in Waterford has an additional service charge of 50c on the ticket, what in the hell is that for? #

Powered by Twitter Tools