Objective POSITIF will develop a framework and tools for policy-based protection of networked systems and applications. A multi-level policy language will be used to describe the desired security policy (high-level requirements and/or detailed controls) while a system language will be used to describe the target system (interconnection topology, functional and security capabilities). A checker will evaluate if the desired policy can be implemented on the target system and will measure the achieved security level.Configurations for the security elements will then be automatically generated and deployed through the network. A monitor will use the security policy for proactive intrusion detection (an intrusion is anything that doesn't comply with the policy) in addition to standard reactive intrusion detection (check against attack patterns). The framework will be usable by any producer of a specific security block or tool because open standard-based languages, interfaces and protocols will be used for policy and system description, configuration instructions and deployment, threat monitoring (e.g. XML, SNMP, IPSP, SAML, IDXP, IDMEF). The framework will be complemented by a suite of security tools (both industrial-grade and open-source) that match the specification and will thus be directly usable within the framework.They will include high-speed (up to 10 Gbps) firewall, VPN and IDS that target the current challenges (wired/wireless protocols, IPv4/IPv6 networks, encrypted protocols, protocols on non-standard ports, XML-based application protocols, multimedia content, ...) and a lightweight security module (for workstations and mobile devices) to protect them against network attacks, make them part of the security system and permit secure download of new configurations. To get user requirements and for development test, the project includes three test beds: a metropolitan research environment, a geographic government network and a wired/wireless phone and ISP operator. Fields of science natural sciencesmathematicspure mathematicstopologynatural sciencescomputer and information sciencescomputer securitynetwork securityengineering and technologyelectrical engineering, electronic engineering, information engineeringinformation engineeringtelecommunicationsradio technology Programme(s) FP6-IST - Information Society Technologies: thematic priority under the specific programme "Integrating and strengthening the European research area" (2002-2006). Topic(s) IST-2002-2.3.1.5 - Towards a global dependability and security framework Call for proposal Data not available Funding Scheme STREP - Specific Targeted Research Project Coordinator POLITECNICO DI TORINO EU contribution No data Address CORSO DUCA DEGLI ABRUZZI 24 10129 TORINO Italy See on map Total cost No data Participants (8) Sort alphabetically Sort by EU Contribution Expand all Collapse all BULL SAS France EU contribution No data Address 68 RUE JEAN JAURES 78340 LES CLAYES SOUS BOIS See on map Total cost No data MINISTERO DELLA GIUSTIZIA Italy EU contribution No data Address VIA ARENULA 70 00186 ROMA See on map Total cost No data POLITECHNIKA WROCLAWSKA Poland EU contribution No data Address WYBRZEZE WYSPIANSKIEGO 27 50370 WROCLAW See on map Total cost No data PRESECURE CONSULTING GMBH Germany EU contribution No data Address BEELERTSTIEGE 2 MUENSTER See on map Total cost No data ST. PETERSBURG INSTITUTE FOR INFORMATICS AND AUTOMATION OF THE RUSSIAN ACADEMY OF SCIENCE Russia EU contribution No data Address 14TH LINE, 39 199178 ST. PETERSBURG See on map Total cost No data STIFTUNG SECURE INFORMATION AND COMMUNICATIONS TECHNOLOGIES - SIC Austria EU contribution No data Address INFFELDGASSE 16A 8010 GRAZ See on map Total cost No data UNIVERSIDAD DE MURCIA Spain EU contribution No data Address AVENIDA TENIENTE FLOMESTA S/N - EDIFICIO CONVALECENCIA 30003 MURCIA See on map Total cost No data VODAFONE OMNITEL N.V. Italy EU contribution No data Address VIA JERVIS 13 10015 IVREA See on map Total cost No data