Skip to main content
An official website of the European UnionAn official EU website
Go to the home page of the European Commission (opens in new window)
English English
CORDIS - EU research results
CORDIS
Content archived on 2024-06-18

Policy and Security Configuration Management

Project description


Trustworthy ICT

Future Internet (FI) applications will see dynamic compositions of services providing a broad diversity of functions, starting with business functionality down to infrastructure services. Their progress crucially depends on the service providers' ability to deal with two interdependent challenges: (1) to achieve, maintain and prove compliance with security requirements stemming from internal needs, 3rd party demands and international regulations and (2) to cost-efficiently manage policies and security configuration in operating conditions.The deficiencies of current processes and tools force service providers to trade off profitability against security and compliance. Major causes are (1) ignorance or manual resolution of policy and configuration dependencies, caused by distinct terminologies and languages of security domains, and the complexity of large-scale distributed systems, (2) constant evolution of requirements and regulations as well as service compositions and configurations, and (3) the number of stakeholders involved in security management and requirement definition.PoSecCo overcomes this by establishing a traceable and sustainable link between high-level requirements and low-level configuration settings. Operations will be supported by self-managed features and decision support systems. Substantial improvements are expected in the areas of policy modeling and conflict detection across architectural layers, decision support for policy refinement processes, policy and configuration change management including validation, remediation and audit support, and security management processes in FI application scenarios. PoSecCo addresses the economic viability of the chosen approach by assessing cost and organizational benefits of an improved policy and configuration management.PoSecCo continues other EC projects, especially DESEREC, POSITIF, and MASTER, and adopts existing industry-standards for change management and audit to ensure its impact.

Fields of science (EuroSciVoc)

CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: https://op.europa.eu/en/web/eu-vocabularies/euroscivoc.

You need to log in or register to use this function

Call for proposal

FP7-ICT-2009-5
See other projects for this call

Coordinator

SAP SE
EU contribution
€ 1 534 996,00
Address
DIETMAR HOPP ALLEE 16
69190 Walldorf
Germany

See on map

Region
Baden-Württemberg Karlsruhe Rhein-Neckar-Kreis
Activity type
Private for-profit entities (excluding Higher or Secondary Education Establishments)
Links
Total cost
No data

Participants (11)

My booklet 0 0