About us     
   Mission     
   Structure   
   Contact Celtic   
   Celtic Core Group   
   Location   
   General Funding Information   
   National Contact Points   
   Call 6 Information         
   Call 6 calendar   
   Call support (docs and forms)   
   Online submission   
   Project Key Information   
   Project Support   
   Project Tools   
   Find Project or Partner to join   
   Celtic Handbook   
   Frequently Asked Questions   
   Press & Media   
   Celtic News       
   Purple Book   
   Celtic Brochure   
   Project Leaflets   
   Celtic Events       
   Celtic Domain log-in   
   Apply for log-in             
   Search the EURESCOM Public Web       
  Project Information Status: Finished  

 
  BUGYO received the Celtic Excellence Award on February 2008  
       Building security assurance in open infrastructures  
   
Project Key Data Project Consortium
Project ID: CP2-002 Alcatel CIT, France
Start date: June 2005 EADS-DCS, France
End date: June 2007 ENST, France
Total budget: 6,2 MEuro Oppida, France
Total effort: 47,1 PY TELINDUS, Luxembourg
    Public Research Center HENRI Tudor, Luxembourg
Coordinator: Bertrand Marquet, Alcatel, France Karlstad University, Sweden
    e-mail: bertrand.marquet (at) alcatel.fr OnePutt Solutions, Sweden
      TeliaSonera, Sweden
      Acotec, Spain
      Telefónica, Spain
Focus
  • Framework providing means for measuring security assurance of telecoms infrastructure and services
Main Results
  • System security assurance framework including
    - methodologies, best practices, tools and certification cockpit
  • System Security Cockpit as interface for operator and service provider
    - to obtain and maintain a security assurance level for a specified service
Abstract
Open systems such as telecommunications infrastructures are massively distributed. They are composed of highly connected sets of managed products. There is no general way to measure the confidence operators and end customers can have in the security of the infrastructure, in end-to-end security services and in the security of end-to-end services above those architectures.

This project aims to define a security framework to measure, document and maintain the security assurance level of services based on telecommunication system.

The security framework will provide guidelines and methods, as well as software applications, to assess the overall confidence that can be obtained. The framework will be based on a specific middleware, developed using technologies such as mobile agents, to collect information within infrastructures in a non-disturbing and non-intrusive way. Information will be collected by applications such as vulnerability automatic research engine, protocol security analyzer, and will include configuration management information (linked to databases of certified configuration) to automate security testing.

The project will deliver a system security cockpit, built using the security framework, to help equipment manufacturers, networks architects, and operators reach and maintain a certain level of security assurance. The cockpit could show certified components/configurations within the architecture, identify assurance domains and be an assistant to remotely and automatically launch specific tests on equipment to augment/verify the security quality assurance level (automated, remote non-intrusive audits), etc. Applications of this security cockpit will address interaction and integration into Network Management Systems (NMS) and interfaces to Operation Support Systems (OSS).