Objectives
The MULTIPOL project motivation is driven by the ability for users of independently-administered security domains, to access resources from one domain to another, with the guaranty that they will get enough rights to work, and only the requested minimal rights. This interoperability between domains will take effect at runtime, when live authorization decisions are taken, and also in an out-of-band mode, in order to compare the meaning and objectives of the security policy of each domain.
From the technical relevance point of view, the principal innovative result will be the creation of a modular and consistent suite of software modules to implement strong access control between independently-administered domains, i.e. that have separate and different security policies.
Modularity means that several only modules can be deployed, in order to correspond to a specific security need. Consistency means that when used in combination, the modules perfectly work together and collaborate.
This approach is different from middleware toolkits, which at the same time are monolithic, meaning that deployments are heavy in all situations, and incomplete or inoperable, because extra development must be done on top of APIs to adapt the behaviour of the different modules working together. MULTIPOL delivers an effective suite of security applications, that are the software deliverables of the work packages.
The MULTIPOL project extends the existing elements in several directions:
- Provide a complete set of software applications providing strong security features between independently-administered security domains,
- Apply the related findings at runtime, when users access to resources,
- Apply innovative mechanisms to the comparison of the security policies of interoperating domains,
- Take all existing environments into consideration, not only SOA-enabled applications and Web Services, but also other traditional applications, as well as network devices,
- Develop elaborated experimental applications in several sectors: airport infrastructures, health care, telecommunications, to validate the usage of the project outcomes at a broad scale and promote their utilization in several vertical sectors,
- Conduct applicability studies about emerging security standards, applied to a broader scope of real-life applications than the one usually considered.
Finally, one crucial objective -and benefit- of the project is the synergy provided by the partners having different experiences and different degrees of expertise. In addition, concepts and architecture issues stemming from one sector can be transposed into another and vice versa.
As a result, the MULTIPOL project is expected to strengthen the competitive position of the European industry in the addressed sectors, based on its improved capacity to implement and deploy powerful yet pragmatic security mechanisms, mandatory for the companies business in these sectors. This, in turn, will be beneficial to the employment situation in Europe.