Security policy in multi-domain environments

• 

  News on the web site of the European Software Institute (ESI)
  December - 2008

• 

  Flyer edited for Gartner IAM summit 2008, London. Associated Press Release about launching of MULTIPOL. Article on Evidian blog. (Evidian)
  June - 2008

• 

  News on the website of ATOS (ATOS)
  December - 2009

• 

  Bull worldwide newsletter (Evidian)
  July - 2008

• 

  Martin Kuppinger paper about the launching of Multipol (Evidian )
  August - 2008

• 

  News on the web site of the Innovalia Association (Innovalia)
  December - 2008

• 

  Article in the “Telecom” french review, special issue on Security (Evidian)
  December - 2008

• 

  Celtic meeting Presentation of MULTIPOL to the "Federated Testbed for Public Safety Communication" Celtic project (Nextel)
  November - 2009

• 

  Press Release at Redes Telecom, Network World, Europa Press, Eco Diario, Terra, Yahoo (Nextel)
  April - 2009

• 

  XI Jornadas de Seguridad (Nextel)
  November - 2009

• 

  Innovalia day 2009 (Innovalia, Nextel)
  July - 2009

• 

  Using Timed Coloured Petri Nets and CPN-tool to Model and Verify TRBAC Security Policies.
  May - 2010

• 

  ITEA 2 Symposium 2008 (Evidian)
  June - 2010

• 

  Press Release at Nueva Gestion (Nextel)
  May - 2009

• 

  European Experts Meeting on Technologies for Electronic Identification (Evidian)
  March - 2009

• 

  Kuppinger Cole annual briefing (Evidian)
  October - 2009

• 

  US-France young engineering scientists symposium 2009 Paris 12
  July - 2009

• 

  Gartner IAM summit 2009, London (Evidian)
  March - 2009

• 

  Nextel day 2009 (Nextel)
  December - 2009

• 

  Modeling and Verification of RBAC Security Policies Using Colored Petri Nets and CPN-tool.
  April - 2010

• 

  GITEX Technological Week (Evidian)
  October - 2009

• 

  Burton Group annual briefing (Evidian)
  June - 2009

• 

  On the Composition of Access Control Management in Multidomain Environment.
  June - 2010

• 

  ITEA 2 Symposium 2009 Evidian, ATOS, Answare, Paris 12, Nextel, Innovalia, CityPassenger
  June - 2010

• 

  Burton Group Catalyst conference, Prague Roundtable discussion about Role Management and User Provisioning (Evidian)
  June - 2010

Objectives

The MULTIPOL project motivation is driven by the ability for users of independently-administered security domains, to access resources from one domain to another, with the guaranty that they will get enough rights to work, and only the requested minimal rights. This interoperability between domains will take effect at runtime, when live authorization decisions are taken, and also in an out-of-band mode, in order to compare the meaning and objectives of the security policy of each domain.

From the technical relevance point of view, the principal innovative result will be the creation of a modular and consistent suite of software modules to implement strong access control between independently-administered domains, i.e. that have separate and different security policies.

Modularity means that several only modules can be deployed, in order to correspond to a specific security need. Consistency means that when used in combination, the modules perfectly work together and collaborate.

This approach is different from middleware toolkits, which at the same time are monolithic, meaning that deployments are heavy in all situations, and incomplete or inoperable, because extra development must be done on top of APIs to adapt the behaviour of the different modules working together. MULTIPOL delivers an effective suite of security applications, that are the software deliverables of the work packages.

The MULTIPOL project extends the existing elements in several directions:

• Provide a complete set of software applications providing strong security features between independently-administered security domains,
• Apply the related findings at runtime, when users access to resources,
• Apply innovative mechanisms to the comparison of  the security policies of interoperating domains,
• Take all existing environments into consideration, not only SOA-enabled applications and Web Services, but also other traditional applications, as well as network devices,
• Develop elaborated experimental applications in several sectors: airport infrastructures, health care, telecommunications, to validate the usage of the project outcomes at a broad scale and promote their utilization in several vertical sectors,
• Conduct applicability studies about emerging security standards, applied to a broader scope of real-life applications than the one usually considered.

Finally, one crucial objective -and benefit- of the project is the synergy provided by the partners having different experiences and different degrees of expertise. In addition, concepts and architecture issues stemming from one sector can be transposed into another and vice versa.

As a result, the MULTIPOL project is expected to strengthen the competitive position of the European industry in the addressed sectors, based on its improved capacity to implement and deploy powerful yet pragmatic security mechanisms, mandatory for the companies business in these sectors. This, in turn, will be beneficial to the employment situation in Europe.

 

The partners

• 
• 
• 
• 
• 
• 
• 
• 
• 
•