Serenity, System Engineering for Security & Dependability
Information Society and MediaSixth Framework Programme
LATEST NEWS:
default
Newsletter Subscription Search Engine Site Map Contact
SERENITY Home Page ->  State of the art review
Serenity Forum Website
Motivations & objectives
An EU integrated project
State of the art review
Organization & Business
Workflow & Services
Network & Devices
Runtime Support
FAQ
Quick bibliography
Useful links
Serenity partners forum (reserved)

State of the art review

Each of the 4 SERENITY focus activities, Organization & Business, Workflow & Services, Network & Devices, and Runtime Support, provides an overview of the trends and evolution in their respective R&D domains. This work constitutes the first principal deliverable of SERENITY and establishes the roadmap for the research.
 

Organization & Business

Overview of the trends and evolution in Organization & Business

In the standards and business community and in the academic community there have been a number of attempts to design methodologies and support tool to capture security engineering. On one side we have industry standards for drafting organizational privacy and security policies but offers no methodological tool for actually making the design decision. On the other side, we have complex methodologies for design decisions on security but that do not seem to have the capability to scale up to the complexity that real case-studies call for.  [>>>] 

Workflow & Services

Overview of the trends and evolution in Workflow & Services

Workflows are automated representations of business processes that enhance business flexibility and maintainability through separation of the business policy from the applications. In the ambient intelligence environment, workflow management applications will extend content integration and will need to combine functionality from many different applications, rendering security issues at the workflow level prominent. Modelling tools and languages such as the Workflow Management Coalition (WfMC), WPDL/XPDL, BPEL, BPEL4WS or UML don't provide support for identifying and recording security requirements in an explicit way.  [>>>] 

Network & Devices

Overview of the trends and evolution in Network & Devices

A large variety of security solutions exist for the protection of IT networks and devices. However, the interplay of these solutions in the context of heterogeneous and dynamic computing environments is not well understood. Furthermore, there is no unambiguous description of these solutions taking into consideration their security properties and context conditions.  [>>>] 

Runtime Support

Overview of the trends and evolution in Runtime Support

Research into run-time security monitoring techniques has delivered techniques that monitor conditions related to security which are expressed in the form of security policies. Often these conditions are related to an infrastructure layer (e.g. network connections) and may fail to reflect application level and context specific security requirements. Existing techniques also monitor security conditions in isolation. As a consequence, they are unable to detect security breaches and threats which arise due to interactions between different functional and dependability system requirements and security requirements, or breaches and threats which arise due to violations of conditions that relate to non infrastructural system aspects (e.g. negligence at the level of system users).  [>>>] 
Motivations & objectives - An EU integrated project - State of the art review - FAQ - Quick bibliography - Useful links - Site Map - Contact - Legal information