PRECISE

Date: 
01/01/2015 to 31/12/2017

Providing security has become a key objective for ICT (Information and Communication Technologies), due mainly to the increase of their use in all the activities of the society. The main purpose of the mechanisms designed to provide security is to prevent against malicious users. However, sometimes the different components of a system have to protect themselves against those that offer services.

Traditional security mechanisms then are not enough. We need an additional service that protects all the components in a system against the others with which they have to interact. It is then when a Trust Management service useful since it provides a higher flexibility to the security mechanisms. This eases the decisión-making process in the case of lack of information about the components of a system.

Even though the importance of security and the benefits of the use of trust management to enforce it are a fact, the development of software does not usually consider them in a holistic manner during the Software Development Life Cycle (SDLC) (from requirementes to implementation). Security is usually an add-on feature to the systems after they have been built. Moreover, trust management is in most of the cases designed as a specific solution for a concrete application. This brings numerous problems since embedding security or trust in an effective manner is not always possible once the system is built. As a consequence, econimic loss and waste of time are considerable since the resulting software is not trusted (so users are reluctant to use them) or in the worst case, useless.

PRECISE will solve this problem by designing a process for the development of secure software based on trust. The final result of PRECISE will include a set of guides, methodologies, recommendations, specific languages and tools to produce code that will guide developers to produce secure software in each phase of the development of software.

This will be done in a way that the trust relationships among the components of the system are captured. This will result in what we are going to call trusted by design software. The process will be flexible enough for capturing the evolution of the trust features during all the phases of the development of the software. Thus, if a trust requirement changes there is not need to start the process from the scratch but it is posible to re-use what it was done earlier in order to accomodate this new requirement into the whole development.

Week: 
Wednesday, 1 August, 2018

Project type:

News

EU to strenghten its expertise in cybersecurity research, technology and industrial developmen

Europe is stepping up its protection against cybersecurity threats, and is discussing a new structure of pool of expertise which will help secure the digital single market and increase the EU’s autonomy in the area of cybersecurity.

Europe is currently working on the establishment of a top knowledge base for cybersecurity and a network of national cybersecurity coordination centres called the European Cybersecurity Industrial, Technology and Research Centre and the Network of National Coordination Centres.

Future Events

Cyber Insurance and its Contribution to Cyber Risk Mitigation - Leiden March 25-29
25/03/2019 to 29/03/2019
Image:

The rise in both the scale and severity of recent cyberattacks demands new thinking about cybersecurity risk and the mitigation and transfer of that risk. Cyber insurance is one potential way to manage risk by transferring damage liability, but the cyber insurance market is immature and the understanding and actuarial knowledge of cyber-risk is currently underdeveloped.

e-SIDES workshop 2019
02/04/2019
Image:

e-SIDES workshop: Towards Value-Centric Big Data: Connect People, Processes and Technology

BRUSSELS

2 April 2019

10am to 4pm

 

e-SIDES is a research project funded by European Commission H2020 Programme that deals with the ethical, legal, social and economic implications of privacy-preserving technologies in different big data context.