A contract-based event-driven model for cooperative environments: the case of collaborative security

Introduction The raising availability of Internet connectivity and the increase of network bandwidth are boosting the use of the world wide web for providing more and more services. Supported services range from e-commerce to social networks, from telephone calls to business-to-business transactions. Therefore a huge amount of businesses are relying on the Internet. Moreover, the access to an unbelievable quantity of high-value and sensitive information is enabled and secured employing the Internet as Critical Infrastructure. What could be the next generation services provided by Internet? Besides, is Internet reliable enough for supporting all these services? This work aims at addressing together these two questions, investigating the paradigm of coopera- tive environments as a possible mean of letting diverse organizations collaborate in the context of the security of Financial Institutions. A brief overview of cooperative environments is provided, in order to introduce the main topics of the whole work. All these aspects are supported by CoMiFin, a European project focused exactly on the security of Financial Institutions. A short description of CoMiFin is also given, together with a more detailed background about Financial Institutions scenario. Cooperative Environments For today’s software systems, the need of timely and adaptively reacting to unpredictable changes in the environment, so as to identify and notify possible opportunities and threats to interested actors, is becoming more and more crucial. On these lines, a very interesting class of systems is that of Sense and Respond (SRS). They detect and correlate external events, that is the sense phase, and then produce on time useful outputs, that is the respond phase. A primary property of SRSs is the ability to produce timely responses. Part of the complexity of present environments is due to the high speed in which changes occur and it’s often crucial to react with a limited delay. For example, systems that monitor Critical Infrastructures have to notify anomalies as soon as possible, in order to prevent damages to people or things. An important aspect of SRSs is that the quality of generated responses depends on how much input is gathered. Let’s consider a system in charge of computing the fastest route to reach a certain destination. If this system were based on roads’ topology only, such calculation wouldn’t take into account any problem due to trac condition or road accidents. The employment of some automatic 1


Parole chiave

ingegneria informatica
intrusion detection
computer engineering
sr life cycle management
agilis system

