The objective of this research is to define a set of techniques and tools for the specification and monitoring of allowed data sharing in distributed organizations. The usage control policies can be related to the risk level computed by means of several factors. The tools developed will be also used for information sharing techniques related to cyber-crime prevention and forensics aspects of data management aligned to the European cyber-security directive and associated EU policies and regulatory requirements and recommendations.
Consiglio Nazionale Delle Ricerche
The work described in this website has been conducted within the project NeCS. This project has received funding from the European Union’s Horizon 2020 (H2020) research and innovation programme under the Grant Agreement no 675320. This website and the content displayed in it do not represent the opinion of the European Union, and the European Union is not responsible for any use that might be made of its content.
Dynamic threat assessment is a methodology which applies dynamic attributes for analysing threats and triggers necessary actions to eliminate it.
During my research I continue to study Cyber Threat Information, Cyber threat intelligence and information sharing among different organizations. Cyber threat information sharing among different organisations can improve cyber situation awareness of these organisations.
Cyber threat information is any information that can help an organization to protect itself against a threat or detect the activities of illegal access. It consists at least of four main components such as: Indicators of compromise; Tactics, techniques and procedures; Suggested actions; Finding.
Cyber threat intelligence is organized, analysed and refined information about potential or current attacks that that may attack an organization. The main purpose of threat intelligence is helping organizations understand the risks of the most common and severe external threats, such as advanced persistent threats (APTs), zero-day threats and exploits.
The main topic of my research is Usage Control for Information Sharing towards Internet of Things (IoT).
Usage Control is an extension of Access Control. Although Access Control evaluates attributes only once, before the start of a session, Usage Control (UCON) can deal with them if they change during this session. Beyond Access Control, UCON provides two main novelties which are continuity of control and on mutability of attributes that might cause policy revaluation which might lead to revocation.
Security and privacy are important requirements for IoT due to the inherent heterogeneity of the Internet connected objects and the ability to monitor and control physical objects. However, proprietary security solutions do not help in formulating a coherent security vision to enable
IoT devices to securely communicate with each other in an interoperable manner.
One of the most popular application layer protocols used for information sharing in IoT is Message Queue Telemetry Transport (MQTT) which is a lightweight broker-based Publish/Subscribe messaging protocol standardized in 2013 by OASIS.
My main goal is to integrate Usage Control with IoT protocols and especially with MQTT to achieve secure data sharing. Furthermore, I have created a survey towards all famous IoT application layer protocols such as CoAP, XMPP, AllJoyn, etc. to declare why MQTT is the most appropriate to collaborate with UCON.
As many economic surveys (e.g., the ones of Bitterly, Ponemon, NetDigital) outline Cyber insurance is a fast-growing market. It provides an alternative solution for the treatment of residual cyber risks and smooths potential losses, which may be caused by especially harmful events (e.g., big data breaches). Therefore, nowadays much attention is devoted to the topic in practice as well as in research.
Regardless of the cyber insurance market grows and high attention to the topic, cyber insurance is immature and faces many problems. The most troublesome are lack of available statistics, information asymmetries, risk correlation and interdependency of risk. Research, combining the knowledge of cyber security, cyber security economics and insurance, is required to overcome these difficulties and foster the growing market even more.
A crucial part of insurance is correct and reliable risk assessment, which provides the information to the insurer and insured about expected losses. In the cyber world, this usual management practice faces a number of difficulties, to name a few: lack of available data, rapidly changing threat landscape, quick evolution of technologies and agile systems, large intangible losses, etc.
Taking into account the above-mentioned facts, we see that the research in risk assessment for cyber insurance is challenging and promising at the same time. It requires multidisciplinary knowledge in such topics as cyber security, security economics, threat management, insurance, risk assessment, etc. The chosen research topic is broad enough to study various possible problems, yet all of them can be easily glued in a solid framework, which we are going to build around the idea of a comprehensive and dynamic risk assessment approach.