This axis of the Sotern team addresses security issues lying at the boundary between the monitored system and the user (standing for a network or service operator here). It especially relates to security governance of systems, which is driven by, said generally, policies whose formalisation has led to the development of a wide range of theoretical reference models and languages to express them (e.g., DAC, MAC, RBAC, ABAC, TBAC, OrBAC, DTE as access and usage control models). The development and adoption of flexible systems grounded by the NFV standard of ETSI and now evolving with the 3GPP 5G enable the dynamic deployment of services but open several questions regarding the automatic provisioning of some security features and capability to ensure their good operation and enforcement. As a common substrate for the subsequent challenges and scientific tracks the team explores, we consider the intent abstraction to get closer to a natural expression of the security requirements while maintaining a capacity for automatic and correct translation into configurations of low-level components (e.g., firewalls, IDS, operating systems access control mechanisms, services, databases, etc.) guaranteeing the upstream security requirements.
Grounded by this overall context, the challenges the Sotern team especially tackles, whose identifiers can be retrieved in the overall picture of the Sotern team activities, are as follows:
C3-1: Enabling human-friendly security objectives to robust low-level configurations
Recently, the intent concept has been considered to address security concerns in several contexts}, demonstrating its relevance, especially in use-cases exploiting the agility of virtualization.
As part of this effort, the I2NSF (Interface To Network Security Functions) working group at the IETF investigated the standardization of a framework encompassing high-level security requirements specification up to their translation and setup into network security components (e.g., firewall, IDS, antivirus, URL filtering). Some very first implementation components have been produced and can demonstrate some early operations in this area. If these first available elements are promising in terms of both standards, scientific contributions and implementations, their embryonic nature of the field to date raises some questions the Sotern team investigates. This includes extending the architecture proposed in I2NSF to take into account access and usage control models as security intent translation targets and checking the feasibility (e.g., does the target policy model have the expressive power to express the intent?) and correctness of the translation (e.g., are the security requirements preserved during the translation?).
This challenge is explored in the context of the national Superviz project taking part of PEPR Cyber and especially within the PhD of Do Duc Anh Nguyen.
C3-2: Scalable enforcement correctness of dynamical and context-aware security policies
Several decades of research have led to the establishment of numerous models for expressing security policies and their enforcement along with methodologies for managing their entire life cycle. Recently, however, several contributions have made major advances which allow us to approach new challenges constituted by the security of virtual networks as well as that of advanced communication services. In the first case, we are dealing with policies that apply to virtual execution infrastructures such as slices which evolve dynamically to adapt very finely to user requirements by applying the paradigm of on-demand customization involving pay-per-use billing and on-the-fly sizing with configurable access. Isolation and multi-tenancy appear as new cornerstones requiring the developments of new approaches. In the second case, communication services can remarkably exploit multiple and context-aware security policies matching the various and changing occurrences of the services. Such a context awareness should hold a potential benefit for advanced communications services based, for instance, on social networks. The Sotern team is interested here in analyzing the application of some metagraph-based approach to verify the correctness of the enforcement of dynamical and context-aware security policies. We also plan to investigate the global life cycle of a security policy by articulating it to the intent paradigm.
C3-3: Enabling humans to monitor security enforcement and events
Cybersecurity requires human input in forms like high-level policies, or situational decisions in Security Operation Centers (SOC). Typical interfaces to cybersecurity so far are 2D. With recent advances in 3D interfaces, it becomes possible to envision the use of 3D as interface cybersecurity properties of a system. The focus of this challenge will be on using VR to enrich interfaces to cybersecurity operations.
The goal is to contribute to a distributed collaborative cyber-Security Operation Center (SOC).
The research follows two main lines: realistic and non-realistic visualizations. Realistic visualizations use metaphors people know from their daily lives such as rooms. Non-realistic visualizations use non-real life objects such as helices to visualize data. Another goal is to enable collaboration within and interaction with the developed VR interfaces.
This challenge is addressed as a core activity of the Cyber CNI Chaire.