Skip to content
Home » News » RIGOUROUS Newsletter 6

RIGOUROUS Newsletter 6

    June 2024

    Picture of the project's booth at EuCNC.
    RIGOUROUS project booth at EuCNC 2024

    Project Highlights

    The RIGOUROUS project continues to evolve and is nearing major deliverable checkpoints. Learn about our latest completed implementations, and preliminary results in various areas, right below!

    In this recent phase, the major deliverable D3.2 is nearing completion, presenting an initial implementation and preliminary result for each of the following tasks:

    Task 1: Human-Centric Security, Privacy Modeling, and Onboarding:

    A comprehensive system model was developed, aiming to provide a detailed understanding of the system and its functionalities and interactions. Security policy models were defined to process Medium-level Security Policy Language (MSPL) policies, ensuring the security of the RIGOUROUS infrastructure. 

    The RIGOUROUS architecture for privacy modeling and quantification in data management involves a systematic method to quantify service privacy levels using a declarative, service-specific privacy manifest. This manifest is analyzed by a privacy quantification model employing predefined metrics and algorithms, customizable according to user preferences or regulatory standards. The architecture accommodates service updates, maintaining a privacy benchmark as the service evolves and empowering users to manage their privacy.

    The onboarding process, based on OpenSlice, focuses on security, privacy, and human-centric design. It contains several components, such as:

     The Service Composition UI (SCUI) offers end-users privacy-focused secure network applications, and the Human Controllable Privacy UI (PUI) helps developers understand service privacy scores during design. 

    The Privacy Quantifier component computes the privacy score of entities.

    The Enhanced Human-Centric Virtual Network Function (VNF) Catalog Management WEB UI allows users to design Network Functions Virtualization (NFV) artifacts with privacy quantification and enhanced security controls. 

    Tele Management Forum (TMF) APIs and 3rd party VNF/Network Service Descriptor (NSD) Management API service provide APIs for onboarding and managing descriptors. 

    The Application Onboarding UI (AOUI) configures the Policy Control Function (PCF) of the network core. 

    The Intent-Based Security Management component refines security policies, while the AI-Driven Security Orchestrator translates and enforces them. 

    The Threat Risk Assessor (TRA) handles risk model onboarding, and the service registry enables automatic registration and discovery of services. 

    The network applications allow dynamic mutation of network services using moving target defense (MTD) techniques to increase resilience and reduce the attack surface. 

    Task 2: AI-Driven Cross-Domain Security and Privacy Orchestration in IoT-Edge-Cloud Continuum:

    UMU-developed security orchestrator, enhanced in the RIGOUROUS project to utilize AI for decision-making across various network layers (…) A policy-based approach standardizes security management in complex 5G infrastructures by defining security requirements clearly and enhancing system consistency. This comprehensive process ensures effective orchestration and enforcement of security policies across different network segments.

    The IoT device bootstrapping specification outlines how IoT devices connect to a network for authentication and secure connection setup, as well as how they obtain long-term credentials securely

    Trusted Application Onboarding: Applications disclose how they handle data, especially private data, allowing for the creation of different versions of the same application with varying privacy features or different applications providing the same function with different privacy characteristics.

    Task 3: Zero Trust and Smart Security Management:

    Trust Evaluation and Trust Enabler Service Framework (TESF) for the Beyond 5G (B5G) and 6G Systems: A standalone system is developed to perform security/trust evaluations and assign trust scores based on security evaluation results (related to deviations from expected/specified standard behaviors. These trust scores help network and management entities make timely decisions during network operations and orchestration to mitigate network risks and threats. 

    Task 4: End-to-End Multidomain Multi-Tenant 6G Slicing:

    To secure network slices across different domains, security agents and slice controllers are essential. Security agents monitor and manage network elements, collect data from devices for security decisions, and enforce security measures from the orchestrator. Security slice controllers create and implement channel protection policies for network slices as directed by the security orchestrator.

    What happened recently:

    Follow & Contact Us

    Leave a Reply