PASSIVE is an EU funded project which proposes to introduce an improved model of security for virtualisation technologies and cloud computing for e-Government
Virtualised service platforms and cloud computing hold great promise for delivery of large applications in e-Government. However, to date, the fundamental shared-resource nature of virtualisation technologies has raised legitimate security concerns for Government and other organisations with duties to protect confidential data.
The PASSIVE project proposes an improved model of security for such virtualised systems to ensure that:
• adequate separation of concerns (e.g. policing, judiciary) can be achieved even in large scale deployments,
• threats from co-hosted operating systems are detected and dealt with;
• public trust in application providers is maintained even in a hosting environment where the underlying infrastructure is highly dynamic.
To achieve these aims, the consortium proposes:
• A policy-based Security architecture, to allow security provisions to be easily specified, and efficiently addressed.
• Fully virtualised resource access, with fine-grained control over device access, running on an ultra-lightweight Virtual Machine Manager.
• A lightweight, dynamic system for authentication of hosts and applications in a virtualised environment.
In so doing, PASSIVE will lower the barriers to adoption of virtualised hosting by government users, so that they may achieve the considerable gains in energy efficiency, reduced capital expenditure and flexibility offered by virtualisation.
In this project the TSSG will work on two specific research themes. Firstly on the security and access policy definition which will be based on the definition of a language that describes rules for resource access. This will lead to the creation of a policy engine and authentication module which will transform PASSIVE policies for security, authentication/identification and accounting into instructions applicable to control the access rights in the resource virtualisation subsystem.
Secondly the TSSG will design an integrated metering and accounting system for the PASSIVE framework. Accounting refers to the tracking of virtualized resources and services utilization and to the linking of the resource consumption with the users (or generic entities such as applications). This research will lead to the design of a service usage metering model for the measurement of the virtualized resources.
PASSIVE is currently Running and was funded by the European Union FP7 ICT work programme, under ICT Call 5 to a total of €2.3 million euro. The project started in June of 2010 and ended in May 2012.
For more information please visit PASSIVE project website OR email the Project Manager Eamon Power
OR Patrick Phelan
Ph:- +353 51 302956 OR +353 51 302900