Objectives

The PREDYKOT project motivation is driven by the growing necessity to shift the focus of security policy management from basic operational improvements to critical intelligence for business process improvement. Intelligent mechanisms are indeed necessary to ensure that a policy remains efficient in time, to take contextual information into consideration to dynamically refine the policy, with the objectives of governance, risk management and compliance.

From the technical relevance point of view, the principal innovative result will be the creation of a modular and consistent suite of software modules to dynamically refine a policy (access control security, SLA etc) and to ensure that it remains efficient whatever changes occur to it: administrative, contextual etc. Modularity means that only a subset of modules can be deployed, in order to correspond to a specific security need. Consistency means that when used in combination, the modules perfectly work together and collaborate. This approach is different from middleware toolkits, which at the same time are monolithic, meaning that deployments are heavy in all situations, and incomplete or inoperable, because extra development must be done on top of APIs to adapt the behaviour of the different modules working together. PREDYKOT delivers an effective suite of policy-related applications.

The PREDYKOT project extends the existing elements in several directions:

  • Provide a complete set of software applications providing strong policy-related features,
  • Apply innovative reasoning techniques to security metrics and contextual information,
  • Distribute these intelligent mechanisms into smart nodes,
  • Apply the resulting deductions as feedbacks to the security policy,
  • Validate the policy refinements using approval workflows,
  • Assess the quality and efficiency of the policy via a steering dashboard for governance, risk management and compliance
  • Develop elaborated experimental applications in several sectors: energy management, secure telecommunications, identity and access management, to validate the usage of the project outcomes at a broad scale and promote their utilization in several vertical sectors,
  • Conduct applicability studies about security management standards.

Finally, one crucial objective -and benefit- of the project is the synergy provided by the partners having different experiences and different degrees of expertise. In addition, concepts and architecture issues stemming from one sector can be transposed into another and vice versa.