Research Goals

The project execution involves the development of new security models, techniques, and services that need to be devised, implemented, and analyzed both theoretically and experimentally. To attain this, we have designed a research program closely aligned to the project goals that orchestrates all efforts in a coherent way. A salient feature of our research program is that we have purposely attempted to allow different work packages to be carried out with relative independence. The nature of the project allows this, as our goals affect security and privacy aspects at three related but separate levels: software and services, networking, and governance. Overall, this facilitates that different research sub- teams undertake work on each research line coherently within the greater scope of the project, but with a fair degree of parallelism.

SPINY goals

The research plan comprises an initial stage (WP1) whose purpose is to identify threats, adversarial models, and design principles. One major output will be a common security architecture that will arrange and interrelate all services and tools developed elsewhere. The remaining work packages focus on the design of specific techniques to address security challenges at the network (WP2), software (WP3) and governance (WP4) levels.

WP1. SECURITY MODELS AND ARCHITECTURES

In this work package we will revisit existing security models, design principles and architectures and will adapt and extend them for the IoY setting. One major output will be a framework to better understand the threats arising in these systems, as well as generic constructions to counteract them. The WP has a final validation task that will integrate all results generated during the project execution into a prototype for demonstration purposes. This task will take place by the end of the project, when the core WPs are finished. The WP covers goal G1 and consists of three main tasks:

  • Adversarial Models
  • Robust Architectures
  • Integrated Prototype and Demonstration

WP2. SECURE NETWORK INFRASTRUCTURE

In this work package we will address the topics related to goal G2. We will design novel network security solutions for the IoY, ranging from the integrity and confidentiality of the network to more advanced topics like context-based or cooperation schemes. Furthermore, we will propose new schemes to protect private information contained in the IoY and evaluate the use of biosignals for security purposes. The expected output will consist of surveys and reports on network security in the IoY, the design of new security schemes and, finally, prototype implementations. The work package is broken down into four core tasks, one for each specific sub-goal of G2:

  • Network Integrity Mechanisms
  • Private Network Communications
  • Cooperative Security
  • Biosignals and Security

WP3. TRUSTWORTHY APPS AND SERVICES

In this work package we will address the topics related to goal G3: novel solutions to increase trustworthiness in IoY apps and services, with particular emphasis on risks emanating from code of malicious or suspicious nature. Expected outputs will take different forms, from surveys and reports on the threat landscape, to novel techniques and prototype tools. The work package is broken down into three core tasks, one for each specific sub-goal of G3:

  • Thwarting Malicious Code
  • Assessing Software Risk
  • Trust-building Mechanisms
  • Biosignals and Security

WP4. SMART GOVERNANCE

In this work package we will undertake work related to the development of models and tools for an integrated governance of the security and privacy issues of the IoY. The key aim is to produce novel techniques that facilitate the definition and enforcement of usable security policies, easing the burden on the user. The WP covers the goal G4 and is composed of three separate but related tasks:

  • Security and Privacy Policies for the IoY
  • Learning Contextual Privacy Preferences
  • Policy Sharing and Assimilation