Cybersecurity in ICT supply chains: key challenges and a relevant architecture

Detalhes bibliográficos
Autor(a) principal: Masip-Bruin, Xavi
Data de Publicação: 2021
Outros Autores: Marín-Tordera, Eva, Ruiz, José, Jukan, Admela, Trakadas, Panagiotis, Cernivec, Ales, Lioy, Antonio, López, Diego, Santos, Henrique, Gonos, Antonis, Silva, Ana, Soriano, José, Kalogiannis, Grigorios
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/1822/74941
Resumo: The specific demands of supply chains built upon large and complex IoT systems, make it a must to design a coordinated framework for cyber resilience provisioning, intended to guarantee trusted supply chains of ICT systems, built upon distributed, dynamic, potentially insecure, and heterogeneous ICT infrastructures. As such, the solution proposed in this paper is envisioned to deal with the whole supply chain system components, from the IoT ecosystem to the infrastructure connecting them, addressing security and privacy functionalities related to risks and vulnerabilities management, accountability, and mitigation strategies, as well as security metrics and evidence-based security assurance. In this paper, we present FISHY as a preliminary architecture that is designed to orchestrate existing and beyond state-of-the-art security appliances in composed ICT scenarios. To this end, the FISHY architecture leverages the capabilities of programmable networks and IT infrastructure through seamless orchestration and instantiation of novel security services, both in real-time and proactively. The paper also includes a thorough business analysis to go far beyond the technical benefits of a potential FISHY adoption, as well as three real-world use cases highlighting the envisioned benefits of a potential FISHY adoption.
id RCAP_cd095806ce9d80b536a8ac02b54f35b0
oai_identifier_str oai:repositorium.sdum.uminho.pt:1822/74941
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Cybersecurity in ICT supply chains: key challenges and a relevant architectureCybersecuritySupply chainsIoT systemsSystems integrationReal scenarios analysisScience & TechnologyThe specific demands of supply chains built upon large and complex IoT systems, make it a must to design a coordinated framework for cyber resilience provisioning, intended to guarantee trusted supply chains of ICT systems, built upon distributed, dynamic, potentially insecure, and heterogeneous ICT infrastructures. As such, the solution proposed in this paper is envisioned to deal with the whole supply chain system components, from the IoT ecosystem to the infrastructure connecting them, addressing security and privacy functionalities related to risks and vulnerabilities management, accountability, and mitigation strategies, as well as security metrics and evidence-based security assurance. In this paper, we present FISHY as a preliminary architecture that is designed to orchestrate existing and beyond state-of-the-art security appliances in composed ICT scenarios. To this end, the FISHY architecture leverages the capabilities of programmable networks and IT infrastructure through seamless orchestration and instantiation of novel security services, both in real-time and proactively. The paper also includes a thorough business analysis to go far beyond the technical benefits of a potential FISHY adoption, as well as three real-world use cases highlighting the envisioned benefits of a potential FISHY adoption.This research was funded by H2020 FISHY Project, grant number 952644, and for UPC authors by the Spanish Ministry of Science, Innovation and Universities and FEDER, grant number RTI2018-094532-B-I00.Multidisciplinary Digital Publishing Institute (MDPI)Universidade do MinhoMasip-Bruin, XaviMarín-Tordera, EvaRuiz, JoséJukan, AdmelaTrakadas, PanagiotisCernivec, AlesLioy, AntonioLópez, DiegoSantos, HenriqueGonos, AntonisSilva, AnaSoriano, JoséKalogiannis, Grigorios2021-09-092021-09-09T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/1822/74941engMasip-Bruin, X.; Marín-Tordera, E.; Ruiz, J.; Jukan, A.; Trakadas, P.; Cernivec, A.; Lioy, A.; López, D.; Santos, H.; Gonos, A.; Silva, A.; Soriano, J.; Kalogiannis, G. Cybersecurity in ICT Supply Chains: Key Challenges and a Relevant Architecture. Sensors 2021, 21, 6057. https://doi.org/10.3390/s211860571424-82201424-822010.3390/s21186057345772646057https://www.mdpi.com/1424-8220/21/18/6057info:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-07-21T12:34:57Zoai:repositorium.sdum.uminho.pt:1822/74941Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T19:30:43.195766Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Cybersecurity in ICT supply chains: key challenges and a relevant architecture
title Cybersecurity in ICT supply chains: key challenges and a relevant architecture
spellingShingle Cybersecurity in ICT supply chains: key challenges and a relevant architecture
Masip-Bruin, Xavi
Cybersecurity
Supply chains
IoT systems
Systems integration
Real scenarios analysis
Science & Technology
title_short Cybersecurity in ICT supply chains: key challenges and a relevant architecture
title_full Cybersecurity in ICT supply chains: key challenges and a relevant architecture
title_fullStr Cybersecurity in ICT supply chains: key challenges and a relevant architecture
title_full_unstemmed Cybersecurity in ICT supply chains: key challenges and a relevant architecture
title_sort Cybersecurity in ICT supply chains: key challenges and a relevant architecture
author Masip-Bruin, Xavi
author_facet Masip-Bruin, Xavi
Marín-Tordera, Eva
Ruiz, José
Jukan, Admela
Trakadas, Panagiotis
Cernivec, Ales
Lioy, Antonio
López, Diego
Santos, Henrique
Gonos, Antonis
Silva, Ana
Soriano, José
Kalogiannis, Grigorios
author_role author
author2 Marín-Tordera, Eva
Ruiz, José
Jukan, Admela
Trakadas, Panagiotis
Cernivec, Ales
Lioy, Antonio
López, Diego
Santos, Henrique
Gonos, Antonis
Silva, Ana
Soriano, José
Kalogiannis, Grigorios
author2_role author
author
author
author
author
author
author
author
author
author
author
author
dc.contributor.none.fl_str_mv Universidade do Minho
dc.contributor.author.fl_str_mv Masip-Bruin, Xavi
Marín-Tordera, Eva
Ruiz, José
Jukan, Admela
Trakadas, Panagiotis
Cernivec, Ales
Lioy, Antonio
López, Diego
Santos, Henrique
Gonos, Antonis
Silva, Ana
Soriano, José
Kalogiannis, Grigorios
dc.subject.por.fl_str_mv Cybersecurity
Supply chains
IoT systems
Systems integration
Real scenarios analysis
Science & Technology
topic Cybersecurity
Supply chains
IoT systems
Systems integration
Real scenarios analysis
Science & Technology
description The specific demands of supply chains built upon large and complex IoT systems, make it a must to design a coordinated framework for cyber resilience provisioning, intended to guarantee trusted supply chains of ICT systems, built upon distributed, dynamic, potentially insecure, and heterogeneous ICT infrastructures. As such, the solution proposed in this paper is envisioned to deal with the whole supply chain system components, from the IoT ecosystem to the infrastructure connecting them, addressing security and privacy functionalities related to risks and vulnerabilities management, accountability, and mitigation strategies, as well as security metrics and evidence-based security assurance. In this paper, we present FISHY as a preliminary architecture that is designed to orchestrate existing and beyond state-of-the-art security appliances in composed ICT scenarios. To this end, the FISHY architecture leverages the capabilities of programmable networks and IT infrastructure through seamless orchestration and instantiation of novel security services, both in real-time and proactively. The paper also includes a thorough business analysis to go far beyond the technical benefits of a potential FISHY adoption, as well as three real-world use cases highlighting the envisioned benefits of a potential FISHY adoption.
publishDate 2021
dc.date.none.fl_str_mv 2021-09-09
2021-09-09T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/1822/74941
url http://hdl.handle.net/1822/74941
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv Masip-Bruin, X.; Marín-Tordera, E.; Ruiz, J.; Jukan, A.; Trakadas, P.; Cernivec, A.; Lioy, A.; López, D.; Santos, H.; Gonos, A.; Silva, A.; Soriano, J.; Kalogiannis, G. Cybersecurity in ICT Supply Chains: Key Challenges and a Relevant Architecture. Sensors 2021, 21, 6057. https://doi.org/10.3390/s21186057
1424-8220
1424-8220
10.3390/s21186057
34577264
6057
https://www.mdpi.com/1424-8220/21/18/6057
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv Multidisciplinary Digital Publishing Institute (MDPI)
publisher.none.fl_str_mv Multidisciplinary Digital Publishing Institute (MDPI)
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799132812144541697

Registros relacionados