A5010597854- Information and Cyber Security
- Access Control and Trust
- Network Security and Intrusion Detection
- Smart Grid Security and Resilience
- Service-Oriented Architecture and Web Services
- Software Engineering Techniques and Practices
- Information Technology Governance and Strategy
- Multi-Agent Systems and Negotiation
- Cloud Data Security Solutions
- Mobile Agent-Based Network Management
- Cloud Computing and Resource Management
- Infrastructure Resilience and Vulnerability Analysis
- Business Process Modeling and Analysis
- Blockchain Technology Applications and Security
- Software System Performance and Reliability
- Privacy-Preserving Technologies in Data
- Cybersecurity and Cyber Warfare Studies
- IoT and Edge/Fog Computing
- Persona Design and Applications
- Information Systems and Technology Applications
- Logic, Reasoning, and Knowledge
- Information Systems Theories and Implementation
- Security and Verification in Computing
- Advanced Malware Detection Techniques
- Advanced Database Systems and Queries
Luxembourg Institute of Science and Technology
2013-2024
Recherches Scientifiques Luxembourg
2009-2014
Tudor Place
2013
University of Luxembourg
2011
Università Campus Bio-Medico
2010
Cloud Computing has become mainstream technology offering a commoditized approach to software, platform and infrastructure as service over the Internet on global scale. This raises important new security issues beyond traditional perimeter based approaches. paper attempts identify these their corresponding challenges, proposing use risk Service Level Agreement (SLA) management basis for level framework improve governance, compliance in cloud computing environments.
This paper illustrates the activities under development within FP7 EU MICIE project. The project is devoted to design and implement an on-line alerting system, able evaluate, in real time, level of risk interdependent Critical Infrastructures (CIs). Such a generated by undesired events high interconnection different infrastructures. Heterogeneous models are perform short term predictions Quality Service (QoS) each CI according QoS others, interdependency among Infrastructures, identified...
In today's world, where most of the critical infrastructures (CI) are based on distributed systems, security failures have become very common, even within large corporations. The tightly interconnected, mutually dependent, and exposed everyday to new risks.These (inter)dependencies generate potential cascading effects that may spread a malfunction or an attack from one part system another dependent infrastructure.In this paper, we propose risk-based methodology aims monitor interdependent...
The generalization of open and distributed systems the dynamics environment make Information Systems (IS) and, consequently, its access rights management an increasingly complex problem. Even if support for this activity appears to be well handed by current sophisticated solutions, definition exploitation framework appropriately adapted a company remain challenging. This statement is explained mainly continuous growth diversity stakeholderspsila positions criticality resources protect. SIM...
The main objective of this paper is to provide a global decision-reaction architectural built on the requirements for reaction after alert detection mechanisms in frame information systems security and more particularly applied telecom infrastructures security. These are distributed nature, therefore architecture elaborated using multi-agents system that provides advantages autonomous interaction facilities, has been associated ontoBayes model decision support mechanism. This helps agents...
Critical infrastructure (CI) services are constantly consumed by the society and expected to be available 24 hours a day. A common definition states that CIs so vital our disruption or destruction would have severe impact on social well-being economy nationally internationally. CI sectors include, amongst others, electricity, telecommunication, air traffic transport sectors. can mutually dependent each other failure in one cascade another interdependent cause service disruptions. Methods...
Multi-Agent System (MAS) monitoring solutions are designed for a plethora of usage topics. Existing approach mostly used cloned back-end architectures while front-end interface tends to constitute the real specificity solution. These interfaces recurrently structured around three dimensions: access informed knowledge, agent's behavioural rules, and restitution real-time states specific system sector. In this paper, we propose prototyping sector-agnostic MAS platform (Smart-X) which gathers...
The first part of the paper describes design a service module that assists customers with leasing cloud computing services by taking into account their requirements on provisioning. introduces basic level management functionality within larger framework. framework is illustrated as web platform and uses trusted third party (TTP) secure middle layer transactions. second focuses TTP role. Preliminary security are identified analyzed for implementation successful operation such entity.
It is clearly acknowledged that, in complex sectors like telecommunications, to consider an infrastructure as fully secure, although desirable, not realistic. The current European regulation on public communications networks aware of this assumption and currently requires that Telecommunications Service Providers (TSPs) take appropriate technical organizational measures manage the risks posed security services. In context, risk management has become both a key aspect for dealing with main...
Cloud computing has matured to become a valuable on demand alternative traditional ownership models for the provisioning of services, platforms and infrastructure. However, this raises many issues Governance, Risk Compliance (GRC) in particular terms Information Systems Security Management (ISSRM). Considering such lack attention knowledge, particularly small medium sized en- terprises (SMEs), that cloud Service Level Agreements (SLA) provide very limited support outside basic Quality (QoS)...
The current European regulation on public communications networks requires that Telecommunications Service Providers (TSPs) take appropriate technical and organisational measures to manage the risks posed security of services. After having adapted generic Information Security Risk Management (ISRM) process practices telecommunications sector, these methodological aspects are integrated in a supporting tool dedicated TSPs. objective this paper is present features our approach for fine-tuning...
The generalization of open and distributed system the dynamicity environment make information systems (IS) consequently its access right management always more complex. Even if support this activity appears to be well handed by current sophisticated solutions, definition exploitation an framework appropriately adapted for a company remains challenging. This statement is explained mainly continuous grow diversity stakeholders' statuses criticality resources protect. To face that problem,...
Governance of IT is becoming more and necessary in the current financial economic situation. One declination that statement definition corporate policies. To improve matter, paper has for objective to propose a methodology defining policies are closer business processes, based on strict responsibility model clarify all actorpsilas responsibility. This mainly defined three concepts capability, accountability commitment. The illustrated validated case study conducted an company.
Risk management is today a major steering tool for any organization wanting to deal with Information System (IS) security. However, IS Security Management (ISSRM) remains difficult establish and maintain, mainly in context of multi-regulations complex inter-connected IS. We claim that connection Enterprise Architecture (EAM) contributes these issues. A first step towards better integration both domains define an integrated EAM-ISSRM conceptual model. Among the steps research method followed...
The Internet of Things (IoT) industry increases rapidly and becomes progressively more devoted to critical business services. IoT adoption generates two kinds challenges: cybersecurity risks privacy concerns. In order generate a trust environment provide confidence services, LIST will partnered with private companies implement an integrated framework software tools for assessing monitoring system's service security privacy. SPRINT assessment foresees (1) aggregated publicly available...