PALANTIR: an NFV-based security-as-a-service approach for automating threat mitigation

Compastié, Maxime; López Martínez, Antonio; Fernández, Carolina; Gil Pérez, Manuel; Tsarsitalidis, Stylianos; Xylouris, George; Mlakar, Izidor; Kourtis, Michail Alexandros; Šafran, Valentino

PALANTIR: an NFV-based security-as-a-service approach for automating threat mitigation

Mostra el registre complet Registre parcial de l'ítem

dc.contributor.author Compastié, Maxime
dc.contributor.author López Martínez, Antonio
dc.contributor.author Fernández, Carolina
dc.contributor.author Gil Pérez, Manuel
dc.contributor.author Tsarsitalidis, Stylianos
dc.contributor.author Xylouris, George
dc.contributor.author Mlakar, Izidor
dc.contributor.author Kourtis, Michail Alexandros
dc.contributor.author Šafran, Valentino
dc.date.accessioned 2023-04-20T06:16:11Z
dc.date.available 2023-04-20T06:16:11Z
dc.date.issued 2023
dc.description.abstract Small and medium enterprises are significantly hampered by cyber-threats as they have inherently limited skills and financial capacities to anticipate, prevent, and handle security incidents. The EU-funded PALANTIR project aims at facilitating the outsourcing of the security supervision to external providers to relieve SMEs/MEs from this burden. However, good practices for the operation of SME/ME assets involve avoiding their exposure to external parties, which requires a tightly defined and timely enforced security policy when resources span across the cloud continuum and need interactions. This paper proposes an innovative architecture extending Network Function Virtualisation to externalise and automate threat mitigation and remediation in cloud, edge, and on-premises environments. Our contributions include an ontology for the decision-making process, a Fault-and-Breach-Management-based remediation policy model, a framework conducting remediation actions, and a set of deployment models adapted to the constraints of cloud, edge, and on-premises environment(s). Finally, we also detail an implementation prototype of the framework serving as evaluation material.
dc.description.sponsorship The work described in this article has received funding by the European Union Horizon 2020 research and innovation programme, supported under Grant Agreement no. 883335—PALANTIR (Practical Autonomous Cyberhealth for resilient SMEs and Microenterprises).
dc.format.mimetype application/pdf
dc.identifier.citation Compastié M, López Martínez A, Fernández C, Gil Pérez M, Tsarsitalidis S, Xylouris G, Mlakar I, Kourtis MA, Šafran V. PALANTIR: an NFV-based security-as-a-service approach for automating threat mitigation. Sensors. 2023;23(3):1658. DOI: 10.3390/s23031658
dc.identifier.doi http://dx.doi.org/10.3390/s23031658
dc.identifier.issn 1424-8220
dc.identifier.uri http://hdl.handle.net/10230/56514
dc.language.iso eng
dc.publisher MDPI
dc.relation.ispartof Sensors. 2023;23(3):1658.
dc.relation.isreferencedby https://github.com/palantir-h2020/paper-nfv-aas-threat-mitigation
dc.relation.projectID info:eu-repo/grantAgreement/EC/H2020/883335
dc.rights © 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https:// creativecommons.org/licenses/by/ 4.0/).
dc.rights.accessRights info:eu-repo/semantics/openAccess
dc.rights.uri http://creativecommons.org/licenses/by/4.0/
dc.subject.keyword Security-as-a-Service
dc.subject.keyword security orchestration
dc.subject.keyword policy-driven management
dc.subject.keyword virtual network functions
dc.subject.keyword finite state machines
dc.subject.keyword constraints programming
dc.title PALANTIR: an NFV-based security-as-a-service approach for automating threat mitigation
dc.type info:eu-repo/semantics/article
dc.type.version info:eu-repo/semantics/publishedVersion

Col·leccions

Articles (Departament de Tecnologies de la Informació i les Comunicacions)
Documents OpenAIRE (Open Access Infrastructure for Research in Europe)