On Demand Secure Isolation
Project Status: Finished
Start Date: November 2015
End Date: March 2019
Budget (total): 6639.9 K€
Effort: 77.2 PY
Project-ID: C2014/2-12
Name: Chrystel Gaber
Company: Orange SA
Country: France
E-mail: chrystel.gaber@orange.com
Orange SA, France
Université de lille, France
Prove & Run S.A.S., France
CityPassenger, France
Internet of Trust, France
Ingenieria del Poliuretano-Flexible, Spain
Innovalia Association, Spain
Nextel S.A., Spain
Beia Consult International, Romania
Resonate MP4 Romania, Romania
Abstract
ODSI (project TRL: 3 to 5) will deliver new security models with the properties and the benefits of both hardware and software approaches. These models deliver only certified and proved (CC) minimal properties for isolation, with the goal of being used in mass production (low-cost and constrained CPU) in all approaches that require context isolation: M2M, IoT, network infrastructure sharing etc. Management systems of these isolated contexts offer the opportunity to qualify and authenticate the security level of remote devices using standardized protocols. ODSI solutions will guarantee / certify the lowest common subset of software and hardware with the goal to prove the isolation property. ODSI project ambition provides to the industry:
- New Models and Security Standards: a model of hardware / software security, leaving to the industry the choice of their strategies to distribute security objectives between both parts of their platforms; a minimal software standardized interface (API) allowing the industry to implement their services in the isolated environments and a communication protocol allowing to propagate the isolation properties from a first isolated context towards a second isolated context.
- The definition of the evaluation framework and the necessary elements for Common Criteria certifications (e.g. protection Profiles) allowing to reach a global security assurance level of the delivered isolation models and derived solutions (hardware / software). This framework will include two aspects, the certification of the elementary bricks at the highest logical/physical assurance level and the “lego methodology” to reach a global assurance level for the system when combining the certified bricks.
- USEs CASEs as technical evidence of ODSI concepts.
- Dissemination of ODSI high-level models, Protection Profiles and open source use cases implementation, as well as the standardization of the interfaces proposed for the IoT and M2M sectors. ODSI deliverables shall be neutral regarding the industrial strategies of implementation.
Focus is on models and security – Add the delivery of on-demand isolated, secure and dedicated environments of services over electronic equipment.