SHIELD Newsletter n.1 - May 2017 May 19, 2017


A universal security infrastructure for ISPs and corporate networks using NFV-enabled technologies: the SHIELD project

Download PDF

The recently launched EU-funded SHIELD project proposes a universal solution for the dynamic establishment and deployment of virtual security infrastructures into ISP (Internet Service Provider) and corporate networks. SHIELD builds on the huge momentum of Network Functions Virtualisation (NFV), as currently standardised by ETSI, SDN (Software-Defined Networking) for virtualization and dynamic placement of virtualised security appliances in the network (virtual Network Security Functions – vNSFs), Big Data Analytics for real-time incident detection and mitigation, as well as attestation techniques, as defined by Trusted Computing (TC).

Data and logs are aggregated and fed into an information-driven Intrusion Detection and Prevention System (IDPS). This platform is called Data Analysis and Remediation Engine (DARE) and it features analytical components capable of predicting specific vulnerabilities and attacks by analysing the network and understanding the adversary possibilities, behaviour and intent.

The SHIELD virtual security infrastructure can either be used by an ISP for network monitoring and protection, but it can also be offered as-a-service to the ISP clients. For this purpose, SHIELD establishes a catalogue of available virtual security functions from which the ISP clients can select the ones that best match their needs and deploy them to protect their infrastructure. This approach promotes openness and interoperability of security functions and offers an affordable, zero-CAPEX security solution for citizens and SMEs. Moreover, SHIELD services can be easily scaled up or down, configured and upgraded according to clients’ needs, as opposed to security solutions based on monolithic hardware.

The SHIELD framework brings together all actors in the security value chain/network (ISPs, enterprises, end users, cybersecurity agencies, security vendors) into a single ecosystem and facilitates the interactions between them, enabling new business models. SHIELD security services can be either used internally by the network operators/ISPs, and/or offered as-a-Service to their clients.

In this initial phase, the partners of the consortium have contributed in the dissemination activities. First, an official web site has been activated, where the relevant information about the project’s mission, official documentation and news can be found and are constantly updated. In addition, the SHIELD project is present on different social media (LinkedIn, Twitter), whose channels are used for communication activities.

Given the broad scope of technologies involved in the project, various aspects of the SHIELD concepts have been presented to the scientific and industrial communities in national and international forums. Links to downloadable content (e.g. presentations, posters) can be found here.

A poster describing the general scope of the project has been presented in the 7th Infocom Security Conference in Athens (Greece) in March 2017.

Regarding the data analytics, the binomial between cybersecurity and Big Data foreseen by the project has been presented at the Big Data Value Association (BDVA) General Meeting in Valencia (Spain) in November 2016.

The contribution of SHIELD in the cybersecurity area has been presented to different security-oriented forums. First, the possible application of the SHIELD infrastructure to security of Internet of Things (IoT) fleets has been proposed at the audience of the C&ESAR 2016 conference, held in Rennes (France) in November 2016, which gathers several governmental agencies, industrial leaders, and academic researchers across the country. Additionally, the concepts between SHIELD have been presented in the CTS 2017 event in Rome (Italy) in April 2017, which focused on cybersecurity issues with IT administrators for Public Sector and decision-makers, attracting a lot of attention.

A paper titled “SHIELD: A Novel NFV-based Cybersecurity Framework”, presenting the key use cases and requirements for the SHIELD system and its high-level architectural approach, has been accepted in the Second International Workshop on Security in NFV-SDN (SNS 2017) that will be held in conjunction with the IEEE Conference on Network Softwarization at Bologna, Italy.

Regarding the contribution of SHIELD in the NFV environment, a technical solution towards performing software integrity assessment of virtual security functions based on lightweight virtualisation has been presented at the ETSI NFV-SEC meeting, held in Bilbao (Spain) on February 21-24, 2017. Also, use cases defined in SHIELD has been accepted as part of the standardization document in an updated version (ETSI NFV 001) that covers new relevant use cases. In addition, the binomial between cybersecurity and network function virtualisation foreseen by the SHIELD concept has been discussed in the MPLS+NFV+SDN World Congress from 21st to 24th of March 2017, in Paris (France).

You can find additional information about

  • Key user and system requirements collected and defined
  • Requirements survey with the participation of security professionals
  • High-level system architecture drafted
at:


Contact us at info[at]shield-h2020.eu
Visit us at https://www.shield-h2020.eu
Follow us on Twitter @shield_h2020
Connect with us LinkedIn SHIELD EU Project


Other news

Mar 22, 2019 SHIELD Newsletter n.4 ...
A universal security infrastructure for ISPs and corporate networks using NFV-enabled technologie...
Mar 11, 2019 SHIELD cybersecurity a...
The cybersecurity agency pilot of SHIELD has been carried out on 11 March 2019 by the i2CAT Found...
Mar 7, 2019 SHIELD workshop at Tel...
Telefónica I+D has presented the SHIELD project results and run a real exercise based on an ente...
Feb 24, 2019 SHIELD tutorial at ICI...
The SHIELD consortium has organised a tutorial within the 5th International Conference on Informa...
Feb 17, 2019 SHIELD participation t...
NeCS Cyber Security Winter School 2019, will be held in cooperation with SHIELD, C3ISP EU project...
Nov 26, 2018 SHIELD networking sess...
SHIELD will participate to the ICT 2018: Imagine Digital event, organised by the European Commiss...
Nov 21, 2018 SHIELD participation a...
InfoCom is an annual industrial event, gathering several organisations (ISPs/telcos, mobile suppl...
Nov 19, 2018 SHIELD participation a...
Computer & Electronics Security Applications Rendez-vous (C&ESAR) is a French conference ...
Oct 16, 2018 SHIELD at the Trusted ...
HPE presented the SHIELD project and the use of Trusted Computing technologies and mechanisms dur...
Sep 26, 2018 SHIELD participation a...
SHIELD participated to the CyberTech 2018 event in Rome (Italy) on 26-27 September 2018. The cons...
Aug 30, 2018 SHIELD co-organisation...
SHIELD co-organised, in collaboration with C3ISP and PROTECTIVE projects, the 1st International W...
Jul 11, 2018 SHIELD presentation at...
As part of the yearly Cyber Defence conference organized by the German army university (Universit...
Jul 9, 2018 SHIELD Newsletter n.3 ...
A universal security infrastructure for ISPs and corporate networks using NFV-enabled technologie...
Jul 1, 2018 SHIELD participation t...
A paper entitled “Container-based design of a Virtual Network Security Function” has been accepte...
Jun 22, 2018 SHIELD participation t...
The SHIELD project has been part of the European Conference on Networks and Communications (EuCNC...
Apr 24, 2018 SHIELD presentation in...
The SHIELD project has been presented in the H2020 Project Clustering workshop for demonstrations...
Mar 26, 2018 SHIELD participation a...
The SHIELD project has been presented in the Cyber Security Workshop organised by the project SAI...
Feb 20, 2018 SHIELD in DXC's 10 sec...
The SHIELD project has been cited as one of the European Commission efforts to protect ISP and co...
Dec 20, 2017 SHIELD Newsletter n.2 ...
A universal security infrastructure for ISPs and corporate networks using NFV-enabled technologie...
Nov 14, 2017 SHIELD participation a...
The SHIELD consortium participated at the Luxembourg Internet Days 2017 event organized by LU_CIX...
Nov 6, 2017 Best demo award at the...
The SHIELD consortium has been awarded at the IEEE Conference on Network Function Virtualization ...
Sep 2, 2017 SHIELD participation a...
The SHIELD consortium will participate at the ENISA workshop “Bonding EU Cyber Threat Intelligenc...
Sep 1, 2017 SHIELD participation a...
The SHIELD consortium will participate at the IEEE Conference on Network Function Virtualization ...
Jul 3, 2017 SHIELD participation t...
A paper entitled “SHIELD: A Novel NFV-based Cybersecurity Framework” has been accepted for publis...
Jun 29, 2017 Introduction to SHIELD...
The Telefonica Blog Team has introduced the SHIELD project on the open research blog blogthinkbig...
May 31, 2017 SHIELD participation a...
The SHIELD consortium has participated to the OPTIMA 2017 conference, organised by Hellenic Army ...
Apr 4, 2017 SHIELD presentation at...
On April 4, 2017, the event CTS2017 in Rome (Italy) will present and discuss cybersecurity issues...
Mar 29, 2017 SHIELD poster at the 7...
On March 29-30, 2017, SPH will attend the 7th Infocom Security conference in Athens (Greece) and ...
Mar 21, 2017 SHIELD presentation at...
The MPLS+NFV+SDN World Congress is one of the most relevant Telco and networking industrial event...
Feb 21, 2017 Integrity management o...
On February 21-24, 2017, POLITO will present at the ETSI NFV-SEC meeting in Bilbao (Spain) the SH...
Nov 29, 2016 SHIELD presentation at...
Starting from November 29, 2016, the Big Data Value Association (BDVA) General Meeting will be he...
Nov 23, 2016 SHIELD presentation at...
The C&ESAR conference is a French conference which gathers several governmental agencies, ind...
Oct 31, 2016 The SHIELD project web...
The SHIELD project website is up and running!