Platform & Infrastructure
The E-CORRIDOR project aims at developing a technological framework to unleash the power of information sharing coupled with edge-based collaborative analytics for cyber protection. The framework will be tailored for multimodal transport needs by developing a significant set of security services based on it.
The framework allows data prosumers (producers/consumers) to easily express their preferences on how to share their data, which analytics operations can be performed on such data and by whom, with whom the resulting data can be shared etc. This entails a framework that combines several technologies for expressing and enforcing data sharing agreements as well technologies to perform data analytics operations in a way which is compliant to these agreements. Among these technologies we can mention data-centric policy enforcement mechanisms and data analysis operations directly performed on encrypted data provided by multiple prosumers.
The framework mainly based on an Information Sharing Infrastructure (ISI) and an Information Analysis Infrastructure (IAI) that can be deployed in several ways and on several devices (from cloud to mobile devices). This concept extends the one developed in the C3ISP project (where several prosumers offers controlled data to a centralized analytics service) to a fully decentralized environment. Being potentially computed at the edge, the analysis process is increasingly more privacy friendly (i.e. not the raw data but only the results of the locally analysed data are provided to the upper layer). When the shared data are actually cyber threat information, we get a powerful system for creating Information Sharing and Analysis Centre (ISAC), which will be one of the pilots.
Partners:
Partners for the E-CORRIDOR platform:
HPE (leader), CNR, MISE, HPE, ADP, PLD, UTRC, FhG, WIT, DIG
Partners for the E-CORRIDOR ISI and IAI:
CNR (leader), HPE, CEA, FhG
Analytics & Security Services
In E-CORRIDOR, enhanced analytics power can be used to more easily collect information from several sources (due to enhanced control on the shared data) as well as allow more complex privacy preserving authentication operations. Through a set of privacy enhancing mechanisms, including when necessary homomorphic crypto technologies, we can develop privacy preserving analytics as well as advanced security mechanisms for authentication and access/usage control.
Data Analytics techniques
E-CORRIDOR will perform activities of design, implementation and maturation of data analytics, which can be used both for cybersecurity data analysis and to provide services to final users and transport companies. E-CORRIDOR partners will provide and maturate data analytics tools based on both machine learning and deep learning, to perform accurate and efficient classification and prediction based on data collaboratively shared by the E-CORRIDOR stakeholders.
The following data analytics techniques and service will be provided:
- Data analytics for driver identification (led by UTRC)
- Privacy preserving itinerary planning and carbon foot print analysis (led by TSSG, WIT)
- Privacy preserving (Security) analytics (led by CEA)
- Intrusion detection technologies (led by UTRC)
Partners:
UTRC, PEC, CEA, WIT, FhG, CNR
Advanced Security Services
E-CORRIDOR will integrate tools and technologies for the advanced security services using the previously defined infrastructures.
The following advanced security services will be provided:
- Privacy aware seamless multimodal authentication (led by UTRC)
- Continuous behavioural authentication (led by UTRC)
- Privacy aware interest-based service sharing (led by CEA)
- Privacy aware authorization (led by CEA)
- Secure Identity Management (led by FhG)
Partners:
UTRC, CEA, CNR, FhG, CLEM’, ADP, PLD, PEC, FC
Pilots
The framework and the services developed will be used to deliver three pilot products for:
- Information sharing and analysis centre for multimodal transport (ISAC);
- Airport and integrated train transport (AT);
- Car sharing in smart cities (S2C);
These Pilots have been carefully chosen to show the variety of possible applications of the framework, considering relevance and coverage of the public/private sectors in the field of information sharing for cyber protection.
1. Information Sharing and Analytics Centre Pilot (ISAC)
Summary:
Information Sharing and Analysis Centers (ISACs) are used to collect, analyse and share information related to cyber threats in specific sectors. The ISAC Pilot of the E-CORRIDOR project focuses on producing a prototype implementation of a multi-tenanted managed security analytics platform integrating E-CORRIDOR technology to allow controlled sharing/pooling of security data belonging to different prosumers. Furthermore, the prototype platform will be used to evaluate and validate the E-CORRIDOR approach, architecture and technology in the context of a security information sharing and analytics service provided to multimodal transport enterprises and users.
Partners:
MISE (leader), CNR, HPE, CEA, FhG, DIG, FC, AMTU
2. Airport and Train (AT) Pilot
Summary:
The AT pilot aims at simplifying the airport-train link, improving security analytics and operations management, and enhance the passenger experience throughout his/her journey. To achieve such goals, novel federated (analytics and identity management) mechanisms will be designed and adopted, to preserve data/analysis control and ownership while leveraging all the information collected by each stakeholder. Furthermore, considering the sensitivity and nature of the passenger information (that could include biometric and personal device data), privacy-aware mechanisms will be enforced. In brief, a co-optimization of user experience, security, and privacy will be conducted to reach the target of the AT pilot.
Partners:
ADP(leader), UTRC, SNCF, PEC, FhG, HPE, CEA
3. Car Sharing Pilot (S2C)
Summary:
The Car Sharing Pilot (S2C) of the E-CORRIDOR project focuses on validating the E-CORRIDOR Platform use for multimodality in an urban context, where one user may be involved with many different mobility operators at once and looks for simplicity in his/her access to mobility services. The platform’s secure data sharing and analytics capabilities will also be leveraged to allow the creation of additional services supporting the use of the existing mobility providers’ solutions.
Partners:
CLEM’ (leader), PLD, FC, AMTU, WIT, FhG, HPE, CEA
Deliverables
| WP | Deliverable No. | Deliverable title | Lead Partner | Resources |
|---|---|---|---|---|
| WP1 | D1.2 | POPD - Requirement No. 2 | CNR | |
| WP1 | D1.1 | H - Requirement No. 1 | CNR | |
| WP2 | D2.1 | Requirements for the AT Pilot | ADP | D2.1 Final |
| WP2 | D2.2 | Design and Architecture for the AT Pilot | ADP | D2.2 Final |
| WP2 | D2.3 | First implementation, test and validations of the AT Pilot | ADP | D2.3 Final |
| WP2 | D2.4 | Final implementation, test and validations of the AT Pilot | ADP | |
| WP3 | D3.1 | Requirements for the S2C Pilot | CLEM' | D3.1 Final |
| WP3 | D3.2 | Design and Architecture for the S2C Pilot | CLEM' | D3.2 Final |
| WP3 | D3.3 | First implementation, test and validations of the S2C Pilot | CLEM' | D3.3 Final |
| WP3 | D3.4 | Final implementation, test and validations of the S2C Pilot | CLEM' | |
| WP4 | D4.1 | Requirements for the ISAC Pilot | MISE | D4.1 Final |
| WP4 | D4.2 | Design and Architecture for the ISAC Pilot | MISE | D4.2 Final |
| WP4 | D4.3 | First implementation, test and validations of the ISAC Pilot | MISE | |
| WP4 | D4.4 | Final implementation, test and validations of the ISAC Pilot | MISE | |
| WP5 | D5.1 | Requirements for E-CORRIDOR Architecture | HPE | D5.1 Final |
| WP5 | D5.2 | First version of E-CORRIDOR Architecture | HPE | D5.2 Final |
| WP5 | D5.3 | First version of the E- CORRIDOR platform and test bed | HPE | D5.3 Final |
| WP5 | D5.4 | Final Reference Architecture | HPE | |
| WP5 | D5.5 | Final version of the E- CORRIDOR platform and test bed | HPE | |
| WP6 | D6.1 | Sharing and Analytics Infrastructures and architecture | CNR | D6.1 Final |
| WP6 | D6.2 | Sharing and Analytics Infrastructures first maturation | CNR | D6.2 Final |
| WP6 | D6.3 | Sharing and Analytics Infrastructures final maturation | CNR | |
| WP7 | D7.1 | Data Analytics techniques requirements and architecture | UTRC | D7.1 Final |
| WP7 | D7.2 | Data Analytics techniques first maturation | UTRC | D7.2 Final |
| WP7 | D7.3 | Data Analytics Components final maturation | UTRC | D7.3 Final |
| WP8 | D8.1 | Advanced Security Services requirements and architecture | CEA | D8.1 Final |
| WP8 | D8.2 | Advanced Security Services first maturation | CEA | D8.2 Final |
| WP8 | D8.3 | Advanced Security Services final maturation | CEA | |
| WP9 | D9.1 | First exploitation and dissemination plan | WIT | |
| WP9 | D9.2 | First exploitation and dissemination report | WIT | D9.2 Final |
| WP9 | D9.3 | Second exploitation and dissemination report | WIT | D9.3 Final |
| WP9 | D9.4 | Final exploitation and dissemination report and plan for the future | WIT | |
| WP10 | D10.1 | Project quality handbook | CNR | D10.1 Final |
| WP10 | D10.2 | Risk management plan | CNR | |
| WP10 | D10.3 | First periodic annual project progress report | CNR | D10.3 Final |
| WP10 | D10.4 | Second periodic annual project progress report | CNR | |
| WP10 | D10.5 | Third periodic annual project progress report | CNR |