When security enforcement in data systems is not up to par, problems eventually emerge. Data privacy is threatened, which could prove troublesome for users and service providers. Users want to have their personal details protected and service providers want to make sure that consumers pay for whatever they download. Enter the BUGYO project, funded through the European intergovernmental initiative Eureka, which targeted the development of a supervision tool that could check the proper use and control of security.
BUGYO project coordinator Bertrand Marquet said despite the well-designed security in projects, managing the security in complex infrastructures was hard to do. 'Most problems arise because people forget to put the right rules on the firewall or to close access,' said Mr Marquet, a senior security researcher at Alcatel-Lucent in France. 'The idea therefore was to develop a supervision tool that could check that security was properly deployed and controlled.
The team chose the Eureka Celtic cluster because Alcatel-Lucent helped set up the framework and because Eureka Celtic 'is dedicated specifically to telecommunications research', as he noted.
'We defined an operational methodology that can be applied practically by telecommunications operators and service providers to gain confidence in the security deployed to protect their services and the associated business revenues,' Mr Marquet said. 'The methodology provides the foundation for the development and deployment of the security assurance framework.'
Thanks to their work, the BUGYO partners clinched a robust low-complexity system that can observe the complex functioning of the service infrastructure itself; it was presented on a voice over Internet protocol (VoIP) infrastructure.
This system not only offers a real-time overview of the security assurance status of the network, but it also provides support in terms of alarms and compliance monitoring, according to the researchers.
'The results of the BUGYO project will certainly be beneficial for end users even though they will not see the results directly,' Mr Bertrand commented. 'Consumers will have a more secure service: well-secured infrastructures are essential when consulting a bank account for paying online, for example. The outcome is a means to ensure really secured services.'
Eureka Celtic meanwhile offered key support across the board; it provided guidelines for project management and helped find new partners for BUGYO. The project received an Excellence Award from Eureka Celtic for outstanding performance and excellent results.
In another development, a European data protection committee recently announced that social networking sites like Facebook and MySpace, and in some cases their users, are responsible for safeguarding the privacy rights of people whose information is exchanged online. The Article 29 Data Protection Working Party stated that such sites should be classified as data controllers, rather than data processors. Data controllers should inform people before uploading their information under EU data protection laws, they noted.