Confidential Deliverables

The FORTIKA Consortium uses an SVN repository to store the Confidential Deliverables of the project.
Access to the Confidential Deliverables is granted only to the members of the FORTIKA consortium and the Commission Services.
In this page we provide the Executive Summaries of Confidential Deliverables once approved by the European Commission

Executive Summaries of approved Confidential Deliverables

D1.1 - Project Reference Manual & Quality Plan

This document provides the outline of the procedures to be followed to support the quality assurance process for every deliverable produced by FORTIKA. The main body of this report summarizes the project facts, namely the project’s work breakdown, its interdependencies, and the project timetable regarding deliverables and milestones, along with responsible partners. Afterwards, the planned progress on a management level is described. The purpose of this deliverable is to provide the consortium with all the information on the quality management process, risk assessment, contingency planning and to encompass the efforts of the project coordinator and the beneficiaries. The deliverable starts with a description of the Quality Plan, which covers the procedures for assessing the progress of the work within the project, along with corrective actions and contingency planning in case of deviations. The goal is to define policies and procedures that will assure that the consortium members will act in a coordinated way and that necessary quality levels will be met. The scope of the quality plan is to set the quality standards for FORTIKA and circulate the message for excellence in the deliverable reports. Subsequently, Risk Assessment along with Contingency Planning is provided. The method-ology selected (EFMEA), after examining the existing risk analysis methods and considering FORTIKA needs, is thoroughly described introducing variables such as Severity (S), Occurrence (O), Detectability (D) and Recoverability (R) for each risk. Detailed tables are presented containing all identified risks, classified into categories highlighting the most critical of them, i.e. the ones which could have a clear impact on the project and its completion. Mitigation plans are defined for all risks and a total risk estimate is calculated for the whole project both before and after taking them into account. The final results of the risk analysis indicate that FORTIKA is not a risky project.

 

D1.5. IPR Management Plan & Report.v1

This deliverable, corresponding to Task 1.3 of the FORTIKA project, describes the way Intellectual Property Rights (IPR) are handled within the project. It summarizes the IPR framework agreement, as outlined in the Grant Agreement, that provides the status of the foreground Intellectual Property that will be generated during the project’s lifecycle and provides a detailed report for the IPR policy of the project.

 

D2.2 - Legal assessment of FORTIKA use case scenarios.v1

A legal analysis of all the FORTIKA Use Cases takes place under this report. In order to do so the results and findings of D2.1.1 are taken into consideration, and are subsequently particularised and customised under each Use Case’s circumstances. In this context a common legal axis of analysis is utilised, with the aim to derive concrete, actionable items addressed to Use Case leaders and participating partners in view of their optimal legal compliance with the applicable legal framework.

 

D2.3 - Legal analysis & evaluation of the FORTIKA business model.v1

This report aims at providing legal guidance and support while elaborating upon and finalizing the FORTIKA business model, prior to its implementation in practice. This was considered of critical importance, in view of the fact that the FORTIKA solution is heavily dependent of applicable regulatory requirements. In this way, difficulties will be avoided and potential advantages will be identified in a timely manner. This analysis takes into account work performed under this WP2 (namely D2.1 and D2.2.1), and aims to particularise and customize its findings onto the FORTIKA business model requirements.

 

D2.7 - Legal assessment of FORTIKA use case scenarios.v2

This report is the updated legal analysis of all the FORTIKA Use Cases. At the Project Officer’s request, instead of it being submitted on M36 of the Project it has been brought forward to M24. In assessing the FORTIKA Use Cases under a legal perspective the following have been taken into consideration:

  • FORTIKA Use Cases deployment;
  • FORTIKA Security Advisory Board questionnaires (relevant to Use Cases);
  • The applicable legal framework (namely, the General Data Protection Regulation and the NIS Directive, as complemented by secondary legislation or other, official, guidance);
  • Findings of D2.1.1;
  • The axis of analysis of D2.2.1;
  • Guidance to Use Case Leaders provided during Project execution.

 

D4.1 – FORTIKA gateway system requirements report.v1

Deliverable D4.1 reports on the implementation status and the system requirements of the FORTIKA GW device. To this end, the document first lists the system’s constraints and then the functional and non-functional system requirements. Further to that it presents the HW and SW modules of the implemented prototype; for the HW these are the System on Chip, the carrier board and the HW design of the accelerator part (FPGA); for the SW these are the Operating system, the bitstream load engine, the DMA engine module, the Monitor, and the SLA metric. It is noted that this deliverable reports on the results of the first iteration of the associated task (T4.1). The next iteration’s (M22-M30) outcomes will be the final list of the system requirements and the final implemented system both to be included in the final version of this deliverable D4.8 (M30).

 

D4.2 - FORTIKA data capturing interfaces.v1

The FORTIKA ecosystem, which is presented in detail in deliverable D4.3 [1], is a complex combination of distributed entities (FORTIKA cloud infrastructure, FORTIKA gateway and other third party components such as the billing system) and microservices that interact with each other, to provide the FORTIKA functionality in a transparent and secure manner. The FORTIKA architecture and the sequence of interactions between the respective modules and services, are described in deliverable D3.4 [2]. This deliverable (D4.2) is a demonstrator and its purpose is to present the communication interfaces and protocols of modules and services, and provide the corresponding endpoints through which entities communicate with each other. Through this deliverable, readers are able to understand the technologies (architecture protocols, etc.) used by FORTIKA entities, to communicate with each other and make their functionalities available to the FORTIKA ecosystem and thereby, to the FORTIKA users. This demonstrator is a versioned document and the current version (Version 1) presents the work progress up to the time of the authorship of this document, which is month 18 (November 2018) of FORTIKA’s lifecycle. The FORTIKA project currently runs the second year of development. Thus, the second version of this document, which is due on month 30 (end of November 2019), will be richer in content, concerning modules and services that have no yet been implemented.

 

D4.3. The FORTIKA Marketplace.v1

This document is a technical report on the FORTIKA ecosystem (Marketplace) and describes the different modules that have been developed, and together make up the Marketplace, this platform allows users to easily purchase the services developed in FORTIKA, as well as its deployment in their devices. In the same way, it allows developers to offer their services easily and quickly to any organization registered in the Marketplace. The current version of the Marketplace supports the functionalities that were shown in the first demonstration, along with those that have been implemented in the last period. This first version (M18) describes the modules developed up to this date, in the following versions the new developments will be detailed. The Marketplace incorporates all those modules that are necessary to support the functionalities that are included in the requirements of the project and that pretend to support the different cases of use. This first period began with the development and implementation of the most basic modules such as User Management module, which allows the registration of organizations, users and developers, the Front-End module that supports the User Interface, so that the different functionalities can be executed in a user-friendly way, the Device Manager module to be able to establish communication with the devices of different organizations and deploy services on it, and the Back-End that integrates all these components. This document only presents a description of the components as the interaction between them is covered in detail in D4.2 FORTIKA data capturing interfaces.v1 and the deployed services and tools are also covered in D4.4 FORTIKA platform, services and tools deployed on the cloud.v1. The last section presents a demonstration of the Marketplace through a user history, to present to the reader the result of the implementation of the different modules and how the different functionalities that the Marketplace allows through the user interface are carried out.

 

D4.4 - FORTIKA platform, services and tools deployed on the cloud.v1

This deliverable D4.4 is a report on the FORTIKA Platform's services and tools deployed in the cloud. The first version (M18) reports in details the basic functionality of the services supporting and powering the FORTIKA Platform. The FORTIKA Platform consists of FORTIKA Marketplace, IaaS which hosts FORTIKA Cloud services and FORTIKA Bundles (more precisely their cloud-counterparts), and FORTIKA Gateway - the target device for deployment of FORTIKA bundles in the realm of end-users. Moreover, the document describes services and processes supporting development, testing and deployment tools enabling FORTIKA's Platform Continuous Integration and Deployment. Two different domains of FORTIKA Bundles are defined and described the way FORTIKA envisions deployment of FORTIKA Bundles.

 

D4.6. FORTIKA Unsupervised engine for threat mitigation.v1

This deliverable discusses the mitigation strategies that the FORTIKA solution will apply when anomalies are detected. The strategies and work documented in this deliverable, have been developed under the Work Package 4, in T4.5 “Risk analysis, modeling and level assessment for HW/SW FORTIKA components – Mitigation Strategies” with contributions from T4.6 “FORTIKA Analytics Module & Decision Support System”. It should be noted that this work is tightly connected with the work of the FORTIKA decision support system, where the decisions on the mitigation actions to be performed are taken place. Due to the growing number of cyber-security threats that SMEs are exposed to, efficient mitigation strategies to eliminate or reduce their effect is of high importance. In this first version of the deliverable, the work is focused on the four types of threats/attacks, namely DDoS, malware, ransomware and spoofing. The whole workflow is analysed, i.e. from threat characteristics and detection techniques up to mitigation actions, in order to describe their particularities/effects and how they can be detected and mitigated. The proposed Threat Mitigation Engine architecture is described together with the design of the communication API for the interaction with the Decision Support System. In the second version of this deliverable, the full documentation on the mitigation actions that will be implemented for all possible threats of the FORTIKA solution will be provided.

 

D4.7. - FORTIKA Decision Support Toolkit.v1

Deliverable D4.7 is a demonstrator that identifies advances towards the achievement of project objectives related to WP4 “FORTIKA Modules and Components”. It reviews recent developments on the use of knowledge-based systems for Intrusion Detection, on adaptive fuzzy expert systems as well as on multi-objective optimization. Moreover it presents a detailed report on the first prototype of the Decision Support System (DSS) developed under Task 4.6 “FORTIKA Analytics Module and Decision Support System” and utilised in the context of the FORTIKA project, including its architecture and the technical and mathematical background of the system. Finally, it describes the relation of the DSS with the rest of the FORTIKA modules and lists next steps. The goal of the DSS aims towards facilitating the decision-making process as far as it concerns the detection of a threat and the selection of the best method to mitigate it. This document is the first version of a set of deliverables regarding the FORTIKA DSS. In the second revision of the document the final architecture and implementation of DSS will be reported, as well as the interaction with all other FORTIKA components.

 

D5.1 – FORTIKA accelerator platform implementation report.v1

Deliverable D5.1 describes and demonstrates the FORTIKA Middleware; a middleware is the software entity that lies between heterogeneous systems/applications aiming to facilitate their interactions. In the context of FORTIKA, the Middleware facilitates the interactions between the FORTIKA GW and the FORTIKA Marketplace; the ARM and FPGA components of the FORTIKA GW; the FORTIKA SW developers and a part of the FPGA application development process. To achieve these, the Middleware consists of three main components, namely the Synthesis Engine, the Security Bundle Handler and the Lightweight Machine to Machine client. The Synthesis Engine enables the FORTIKA SW developers to develop security applications, able to run in the FORTIKA GW’s FPGA, without the need to know and use the HW details and design; a task that otherwise would need experienced HW designers. The Security Bundle Handler allows for the deployment and management of the FORTIKA Marketplace security bundles to the FORTIKA GW; furthermore, it provides the necessary mechanisms for the dynamic change of the loaded FPGA bundles (e.g. change on the fly the FPGA deployed encryption algorithm) and the configuration of the data interfaces that are needed to exchange data between the SW and FPGA deployed components. The Lightweight Machine to Machine client provides for the communication and interactions of the FORTIKA GW and the FORTIKA Marketplace. The Security Bundle Handler and the Lightweight Machine to Machine client have been deployed in an online FORTIKA GW and their functionalities can be tested and demonstrated via Postman API calls; in addition, two demo applications, showcasing the Security Bundle Handler’s mechanisms of changing in real time the FPGA deployed bundles, and also configuring the data interfaces used to exchange data between the ARM and FPGA components of the GW, have been developed and installed in the online FORTIKA GW. On the other hand, the Synthesis Engine has been deployed in a Virtual machine that is hosted in the FINT’s private cloud. The binaries (and in some cases the code) for these Middleware components have been uploaded to FORTIKA Gitlab repository. It is noted that this deliverable reports on the results of the first iteration of the associated task (T5.1). The next iteration’s (M24-M32) outcomes will be the final version of the Middleware; this will be included in the final version of this deliverable D5.9 (M32).

 

D5.2 - Real-time Network Traffic Analysis Module.v1

This deliverable provides evidence of advances towards the achievement of project objectives related to WP5 “FORTIKA Middleware and Cyber Security Services”. It is the first version discussing the specifications and development of the components under Task 5.2. “Real-time Network Traffic Analysis Module”. This task aims at providing the design and development of a real-time Network Traffic Analysis (RTNTA) and active cybersecurity service based on big data and open source framework. The RTNTA defined in this task will be in charge of analyse the traffic from the SME network (connected to the FORTIKA gateway) and provides information in the form of NetFlow records to other modules (i.e. Visual Analytics modules, SIEMS). The outcomes of this tool enable to analyse the security status of the network, the level of consumption of services or to check the level of digital trust. Together with the Visual Analyzer and other traffic information modules, RTNTA will combine metadata storage for real-time analysis, with raw storage working on aggregate data. Such a combination of traffic information provides the basics for the detection of a wide range of attacks in the cybersecurity area (from DDOS attack detection based on anomalies on the traffic patterns to ARP Spoofing detection).

 

D5.3 - FORTIKA BYOD/ BYOT Access Control & ABAC Service.v1

Deliverable D5.3 reports on the implementation status of the FORTIKA Attribute-Based Access Control (ABAC) module that is being developed to provide authorization services to the FORTIKA project that aims to provide security solution for SMEs. ABAC services are not limited to the initial scope of the Bring Your Own Device BYOD concept, as proposed and described, but also enable FORTIKA to provide a complete Authorization-as-service (AuthZaaS) solution. This document reports on the main components of the module and the design approach that was chosen to implement the base components of ABAC, namely: The Policy Administration and Policy Information Points (PAP and PIP, respectively), the Policy Decision Point (PDP), and the Policy Enforcement Point (PEP). This deliverable presents only the results of the first iteration of the associated task (T5.3). The next iteration (M24-M32) shall provide the final, thoroughly implemented system to be included in the final version of deliverable D5.11 (M32).

 

D5.4 - Social Engineering Attack Recognition Service.v1

This report presents the first version of the Social Engineering Attack Recognition Service (SEARS), as part of the cyber security services that are provided by the FORTIKA project. The purpose pf the D5.4 deliverable is to present a SEARS demonstrator in M20. The sec-ond and final version of this report will be prepared during the project’s lifetime and sub-mitted in M32. The report provides an analysis of the various aspects regarding the design and develop-ment of SEARS and its main software components. This version presents the current state of the system paving the way for further updates during the project lifecycle. In particular, specific technologies used are presented, together with information and op-erational details related to performance, resource consumption, data production and pro-cessing. This report describes the SEARS system and serves as a guide with respect to the operation (including security and privacy), and maintenance of the SEARS service.

 

D5.5 - Design and implementation of customised SIEM Service.v1

This deliverable presents the FORTIKA Security Information and Event Management (SIEM) solution that acts as the core FORTIKA component for threat detection and mitigation. The work documented in this deliverable has been developed under the Work Package 5, in Subtask 5.5.5 “Development of FORTIKA SIEM solution”. This report accompanies the prototype release for SIEM, that will be updated with the second version of this deliverable. FORTIKA SIEM solution is considered as collaboration of several FORTIKA components towards the fulfillment of the main objectives: security monitoring, threat detection and incident response. The framework is also coupled with Visual Analytics interfaces for the proper visualization and monitoring of network status and alerts generated, designed for system operators and administrators of the SMEs. Special emphasis has been put on the proper integration of the developed software on the FORTIKA gateway, i.e. lightweight computational parts are designed for the ARM processor, while computationally intensive for the FPGA part. All developed software has been tested individually and in conjunction with the rest of the FORTIKA components.

 

D5.6 - FORTIKA continuous monitoring-based compliance mechanism.v1

FORTIKA online marketplace will be hosted in the FORTIKA Cloud Service Provider, and FORTIKA as a Digital Service Provider (DSP), will need to establish certain guarantees to provide a secure consumption of the cloud services offered. The EU legislation on cybersecurity relies on the Directive on security of network and information systems, the NIS Directive. NISD security requirements are mandatory for DSPs. The first version of this deliverable, released on M20, proposes a solution for FORTIKA cloud monitoring adaptable to different conditions of provided cloud services, using a continuous assessment and monitoring service CCAM to enable continuous measurement of the security objectives. The deliverable finally, presents the demonstrator architecture and proposes a solution for collecting data from FORTIKA cloud environment, detailing an architecture for continuous cloud assessment monitoring CCAM using a distributed approach composed by server and agent infrastructure applied to FORTIKA cloud services, and also identifying the required software components. Further work on this task will be oriented to implement particular compliance checks using openSCAP framework to guarantee continuous monitoring of compliance, and additionally to complete a set of monitoring metrics for the FORTIKA cloud as initiated on the present study, taking into account the particular requirements for monitoring microservices, applications and cloud nodes deployed on the FORTIKA IaaS Marketplace. The final version of the deliverable will be provided on M32, with the objective to complete a demonstrator for the CCAM service applicable to FORTIKA cloud services, to contribute with a continuous cloud assessment monitoring to guarantee compliance with security objectives for DSP

 

D5.7 - Homomorphic encryption embedded engine.v1

Today cybersecurity incidents are of great concern to the SMEs. Considering the recent changes to the data protection laws the SMEs are under pressure to protect their corporate data. Despite these risks, businesses tend to move towards using public cloud platforms due to the flexibility and reduced operational costs they provide to the SME’s to compete in the market place. Instead of buying and building huge data centres, one can rent these 3rd party cloud offerings. Recently in order to maximise the benefits from the cloud platforms, researchers/organizations tend to move towards cryptographic approaches. These approaches bring with themselves their own constraints. Conventional symmetric key encryption approaches such as Advanced Encryption Scheme (AES) or asymmetric key encryption approaches such as Rivest-Shamir-Adleman (RSA), rely on uploading encrypted content to the cloud and once the content is needed, download all of it and then decrypt and process. Although, this is a secure way of processing ones content, but it is highly infeasible for managing and processing large volumes. Homomorphic Encryption (HE) provides the highest level of security. It makes use of the public and private key infrastructure of the AES schemes and allows one to perform arithmetic operations on encrypted content. This allows one the flexibility of processing and managing content in the encrypted domain, thus minimizing the overhead of downloading and decrypting all of the online content. One of the many uses of HE is the possibility of performing a search in the encrypted domain, usually referred to as Searchable Encryption (SE). This feature allows one to perform a keyword search on online stored content, thus making it possible to identify which content needs to be downloaded for further processing. It ensure the required security by limiting knowledge of the cloud or any adversary accessing the cloud platform. It also mitigates the possibility of an intermediator eavesdropper of knowing what is being relayed. This demonstrator which is submitted as a part deliverable of WP5, D5.7 explains in detail the tool designed and developed for the FORTIKA project that allows Small and Medium-sized Enterprises (SMEs) to encrypt and upload content onto a third party cloud and then perform search on the encrypted data. The data encryption tool treats the whole data as a running text and encrypts it word by word, thus producing string of searchable ciphers. These ciphers aid the proposed Public Key Encryption with Keyword Search algorithm (PEKS) in performing SE tasks on the cloud by exploiting the homomorphic properties of the cipher content.

 

D5.8 – FORTIKA Virtual Security Appliance.v1

This deliverable provided evidence of advances towards the achievement of project objectives related to WP5, T5.5 “Design and Implementation of virtual Security Appliance”. This docu-ment is the first version discussing the specifications and development of the components related to the virtual Security Appliance”, the methodologies put in place to address end-user requirements, and the tasks foreseen in the future. This document specified in details the virtual Security Appliance (vSA), which is one of the bundles under development in the context of the FORTIKA project. It comprises two main components: a packet filer (firewall) and an Intrusion Detection system (IDS). Two architec-tures were proposed. The first one fully resides on the ARM part of the FORTIKA Gateway, however, the second one moves the components that require intensive processing to FPGA. For further development and evaluation, a testbed including the vSa subcomponents (firewall, IDS, RESTApi, etc) was setup. This document is the first specification and development report concerning the vSA. Further refinements will be made available in the next versions where feedback from the develop-ment and integration activities will be taken into account.

 

D8.1: H – Requirement No. 3

This deliverable presents the informed consent forms and information sheets that were also part of the Technical Annex. The forms will be revised (if needed) during the implementation of the project.

 

D8.2: POPD – Requirement No.4

“D8.2 – POPD Requirement No. 4” is specified in the FORTIKA Description of Action as: “Copies of opinion or confirmation by the competent Institutional Data Protection Officer and/or authorization or notification by the National Data Protection Authority must be obtained (which ever applies according to the Data Protection Directive (EC Directive 95/46, and the national law). Confirmation should be sent to the REA.” This document describes the procedures to be followed in order to obtain the appropriate copies of opinion or confirmation, by either the competent Institutional Data Protection Officer or the National Data Protection Authority, depending on the Data Protection Directive and the national law, with respect to the protection of personal data.

 

D8.3: POPD – Requirement No.5

“D8.3 – POPD Requirement No. 5” is specified in the FORTIKA Description of Action as: “Detailed information must be provided on the procedures that will be implemented for data collection, storage, protection, retention and destruction and confirmation that they comply with national and EU legislation.” This document describes the procedures to be followed in order to fulfil these objectives, i.e. the data collection, storage, protection, retention and destruction and confirmation of collected data, according to national and EU legislation.

 

D8.4: POPD – Requirement

Deliverable D8.4 “POPD - Requirement” is described in the FORTIKA’s Description of Action as: “In case of data not publicly available, relevant authorisations must be obtained, and confirmation sent to the REA.” Although public datasets exist and will be utilized within the FORTIKA project, a data management plan has been foreseen (T1.3.) to define the procedures for collecting the necessary data from the pilot sites to adequately assess the developed solution. This document provides a brief description on the actions to be taken to address any ethical and privacy issues risen by the collection and processing of personal data.