D4.2 Security and Privacy Aspects for Platform Manager (IT-2)

Reading Time: 2 minutes

 

The Platform Manager (PM) is the seat of the functionality of the mF2C agent: it is here that services are categorised, orchestrated, and managed.  It is here that tasks are scheduled, executed, monitored, and the metadata in turn used for optimisation and Quality of Service management.  However, there are security concerns around these functionalities: for example, if payments are made or resources are traded as in the Smart Boats Use Case, it is necessary that the end user can trust the data in the system.  The foundations of mF2C fog-to-cloud security are described in the associated deliverable for the Agent Controller, D3.2.  PM security builds upon this, but also applies other standards on top of it, for example standards for authorisation.  The core task of PM security is to implement security for REST web services: unlike SOAP, these do not come with any security other than those offered by the HTTP protocol used to implement REST, and while HTTP can provide the basic security features of SOAP – authentication, basic confidentiality through an encrypted socket – for any more sophisticated feature, we will have to implement those ourselves – the options for the implementation are described in this document.

IT-2 is the last software release of the project, so it is this release that must prove the worth of the entire project.  This release must have learnt from the experiences with IT-1 and improve upon them.  At the same time, we cannot do everything: implementing all the recommendations would add years to the project.  The purpose of this deliverable is to clarify the implementation options for further prioritisation.  The essentials that must be addressed are the deployment, web services security, the COMPSs task execution framework, DataClay, and CIMI, all of which have their implementation options and plans described in this deliverable (other essentials, such as user privacy and the GDPR are described in D3.2.)  Out of the need to implement these essentials come the main tasks for the project over the coming six months.

The document can be downloaded here