Since we have already provided basic information regarding the FOGUS Media Tool in previous blogpost, it is important to mention the actual scenarios that will be implemented among the FOGUS Demonstrator and the PUZZLE Framework. Through these scenarios, the PUZZLE Services are being tested with a real-life application aiming towards the enhancement and improvement of the PUZZLE Framework at its all.
In this context, we have elaborated dedicated high-level Use Cases to showcase the cybersecurity needs of the FOGUS Media Tool and how they should be served through the PUZZLE Framework. More details of these Use Cases are described in the public deliverables D1.2 and D6.1, that our consortium have worked on.
The FOGUS Media Tool Use Cases
Use Case 1: Services Recommendation
This Use Case focuses on the role of a system administrator that aims to secure the whole infrastructure of their organization (FOGUS Media Tool), including all the hardware devices in the infrastructure as well as the software running on them. Since the system administrator of an organization is the highest individual responsible for the entirety of the organization’s components, one aspect of their responsibilities is the application of proper security measures. The Use Case highlights the features provided by the Recommender component of the PUZZLE Framework.
Use Case 2: Trust Assurance – Attestation
This Use Case is focused on the system administrator of the FOGUS Media Tool environment, whose one of the responsibilities is to ensure the proper and continuous operation of their corresponding department. In order to achieve this, he should be able to monitor the health state of the components and realise any changes happening to them. The Use Case highlights the attestation services provided by PUZZLE via the Trust Assurance component, as well as the Agents which will be monitoring the devices in the infrastructure.
Use Case 3: Risk assessment and orchestration during run-time
This Use Case is focused on an Internal Operator of the FOGUS Platform, as one of his responsibilities is to ensure the constant and consistent updating of the security services, as well as the adaptation of new policies which might appear because of new knowledge surfacing, such as newly found vulnerabilities or new potential attacks and threats. The scenario highlights the continuous risk assessment and the orchestration components of the PUZZLE Framework.
Use Case 4: Security Incident Response Mechanisms
This Use Case focuses on the role of an Internal Operator of the FOGUS Media Tool platform and highlights the Dashboard component of the PUZZLE Framework, which will display all the necessary information when a security incident occurs to the Media Tool’s components, as well as some related useful analytics.
Use Case 5: Shared Threat Intelligence
As the System Administrator of the FOGUS Media platform, in this Use Case he should be able to have access to the general threat intelligence landscape from verified sources (SMEs/MEs providing threat intelligence to PUZZLE, Open-Source Intelligence (OSINT), other commercial sources, etc.) regarding recent cyber threats, so that he could consider them when configuring the installed security services and take precautions for potentially upcoming threats to FOGUS Media platform.
Use Case 6: Network Analytics and AI
This Use Case is focused on the role of the Internal Operator of the FOGUS Media platform, who is the responsible individual for the proper and continuous operation of the platform and should ensure the immediate detection and classification of malicious network traffic. With the use of PUZZLE’s Cloud Analytics component and its AI, this detection can be ensured.
Use Case 7: Privacy with Sharing Threat Intelligence
This Use Case is focused on the role of the Internal Operator of the FOGUS Media platform, who is responsible of proper protection against cyber threats, keeping in mind that the cybersecurity insights of the FOGUS Media Tool should be protected against any sharing of the security services which are used, the vulnerabilities found within the organization’s network, hardware and software and the potential threats detected.
Therefore, while PUZZLE’s functionalities include the scanning/monitoring and the risk assessment for the identification of vulnerabilities and potential threats as well as the sharing of new threats, vulnerabilities, security issues detected within the organization to other SMEs/MEs, PUZZLE should take into consideration the fact that malicious users who learn that e.g. there is a vulnerable device in the organization or that it uses a firewall with a specific configuration will have an advantage when attempting to intrude to the organization.
All PUZZLE partners are working towards the implementation of the PUZZLE Services that are included in the PUZZLE Framework. According to the timeline, the abovementioned Use Cases are separated in two iterations, aiming the gradual integration. At this point, we are still in between of these iterations, so stay tuned!