Communication Middleware for Monitoring Financial Critical Infrastructure

2007 to 2012
Cyber Security
Project type: 
Project investigator: 
Roberto Baldoni

CoMiFin (Communication Middleware for Monitoring Financial Critical Infrastructure) is an EU project funded by the Seventh Framework Programme (FP7), started in September 2008 and continuing for 30 months. The research area is Critical Infrastructure Protection (CIP), focussing on the Critical Financial Infrastructure (CFI).

An increasing amount of sensitive traffic is being carried over open communication media, such as the Internet. This trend exposes services and the supporting infrastructure to massive, coordinated attacks and frauds that are not being effectively countered by any single organisation. In order to identify threats against critical infrastructures and business continuity, CoMiFin aims to facilitate information exchange and distributed event processing among a subset of participants grouped in federations. Federations are regulated by contracts and they are enabled through the Semantic Room abstraction: this abstraction facilitates the secure sharing and processing of information by providing a trusted environment for the participants to contribute and analyse data. Input data can be real time security events, historical attack data, logs, and other sources of information that concern other Semantic Room participants. Semantic Rooms can be deployed on top of an IP network allowing adaptable configurations from peer-to-peer to cloud-centric configurations, according to the needs and the requirements of the Semantic Room participants.

A key objective of CoMiFin is to prove the advantages of having a cooperative approach in the rapid detection of threats. Specifically, CoMiFin demonstrates the effectiveness of its approach by addressing the problem of protecting financial critical infrastructure. This allows groups of financial actors to take advantage of the Semantic Room abstraction for exchanging and processing information, thereby allowing them to take proactive steps in protecting their business continuity, for example, through generating fast and accurate intruder blacklists.