The main areas of interest of the FITNESS group are fault and intrusion tolerant networked systems.
Combining intrusion and fault tolerance is an effective approach to handle security and reliability issues and has attracted significant research interest. In meeting security and reliability requirements, however, existing solutions often sacrifice performance, a loss that is not acceptable for many critical applications (e.g., e-commerce, e-procurement). Also, most of the security mechanisms proposed are purely software based, which simplifies design and implementation but reduces resilience to security attacks. The thrust of our current work is to develop methods, technologies, and tools for building networked systems which can tolerate both accidental and malicious faults yet providing high performance.
Real Time Processing of Heterogeneous Data Streams
A growing number of emerging applications requires to be able to analyze massive amounts of online data in real-time. Examples of these applications are: market data feed processing, anti-spam and anti-virus filters for e-mail systems, security systems that analyze incoming IP traffic for organisation-wide networks, automatic trading, anti-phishing, systems processing the output of large sensor networks (e.g., monitoring traffic, environmental conditions, intelligent buildings), fraud detection for cellular telephony that analyzes and correlate phone calls, military applications that analyze data from multiple sources in the battle field, fraud detection for credit cards, certification of SLAs, parcel tracking, etc. Infrastructure for building streaming applications is becoming a flourishing market. A key application field of Stream Processing techniques is Business Process Monitoring. The Research Group has developed a business process monitor for the recharging system of a mobile phone network provider. The monitored system is currently in operation for the major mobile phone company in Italy, namely Telecom Italia Mobile (TIM).
Security Services Provisioning
The Research Group has leveraged current research on intrusion- and fault-tolerant architectures by combining software approaches with the use of reconfigurable hardware devices to provide substantially improved performance and security. While it is clear that a hybrid approach can be superior to a software-only approach (e.g., our experiments show about an order of magnitude in speed-up), the effects on an overall system architecture are less understood. Consider, for instance, that the efficient combination of parallel hardware with multithreaded software can result in systems exhibiting nondeterministic behavior, which cannot be handled with conventional replication approaches. Our approach was demonstrated in the context of attribute certification systems, digital signature systems, and digital time-stamping systems (mostly with respect to RSA-based cryptographic engines).