The Critical Infrastructure Protection Survey recently released by Symantec found that 53% of interviewed IT security experts from international companies experienced at least ten cyber attacks in the last five years, and financial institutions were often subject to some of the most sophisticated and large-scale cyber attacks and frauds.
The book by Baldoni and Chockler analyzes the structure of software infrastructures found in the financial domain, their vulnerabilities to cyber attacks and the existing protection mechanisms. It then shows the advantages of sharing information among financial players in order to detect and quickly react to cyber attacks. Various aspects associated with information sharing are investigated from the organizational, cultural and legislative perspectives. The presentation is organized in two parts: Part I explores general issues associated with information sharing in the financial sector and is intended to set the stage for the vertical IT middleware solution proposed in Part II. Nonetheless, it is self-contained and details a survey of various types of critical infrastructure along with their vulnerability analysis, which has not yet appeared in a textbook-style publication elsewhere. Part II then presents the CoMiFin middleware for collaborative protection of the financial infrastructure.
The material is presented in an accessible style and does not require specific prerequisites. It appeals to both researchers in the areas of security, distributed systems, and event processing working on new protection mechanisms, and practitioners looking for a state-of-the-art middleware technology to enhance the security of their critical infrastructures in e.g. banking, military, and other highly sensitive applications. The latter group will especially appreciate the concrete usage scenarios included.
About the Author: Roberto Baldoni is currently a Professor at the Dipartimento di Informatica e Sistemistica "Antonio Ruberti" of the University of Rome "La Sapienza", where he is the Director of the "Sapienza Research Center on Cyber Intelligence and Information Security". He has served as the Scientific Leader of the EU project CoMiFin on the protection of the financial infrastructure and as a member of the Executive Board of RESIST, the EU network of Excellence on Security and Dependability. His current research interests are in middleware, cloud computing, networked embedded systems, distributed event processing and sense-and-response applications. He is currently vice-chair of the IEEE technical committee on Dependable and Fault-Tolerant Systems.
Gregory Chockler is a Research Staff Member at IBM Research Haifa. His research interests span all areas of distributed systems, and in particular, cloud computing, fault-tolerance, peer-to-peer computing, and middleware technologies. In 2010, he received an IBM Outstanding Technical Accomplishment Award for his contribution to middleware virtualization technologies and products. He presently serves on the Editorial Board of Information Processing Letters, and was a guest editor of the special issue on Cloud Computing for Journal of Parallel and Distributed Computing (JPDC). He is a co-founder of the ACM/SIGOPS Workshop on Large-Scale Distributed Systems and Middleware (LADIS).