The mission of a Joint Competence Centre Infrastructure
31st Jan 2021
The mission of a Joint Competence Centre Infrastructure (JCCI) is to promote and make available information about tools, infrastructure, data and learning content to all (and not only) partners and associates of SPARTA. Its objective is to be used to optimize research and innovation in cyber security, creating new services or extending those that are currently provided by third parties, offering learning, training and experimentation resources. Those singular assets can be accessed and used in similar ways to those of a Digital Innovation Hub.
The JCCI is thought like a Marketplace where the SPARTA partners and associate can promote their assets. In this sense, the deployed platform is not designed as a monolithic and static marketplace where the information is stored in a central unit, but the infrastructure is designed as a dynamic solution, in which each partner is in charge to make available its own information about its goals and its assets.
The information in the SPARTA JCCI NEXUS is separated in three pilars: Learning, Workbench and Cyber-range. The idea is that, the data, tools, services and facilities made available in the workbench, can be combined with the information available in the learning content, to create cyber-range scenarios.
Currently, a first dynamic solution is already integrated in the mainpage of SPARTA project under the Partnership section. The JCCI marketplace is composed mainly by two actors, a SPARTA NEXUS and a SPARTA NODE. The NEXUS is devoted to the identification of the main facilities that the SPARTA JCCI provide and it is able to show the information that the partners and the associates want to show, meanwhile the SPARTA NODE represents the service that make it possible.
It is to be noted, that the NEXUS not represent a storage or a repository of code, but its aim is to link the information that each partner wants to share related with its research, development or assets. In this manner, each partner or associate, is in charge to keep its product, but can use the JCCI Infrastructure to publish information/links related to its achievement and can freely decide what it want provide and for how long just keeping alive its SPARTA NODE. Furthermore, this separation and decentralization of the information allow the infrastructure to be easy updated and without causing temporary error. In fact, if a new JCCI NODE is deployed, the NEXUS just needs the new IP address (or the domain) of the node in order to ask and then show the information published by the novel node. In the same way, if a JCCI NODE want to leave the NEXUS, it can shutdown itself and automatically the NEXUS not show its information without causing an error or affecting the functionalities of the others JCCI NODES.
The communication between the NODE and the NEXUS is regulated through a Service Description Language (SDL) defined specifically for the JCCI. Both the actors are available in dockerized containers in order to facilitate the deployment in different environment and improve their usability. The SPARTA NEXUS and the SPARTA NODE are available on github  .
In order to warrantee a first level of security in the JCCI NEXUS, a restriction policy is regulated through an Identity Provider (IdP). This IdP stores and manages users’ digital identities, for then checking user identities via username-password combinations and other factors, furthermore it may simply provide a list of user identities that another service provider checks. Currently, in SPARTA JCCI implementation, this entity is a centralized one implemented using the Keyrock IdP. The lonely IdP is not enough to protect the resources in the SPARTA JCCI NEXUS, in fact, the IdP just define which users/profile are authorized and which not. In order to define also an access policy to the resources a proxy is needed. For this, the code of the SPARTA NODE includes also proxy implementation (WILMA PEP), easy to be modified and already linked with the central SPARTA Keyrock IdP.
Be a part of the JCCI NEXUS can improve the visibility of your achievement, development and assets in a easy way to all the cybersecurity world. And remember, the NEXUS not store your tools, it just links your achievement. You are the owner of your data!