The business of the future will be characterized by highly dynamic service-oriented architectures where outsourcing and distributed management constitute the norm rather than the exception with an increasing complexity in security and trust requirements from regulations and business standards. Best-effort security will no longer be accepted and business entities will have to provide certified assurance services to customers and expect assured services from contractors in order to manage the associated business and technology risk.

MASTER aims at providing methodologies and infrastructures that facilitate the monitoring, enforcement, and audit of quantifiable indicators on the security of a business process, and that provide manageable assurance of the security levels, trust levels and regulatory compliance of highly dynamic service- oriented architecture in centralized, distributed (multidomain), and outsourcing contexts.

To this extents MASTER identifies new innovation components in terms of key assurance indicators, key security indicators, protection and regulatory models and security model transformations coupled with the methodological and verification tools for the analysis and assessment of business processes. It further defines an overall infrastructure for the monitoring, enforcement, reaction, diagnosis and assessment of these indicators in centralized, distributed (multidomain), and outsourcing contexts. It will show a proof-of-concept implementation in the challenging realms of Banking/Insurance and in the e-Health IT systems.

The project team consists of 14 partners from 10 European countries, ranging from industry to research institutions and academia. The project runs from February 2008 to January 2011.