{"id":1681,"date":"2017-03-06T12:07:32","date_gmt":"2017-03-06T12:07:32","guid":{"rendered":"https:\/\/prismacloud.eu\/?p=1681"},"modified":"2018-04-03T13:16:11","modified_gmt":"2018-04-03T13:16:11","slug":"d2-2-domain-independent-generic-security-models","status":"publish","type":"post","link":"https:\/\/prismacloud.eu\/d2-2-domain-independent-generic-security-models\/","title":{"rendered":"D2.2 Domain independent generic security models"},"content":{"rendered":"<div id=\"pl-1681\"  class=\"panel-layout\" ><div id=\"pg-1681-0\"  class=\"panel-grid panel-no-style\" ><div id=\"pgc-1681-0-0\"  class=\"panel-grid-cell\" ><div id=\"panel-1681-0-0-0\" class=\"so-panel widget widget_sow-editor panel-first-child panel-last-child\" data-index=\"0\" ><div\n\t\t\t\n\t\t\tclass=\"so-widget-sow-editor so-widget-sow-editor-base\"\n\t\t\t\n\t\t>\n<div class=\"siteorigin-widget-tinymce textwidget\">\n\t<p style=\"text-align: justify;\"><strong>Contributing Partners<\/strong><\/p>\n<p style=\"text-align: justify;\"><strong>UNIL<\/strong>, XiTrust, ATOS, IRT, UNI PASSAU<\/p>\n<p style=\"text-align: justify;\"><strong>Executive Summary<\/strong><\/p>\n<p style=\"text-align: justify;\">This document is D2.2 \u201cDomain independent generic security models\u201d of task T2.2 \u201cRefine and analyse domain independent generic requirements and security goals\u201d. D2.2 is one of four main deliverables from work package WP2 \u201cUse cases and re-quirements\u201d. In addition to the \u201cLegal, social and HCI2 requirements\u201d of D2.1, and the detailed description of the use cases on which the new PRISMACLOUD cloud security functions will be demonstrated (D2.3 \u201cUse case specification\u201d), and the \u201cRisk and threat analysis with security requirements\u201d of D2.5, this document devel-ops the generic situations in cloud usage, where security and privacy problems occur\u2014and where the PRISMACLOUD functions can be applied to mitigate those problems. The situations are specifically regarded from a cloud customer or end user perspective.<\/p>\n<p style=\"text-align: justify;\">We start with an assessment on how security and privacy is regarded in current cloud services and applications. To this goal, current cloud ontologies and refer-ence architectures are being analysed, and the privacy policies, the privacy guaran-tees, and other security options of the major cloud providers investigated in depth and compared in a synoptic table. This analysis is followed by an exploration of ma-jor security benefits and security risks in cloud computing. The analysis of the cur-rent situation frames the context for the presentation of eight cloud security pat-terns of situations, which occur over again in public cloud environments\u2014situations where the end user security or privacy is challenged and often compromised. The eight cloud security patterns describe situations where the application of PRISMACLOUD cryptographic primitives can significantly improve the security of the end user, or protect his\/her privacy better than current solutions.<\/p>\n<p style=\"text-align: justify;\">The cloud security patterns shall be re-used in the \u201cSecurity and privacy by de-sign\u201d task of WP7 \u201cComposition of next-generation secure cloud services\u201d to pro-vide guidance for the scientists and engineers working on the development and implementation of the cryptographic primitives, as well as to communicate the po-tential and the capabilities of the PRISMACLOUD crypto primitives to end users.<\/p>\n<p><strong>Full Version<\/strong><\/p>\n<p>Download the full version\u00a0[<a href=\"https:\/\/prismacloud.eu\/wp-content\/uploads\/2016\/04\/PRISMACLOUD-D2.2-Domain-independent-generic-security-models-v1.0b.pdf\">PDF<\/a>]<\/p>\n<p>\u00a0<\/p>\n<\/div>\n<\/div><\/div><\/div><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>This document is D2.2 \u201cDomain independent generic security models\u201d of task T2.2 \u201cRefine and analyse domain independent generic requirements and security goals\u201d. D2.2 is one of four main deliverables from work package WP2 \u201cUse cases and re-quirements\u201d. In addition to the \u201cLegal, social and HCI2 requirements\u201d of D2.1, and the detailed description of the use cases on which the new PRISMACLOUD cloud security functions will be demonstrated (D2.3 \u201cUse case specification\u201d), and the \u201cRisk and threat analysis with security requirements\u201d of D2.5, this document devel-ops the generic situations in cloud usage, where security and privacy problems occur\u2014and where the PRISMACLOUD functions can be applied to mitigate those problems. The situations are specifically regarded from a cloud customer or end user perspective.<\/p>\n<p>We start with an assessment on how security and privacy is regarded in current cloud services and applications. To this goal, current cloud ontologies and refer-ence architectures are being analysed, and the privacy policies, the privacy guaran-tees, and other security options of the major cloud providers investigated in depth and compared in a synoptic table. This analysis is followed by an exploration of ma-jor security benefits and security risks in cloud computing. The analysis of the cur-rent situation frames the context for the presentation of eight cloud security pat-terns of situations, which occur over again in public cloud environments\u2014situations where the end user security or privacy is challenged and often compromised. The eight cloud security patterns describe situations where the application of PRISMACLOUD cryptographic primitives can significantly improve the security of the end user, or protect his\/her privacy better than current solutions.<\/p>\n<p>The cloud security patterns shall be re-used in the \u201cSecurity and privacy by de-sign\u201d task of WP7 \u201cComposition of next-generation secure cloud services\u201d to pro-vide guidance for the scientists and engineers working on the development and implementation of the cryptographic primitives, as well as to communicate the po-tential and the capabilities of the PRISMACLOUD crypto primitives to end users.<\/p>\n","protected":false},"author":2,"featured_media":1693,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17,7],"tags":[],"_links":{"self":[{"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/posts\/1681"}],"collection":[{"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/comments?post=1681"}],"version-history":[{"count":4,"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/posts\/1681\/revisions"}],"predecessor-version":[{"id":2653,"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/posts\/1681\/revisions\/2653"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/media\/1693"}],"wp:attachment":[{"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/media?parent=1681"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/categories?post=1681"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/tags?post=1681"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}