PRISMACLOUD is a research and innovation action scheduled for 3.5 years (42 month) in the domain of security and privacy for cloud computing. This report titled “D1.3 Second Management and Progress Report” gives an overview on the project’s progress and achievements in the second reporting period M13–M30 (February 2016 - July 2017) and summarizes activities undertaken in the respective work packages.
The report is structured in the following way. After a short introduction about the current document in section 1, it presents the more specific operative goals for the second reporting period in section 2. In brief, the second project phase was dedicated to research and development of cryptographic tools and security enhanced services. The outcome from requirements and state-of-the-art research was put further, identified gaps have been closed, and novel basic technologies have been developed which are now going to be integrated in the applications to be demonstrated in the pilot.
The work progress and achievements during the reporting period are presented in section 3. After a brief progress summary, the detailed status per work package is presented including major activities per task carried out in the second reporting. The project is progressing as expected and all core work packages (WP3, WP4, WP5, WP6 and WP7) of the current reporting period are in time and delivered as planned. Accompanying tasks in WP1 and WP9 have been also very active and supported the project with coordination, communication and dissemination activities and generated substantial visibility through participation in many events. The PRISMACLOUD consortium achieved interesting scientific results (38 scientific publications) and already released a first version of the core software components, i.e., the PRISMACLOUD toolkit and the PRISMACLOUD services.
In section 3 we conclude with introducing the main dissemination and exploitation activities (WP9) done by the project partners. The consortium was very active in disseminating and communicating the project results to the target audience by participating in many events and producing a big amount of publications. We also established liaison with other relevant to PRISMACLOUD projects. Besides that, we organised two Advisory Board workshops to evaluate the ongoing work and collect ideas for future directions. Regarding standardization PRISMACLOUD established Category C Liaison with the ISO/IEC JTC1 SC27 Working Groups WG4 “Security Controls and Services” and WG2 “Cryptography and Security Mechanisms”, and within WG2 we initiated a study period for a new standard on redactable signatures, which is one of the PRISMACLOUD core technologies. Moreover, various internal exploitation activities have taken place to identify and analyse (joint) exploitable results and to develop a first version of our exploitation plan, including risk assessment and commercialization possibilities.
The project management, WP1, is covered in section 4. During the reporting period many administrative and technical management activities carried out to support the project partners to reach the project goals. In this section, we also present an estimate of the effort spent per partner and per WP during the second reporting period.
Finally, in section 5 we report the management of potential ethical issues relevant in the context of PRISMACLOUD as raised by the ethical screening report. The partners involved in the PRISMACLOUD pilots requested ethical approvals by the respective ethics committees.
In summary, during the second reporting period we succeeded to deliver the work planned within time and budget. Furthermore, during this second period we demonstrably extended the state of the art and achieved good results in two of the three main pillar of the project, i.e., advancement of cryptography and accompanying tasks to make them accessible for application developers.