PRIvacy & Security MAintaining Services in the CLOUD


The PRISMACLOUD consortium is composed of a balanced team of 6 industrial partners, 2 industrial research centres, 2 institutional research organisations and 6 universities, which are complementary in their expertise and have strong experience in their respective fields, i.e. cryptography, information security and cloud computing. It is equally weighted between industry and research and was selected to cover the complete value chain from theory to practice for maximum impact and exploitation potential.

Find out more about the project partners:




AIT - Austrian Institute of Technology GmbH

AIT (Austrian Institute of Technology GmbH) is an Austrian research institute with a European format and focuses on the key infrastructure issues of the future. As the largest non-university research facility in Austria, AIT has a long history and outstanding track record on participating and leading EU and national research projects. An important part of the research of the IT Security within the Digital Safety & Security Department is concentrated on secure system design for safety and security-critical information systems.

Role in Project

AIT will coordinate the project and conduct research in the area of secure distributed cloud storage. The team is experienced in managing large interdisciplinary projects also on an EU level, e.g. AIT is coordinating the ongoing cloud security research project SECCRIT ( The team has also a track record in cryptography and contribute its know how for secret sharing based storage systems gained during the last three years in the national research project Archistar (

ATOS - Atos SE (Societas Europaea)

Atos SE (Societas Europaea) is an international information technology services company. Serving a global client base, it delivers IT services through Consulting & Systems Integration, Managed Operations, and transactional services through Worldline, the European leader and a global player in the payment services industry.

Role in Project

Atos will lead the translation of privacy principles as outlined in data protection legal frameworks into privacy targets. Also Atos will lead the identification of existing or new controls suited to protect against threats to minimise, mitigate or eliminate the identified privacy risks. Atos will lead the production of specific design guidance needed for the composition of flexible and secure services. Atos will also lead the definition of a set of security objectives and best practices to guide the implementation of secure cloud services in the use cases deployment. Atos will lead the definition of the specifications and requirements of the pilot application and scenarios related to Healthcare use case. Atos also will lead the deployment and evaluation of the Healthcare use case, leading the integration of suitable methodologies and technologies in a specific solution for the Health Domain. Finally Atos will work on the development of a detailed exploitation plan and its execution.


CEA – Commissariat à l’énergie atomique et aux énergies alternatives

CEA-LETI, the Laboratory for Electronics & Information Technology is operated by the CEA Technologic Research Direction (DRT). It mainly aims at helping companies to increase their competitiveness through technological innovation and transfer of its technical know-how to industry.

Role in Project

In PRISMACLOUD, CEA will mainly bring its expertise in efficient and secure hardware implementation of cryptographix primitives.

TUDA - Technische Universität (TU) Darmstadt

The Technische Universität (TU) Darmstadt is one of Germany’s leading technical universities. It’s around 270 professors, 4,000 employees and 23,000 students devote their talents and best efforts to the significant future research fields energy, mobility, communications and information technologies, housing and living conditions.

Role in Project

TUDA will contribute to developing privately and publicly verifiable computing techniques for authenticated data stored in the cloud. With its expertise in verifiable computing, signature schemes, and post-quantum cryptography, it will work on the computation protocols and the functional signature schemes needed to provide authenticity and operations on signed data. Furthermore, TUDA will bring in its expertise in long-term security to further improve building blocks developed within PRISMACLOUD, such as verifiable computing techniques and distributed storage solutions, with respect to long-term security.


ETRA - ETRA InvestigaciĂłn y Desarrollo, S.A.

ETRA InvestigaciĂłn y Desarrollo, S.A. (ETRA I+D) is the hi-tech unit within ETRA Group, one of the leading industrial groups in Spain. Its mission is putting in the market the most advanced solutions and services related to mobility, energy and real time systems, either directly or through the 10 companies of the Group. The main market areas of ETRA Group are Spain, South-Central America, South East Asia and the EU.

Role in Project

ETRA, as large industry, will have two main roles, on the one hand as technology integrator for the demonstration of the secured solutions developed by PRISMACLOUD, and on the other hand as demonstrator provider in the field of secure ICT solutions in the smart City, where two relevant use cases will serve for the evaluation, assessment and testing of the outcomes of the project. Furthermore ETRA will have a leading role in the specification of the platform, and the requirements and use cases definition.

FCSR – Fondazione Centro San Raffaele

Fondazione Centro San Raffaele (FCSR) is a non-profit entity whose mission is the enhancement of basic, translational and clinical research in the fields of biomedical sciences and health management. Specific aims of FCSR are to expand the knowledge on the biology of diseases, to improve diagnostic techniques, to develop innovative therapeutic protocols and to advance health services.

Role in Project

In PRISMACLOUD, FCSR will mainly bring its expertise in the e-Health use case definition, in the guidance for end user and business deployment and in the experimental evaluation and validation of the project, specifically for the Health Care use case.


TUG – Graz University of Technology

Graz University of Technology (Technische Universität Graz, TUG) will be represented by the Institute for Applied Information Processing and Communications (IAIK). Around fifty researchers at IAIK conduct research, teach, and consult private and as public organizations. IAIK’s research is directed towards several applied as well as theoretical fields like computer networking, embedded systems, system- on-chip design, formal verification, computer security, information security, E-Government and eIDs, cryptography and cryptanalysis. In the field of cryptography, IAIK thereby works in theoretical cryptography for the foundations of efficient and secure algorithms and cryptographic protocols, applied cryptography in various fields of application such as cloud computing and the secure implementation of cryptographic primitives, including energy efficient designs for resource constrained devices and awareness of implementation/side-channel attacks. This wide range of related topics researched at the IAIK grants the opportunity to develop an integrated view of all these aspects, which is of special importance for a comprehensive research perspective. IAIK currently participates in several international as well as EU funded projects, has also been involved in European network of excellence projects and also regularly contributes to nationally funded projects. In addition, IAIK acts as advisory board consulting public and private institutions for rapidly-evolving areas like information security, networking, E-Government and secure implementations of software and hardware. Members of IAIK have been and still are active in standardization groups like CEN, ETSI, JCP, OASIS, TCG, W3C or IETF.

Role in Project

TUG will contribute with its experience in the design and analysis of cryptographic schemes and protocols within PRISMACLOUD in developing functional and malleable signature schemes for verifiable and authenticity-preserving computing techniques as well as signature schemes and their applications for privacy-enhancing cryptographic primitives. TUG will further bring in its expertise in cryptographic auditing methods for cloud storage architectures and its longstanding expertise in efficient software implementations of cryptographic primtives and protocols and its expertise in their standardization. Moreover, TUG contributes the technological manager (TM) to the PRISMACLOUD consortium.

IBM - IBM Israel Science & Technology Ltd.

IBM is the world’s largest IT research organisation, with more than 3,000 scientists and engineers working at 9 labs in 7 countries. IBM invests more than $5 billion a year in R&D and is the world’s leader in patent filings. In aggregate, the company currently holds more than 37,000 patents worldwide. IBM strives to lead in the creation, development and manufacture of the industry’s most advanced information technologies, including computer systems, software, networking systems, storage devices and microelectronics. IBM participates in and contributes heavily to the work of standards consortia, alliances, and formal national and international standards organisations. Where appropriate, IBM adopts consensus technologies in order to maintain openness, interoperability, and application portability.

Role in Project

Within the project IBM will strive to develop encryption and tokenization techniques able to protect the data from unauthorized access while allowing the applications and/or databases to work properly (without changes) on encrypted/tokenized data and, will aim to develop better support for anonymisation of Big data.


IRT - Interoute SpA

Interoute SpA is the Italian branch of Interoute. Interoute is the only next generation network covering the majority of the European Union with transatlantic capacity linked to North America’s major telecoms hub (refer to this map). The Company is key to Europe’s Digital Supply Chain, serving more than 14,000 customers and supporting €1 billion of eCommerce transactions daily through its data centres alone.

Role in Project

The proper allocation of part of these infrastructure resources for project use – if any – will be defined during the project execution to maximise the trade-off between large-scale validation objectives and principle of cost effectiveness and feasibility.

KAU – Karlstad University

Karlstad University is located in Värmland, Sweden and has around 12.000 undergraduate and postgraduate students, and just over 1100 staff. It offers 50 programs and 750 courses in the fields of humanities, health sciences, natural sciences, social sciences, education and technology.

Role in project

Within the project, KAU will be responsible for the HCI research, user interface development and evaluation work.


LISPA – Lombardia Informatica S.p.A.

Lombardia Informatica is a public-capital service company which has been constituted in December 1981 as an initiative of the Regional Government of the Lombardia (Regione Lombardia). It has around 630 employees and a turnover of about 200 million Euro. As IT partner of Regione Lombardia, Lombardia Informatica designs and implements ICT Systems for the Regional Government and represents the unique interface between Regione Lombardia and the marketplace. Lombardia Informatica’s mission is to innovate services and increase the Regional System’s productivity through Information Technology, in order to improve Citizen’s quality of life and Lombard companies’ competitiveness.

Role in Project

LISPA main role in PRISMACLOUD project is provide pilot site for e-Government use case. LISPA large experience providing service for Lombardy Region Government and strong expertise in large and critical data centr management will support the whole consortium to move the PrismaCloud solutions in “real field” from “research field”.

MPL – MikroPlan GmbH

Founded in 1983, MikroPlan today is one of the leading IT Consulting and Outsourcing providers in the Rhein Main region for small enterprise customers focusing on financial and insurance companies. Branch offices in Stuttgart and Eisenach expand the operating radius to central Germany. MikroPlan provides solutions for all business needs for SME customers from workstations and server/storage systems to standard software and individual software Solutions.

Role in Project

Mikroplan will bring in its experience and market knowledge of IT quality and security requirements for the financial and insurance industry domains. Their deep understanding of industry needs and and general conditions and framework requirements will help to understand how PRISMACLOUD tools could be deployed in respective scenarios. Mikroplan will contribute to the requirements gathering and develop specific use cases for the financial and insurance industry based on solid business models.


UNEW – University of Newcastle Upon Tyne

Newcastle University is one of the top research-driven universities in the UK, and its School of Computing Science has consistently been rated as world-leading, specialising in Distributed Systems, Dependability and Security. The Distributed Systems group (which includes as members the investigators) conducts research in the principles of distributed systems, the associated software architectures and their evaluation.

Role in Project

Newcastle takes a twofold responsibility in PRISMACLOUD: We lead the research for structural integrity of clouds, in particular establishing security properties in cloud topology verification and offering certification thereof in graph signatures. Furthermore, our expertise comes into play for privacy-preserving authentication investigating cryptography and service models in which users can maintain a maximum of privacy. Concretely Newcastle seeks to bind cloud structural integrity obtained through audit and certification to cloud security assurance paradigms and tools.

UNIL – Université de Lausanne

The Swiss Cybersecurity Advisory and Research Group (SCARG) is a competence centre created by Professor Ghernaouti inside the Complexity Science Group of the Faculty of Business and Economics of the University of Lausanne. It offers strategic and practical advice, targeted research, and detailed education in a variety of fields related to cybersecurity, cybercrime, cyberdefence, cyberconflicts, cyberpower and cyberresilience.

Role in Project

UNIL’s main task is to analyse the security properties of the proposed systems, and assess the potential impact of a deployment of such systems, for end-users (individuals, companies) and policy makers. UNIL will specifically regard the potential misuse of secure cloud systems to foster, enhance, and promote cybercrime. Furthermore, UNIL will work on generic requirements and security goals of secure cloud infrastructure and will be responsible for standardization issues in the project.


UNI PASSAU – Universität Passau

The University of Passau, a unique campus university in Bavaria/Germany, was founded in 1978 with faculties of catholic theology, law, humanities, and economics. Soon after, the Faculty of Computer Science and Mathematics was founded and accepted its first students. Since then, it has developed into one of the premier academic addresses in Germany, as regularly confirmed in rankings (CHE Ranking 2009: Among the top four computer science departments and among the top three faculties of law).

Role in Project

UNI PASSAU will work mainly in two fields: overall systems security and signature primitives. As a result UNI PASSAU focus is one the one hand in the tasks related to the cryptographic authenticity and integrity and the secure application of signatures (WP3 and WP4) as well as in their prototypical implementation (WP5). On the other hand UNI PASSAU will bring its experience in the security of composition of services and will lead the WP6 to guide the composition of the building blocks towards a overall secure cloud service. As an academic partner we seek to publish relevant findings in journals and conferences and together with the support of industrial partners drive standardization of cryptographic primitives (WP8).

XiTrust – XiTrust Secure Technologies GmbH

XiTrust, a SME with 13 employees founded in 2002, helps companies, which have a grown up IT-infrastructure to switch from inefficient paper processes (e.g., invoices, document archiving, mail, reports, form beings, etc) to more simple and secure electronic processes.

Role in Project

The role of Xitrust in PRISMACLOUD is to evaluate the Service Business aspects of secure ICT solutions in the field of eGovernment software solutions and to bring in Service Science/Engineering and Service Business Model aspects as well as expertise in the development of Smart Services.


Become a Member