D6.4 Selection and specification of tools for software implementation

Contributing Partners

TUGRAZ, AIT, IBM, UNEW, TUDA, UNIL

Executive Summary

The Horizon 2020 project PRISMACLOUD reaches out to address several of the most pressing risks threatening end user security and privacy in current public cloud offerings with a portfolio of cryptographically secured services, providing dependable end-to-end security, without having to rely on unrealistic trust assumptions regarding public cloud providers. The services shall be ready for commercial exploitation by the industry partners within the PRISMACLOUD consortium and beyond, early after project end. Speci fic exploitation plans will be prepared by the eight commercial project partners (cf. upcoming deliverables D9.3 and D9.4), being large European service and solution providers with access to end users, middleware developers, small system and solutions providers for dedicated local markets, as well as one end user (reseller) of the proposed services. The practical applicability of the services will be demonstrated and validated in three pilot use cases in the elds of Smart City, eGovernment, and eHealth.

In order to tackle and organize the complexity involved with the construction of the cryptographically secured services, we introduce the conceptual model of the layered PRISMACLOUD architecture, which is organized in 4 tiers (cf. Figure 1). On the uppermost layer are the end user applications, represented in the project by the three selected use cases from the (i) Use Cases layer. This layer uses the cloud services of the (ii) Services layer to achieve the desired security functionalities. These cloud services are a representative selection of possible services which can be built from the tools organized in the (iii) Tools layer. The selection and speci FIcation of these tools is the main focus of this deliverable. The tools encapsulate several cryptographic primitives and protocols from the (iv) Primitives layer, which is the lowest layer of the PRISMACLOUD architecture. The elements of the architecture required by the use cases will be implemented in software and provided for exploitation by the commercial project partners, and through them also beyond the project consortium. The project also features a speci fic standardization activity to disseminate the tools' specifi cations into standards to support further adoption.

While the cloud services are a representative selection of possible services covering typical use cases which can be built from the tools organized in the Tools layer, the tools can be considered as reusable building blocks providing certain basic security functionalities in one respective security functionality domain. We, thus, stress that for additional end user applications also modi fied or entirely newly composed additional cloud services are conceivable. PRISMACLOUD tools will be made available to address particular end user security and privacy risks and threats in public cloud services in five domains:

Data Storage. Data con dentiality, integrity and availability is provided for the end user by the Secure Object Storage Tool.

Authentication of Information Distributed Through Public Clouds. The authenticity of information can be preserved, even if parts   are redacted or blackened out for privacy preservation and data minimization by the Flexible Authentication with Selective Disclosure Tool.

Delegated Computation. The correctness of computations delegated to the cloud can be verifi ed by means of the Veri fiable Data Processing Tool.

Secure Infrastructure Con guration. Properties of cloud topologies (e.g. tenant isolation) can be veri fied without the cloud provider having to reveal actual confi guration detail, which would constitute a possible attack vector against the cloud provider, or reveal con fidential information belonging to other tenants of the cloud. This functionality is provided by the Topology Certi cation Tool.

Migration of Legacy Applications to the Cloud. This domain also includes the use of bulk data for big data processing. The con dentiality and data privacy is provided by the Data Privacy Tool.

This deliverable starts with introducing the above mentioned PRISMACLOUD 4-tier architecture in Section 1. In particular, we provide a brief description of all tiers as well as all involved PRISMACLOUD primitives, PRISMACLOUD tools and PRISMACLOUD services. Especially for the primitives, we only provide a very brief description and provide references to the respective technical deliverables D4.1, D4.4, D4.6, D5.1, D5.5 and D5.8 whenever appropriate for details.

Then we proceed with a description of the PRISMACLOUD tools. In Section 3, we present the Secure Object Storage Tool and the two corresponding services Data Sharing and Secure Archiving used to showcase the tool. In Section 4, we discuss the Flexible Authentication with Selective Disclosure Tool and the two corresponding services Selective Authentic Exchange as well as Privacy Enhancing Identity Management. Then, in Section 5, we present the Verifiable Data Processing Tool and the corresponding Veri fiable Statistics service that showcases its functionality. In Section 6, we present the Topology Certi fication Tool and the associated Infrastructure Auditing service. Finally, in Section 7 we present the Data Privacy Tool and the two corresponding services Encryption Proxy and Anonymization.

In all of the speci fications of the functional requirements for the tools we build upon the requirements contained in Deliverable D2.3, and the requirements provided by the Volere tool which was used for requirements elicitation. Then we apply an additional iteration to them by re fining them and additionally introducing more fine-granular functional requirements.

Finally, in Section 8, we conclude this deliverable with some final remarks. Thereby, we also recap the relation of this deliverable to upcoming work in this project, and in particular the relation to other tasks in WP6, WP7 and the exploitation in WP9.