D3.6 Progress Report on Secure Cloud Usage for End Users

Contributing Partners

UNIL, AIT, ATOS, FCSR, IRT, UNI PASSAU, XiTrust

Executive Summary 

This is the progress report of the task T3.4 “Secure cloud usage for end users”. We are here in the context of work package WP3, “End user and business deployment”, which is the work package with the objective to “promote the uptake of PRISMACLOUD resultsby end users and businesses”.1

Task T3.4 started in month 7 (M7) with a design and research phase, and we, the team of UNIL as coordinator of the task and editor of the document, and several task participants from AIT, TUG, UNI PASSAU, ATOS, IRT and XT2, are presenting in this progress report the state of our preparations of project output for the projected end users of our newly devised and implemented cloud services, to be finally delivered by project end in M42. In detail, we are preparing:

  • A detailed analysis of aspects, relevant for end users.
    Sections 2-6 (section 1 is the introduction), each section concentrating on one specific aspect or issue of importance for end users with respect to a cloud deployment, and especially a PRISMACLOUD service deployment. We will specifically highlight the properties and potential of our cloud services by providing information on:

    • The state of the art of cloud technologies; impact assessment of privacy protecting
      services for different groups of end users;
    • Threats and risks revisited, especially privacy risks covered;
    • Governance aspects; Criminal use of the cloud;
  • A description of the functionality of the eight proposed PRISMACLOUD services, and the specific security and privacy benefits which the services can yield for end users through their specific cryptographic functions. We propose a modification of the commonly used cloud security pattern method—from a means for describing a problem-solution context for generic, recurring security or privacy compromising situations in the cloud—to a means for describing, and actually specifying, the particular applications, for which the PRISMACLOUD services can provide advantage. Annex A of the document contains the eight cloud security patterns, corresponding to the eight PRISMACLOUD services.

This progress reports contains a detailed research plan for each section, describing the motivations of why we consider the single aspects as relevant for end users. In addition, we document some intermediary results of our work. The main results of this task by project end shall be:

  • A handbook on secure cloud usage for end users who intend to deploy their computation and storage infrastructures to the virtual worlds of the cloud, or have already done so. The handbook shall provide a detailed presentation of potentials and implications of using cryptographically secured privacy protecting services in general, and the PRISMACLOUD services in particular. The provided information shall enable individual and organisational end users to make informed decisions when they intend to entrust sensitive information assets to the cloud.
  • We will advance each of the single sections 2-7 with a publication in mind. Each section shall in the ideal case yield one scientific or other journal publication, thus promoting PRISMACLOUD results.
  • We are currently coordinating an activity to publish our cloud security and privacy patterns in an ENISA brochure on secure and privacy aware cloud services. Goal is to present the security and privacy capabilities of the most recent cryptographically secured cloud services, probably in the light of the upcoming European General Data Protection Regulation (GDPR). We organise that activity over the “Project Cluster on Data Protection, Security and Privacy in the Cloud” (DPSP) and also intend to include a presentation of the cloud services of the other concurrent H2020 cloud privacy projects.