Cloud computing is fast becoming the principal IT infrastructure facilitating, and often driving, the digital marketplace. According to one projection, the Worldwide Public Cloud Services Market will be worth USD 206.2 billion in 2019, up from 175.8 billion in 2018, a growth of 17.3 3 %. However, with a dearth of reassuring security arrangements, public authorities and companies are hesitant to entrust the storage and processing of sensitive data to external suppliers. PRISMACLOUD was set up to develop cryptographic solutions. The EU-funded project created a toolkit, alongside a portfolio of eight security enhanced cloud services. Together with the associated software, these enable end-to-end secure data services.

Gap in the clouds

PRISMACLOUD set out to fill a pronounced gap in the market for user-friendly and accessible security solutions. “Cloud computing is essentially a new form of IT outsourcing. And just as you would perform due diligence on any outsourcing company, so you need to fully trust cloud-based arrangements. Modern cryptography could reduce the reliance on trust alone by allowing control over data,” says Mr Thomas Loruenser, project coordinator. The solution combines different data protection approaches. “For example the core idea of one service is to distribute trust using encoding techniques across multiple clouds. In effect because data is fragmented no single part can reveal discernible, intelligible information to the storage provider”, says Loruenser. Moreover, because only a subset of the fragments is needed to reconstruct the data, the system is also resilient against single provider failures. As a proof of concept to demonstrate a measurable increase in service level security and privacy, PRISMACLOUD developed three case-studies based within the fields of SmartCity, e-Government, and e-Health. Project solutions were integrated into existing applications, as well as alongside new ones. By combining the pilots’ results with human-computer interaction research, PRISMACLOUD was able to identify further developments necessary for commercialisation, while better reflecting users’ needs. Generating recommendations for applications through the case studies also helps increase user acceptance of the technology.

Growing the digital single market

Access to more trustworthy cloud services will be a key enabler for European industry and for the European Cloud Strategy. One of PRISMACLOUD’s key advantages is that it can be mounted on top of existing cloud offerings, even those of less trusted lineage. The work done on data authenticity, based on digital signatures, is also relevant to digital identities’ (eIdas) regulations. Additionally, PRISMACLOUD’s enhancement of privacy directly supports the implementation of the General Data Protection Regulation (GDPR). PRISMACLOUD has succeeded in nudging some of its research results towards higher Technical Readiness Levels and its data privacy tools are already of interest to IBM. Furthermore, PRISMACLOUD’s methodology has been licensed to a start-up company which has already released its first product based on the technology. The team is further commercialising the project’s services, as well as continuing activities towards achieving standardisation of cloud security service levels and advanced digital signatures. However, as Loruenser says, “The technology has to adapt to new use cases, such as the Internet of things, which requires more advanced manipulation of encrypted and authenticated data. We also need security against potential quantum computer attacks in the future. We will be working in these areas.”

Mikroplan (MPL) and AIT presented the project results at the Infosecurity Europe. Infosecurity Europe is the region's number one information security event featuring Europe's largest and most comprehensive conference programme and over 400 exhibitors showcasing the most relevant information security solutions and products to 19,500+ information security professionals.

The stand was organized in a joint effort together with CREDENTIAL project, also a member of the TRUSTEE common dissemination cluster. In fact, besides the results, we were also promoting other H2020 project’s output, who are part of the dissemination cluster. It was a main target to generate awareness of the many innovations produced in the project and to bring project partners in contact with potential commercialization partners for exploitation beyond the consortium.

The overall outcome of the dissemination activity was very positive and we were able to establish more than 20 new contacts within security industry, which were interested in adoption of certain technologies or as a friendly customer.

Additionally, Thomas Lorünser (AIT) gave an oral presentation of the project’s result at the Cyber Innovation Showcase series stage. He presented the results achieved to interested industry people. The presentation raised some interesting discussions, specifically with governmental officials from Scandinavian countries who are involved in the development of a governmental cloud strategy.

Protean Signature Schemes

Authors

Stephan Krenn (AIT), Henrich C. Pöhls (UNI PASSAU), Kai Samelin (IBM Research Zurich), Daniel Slamanig (AIT)

Abstract

tba

Venue

Cryptology and Network Security - CANS 2018  (http://cans2018.na.icar.cnr.it/)

Place and Date

Naples, Italy, Sep 30 - Oct 3, 2018

Privacy Controls for Patients via a Selective Authentic Electronic Health Record Exchange Service: Qualitative Study of Perspectives by Medical Professionals and Patients

Authors

Alaqra AS, Fischer-Hübner S, Framner E

Abstract

Background: Patients’ privacy is regarded as essential for the patient-doctor relationship. One example of a privacy-enhancing technology for user-controlled data minimization on content level is a redactable signature. It enables users to redact personal information from signed documents while preserving the validity of the signature, and thus the authenticity of the document. In this study, we present end users’ evaluations of a Cloud-based selective authentic electronic health record (EHR) exchange service (SAE-service) in an electronic health use case. In the use case scenario, patients were given control to redact specified information fields in their EHR, which were signed by their doctors with a redactable signature and transferred to them into a Cloud platform. They can then selectively disclose the remaining information in the EHR, which still bears the valid digital signature, to third parties of their choice.

Objective: This study aimed to explore the perceptions, attitudes, and mental models concerning the SAE-service of 2 user roles: signers (medical professionals) and redactors (patients with different technical knowledge) in Germany and Sweden. Another objective was to elicit usability requirements for this service based on the analysis of our investigation.

Methods: We chose empirical qualitative methods to address our research objective. Designs of mock-ups for the service were used as part of our user-centered design approach in our studies with test participants from Germany and Sweden. A total of 13 individual walk-throughs or interviews were conducted with medical staff to investigate the EHR signers’ perspectives. Moreover, 5 group walk-throughs in focus groups sessions with (N=32) prospective patients with different technical knowledge to investigate redactor’s perspective of EHR data redaction control were used.

Results: We found that our study participants had correct mental models with regard to the redaction process. Users with some technical models lacked trust in the validity of the doctor’s signature on the redacted documents. Main results to be considered are the requirements concerning the accountability of the patients’ redactions and the design of redaction templates for guidance and control.

Conclusions: For the SAE-service to be means for enhancing patient control and privacy, the diverse usability and trust factors of different user groups should be considered.

Venue

Journal of  Medical Internet Research 2018;20(12):e10954

[Download]

CEA

Executive Summary

PRISMACLOUD aims at bringing novel cryptographic concepts and methods to practical application to improve the security and privacy of cloud based services and makes them usable for providers and users.
This document is a report on the security analysis performed on the prototype device demonstrating the hardware secure implementation of crypto primitives that was performed during task T6.4. The prototype device implements a redactable signature scheme such as described in deliverable D4.4 [1] that is robust to attacks with quantum computers. Deliverable D6.7 [2] explains the choice of Keccak and BLISS as cryptographic primitives. Deliverable D6.8 [3] describes the hardware itself.
The hardware implementation of these primitives aims at providing more performance on speed and security. Hardware implementation generally offer tamper resistance to a wide variety of attacks including side channel attacks, provided that the right counter measures are implemented. It is the purpose of Task 6.4 to evaluate the robustness of the cryptographic primitives.
A short risk analysis allows to focus the evaluation on the signing algorithm (BLISS). An analysis of the algorithm shows a vulnerability in the sparse multiplication that could be used to gain access to the key. The hardware has been slightly modified to ease the characterisation of the vulnerability, and a characterisation has been conducted, showing a path to an attack of the sparse multiplication. The masking property of the scalar product used in Greedy Scale makes it impossible to build an equation system to retrieve the coefficients of the key directly. But another property of the key coefficients allows to overcome that difficulty. The secret key coefficients are elements of a cyclotomic ring which has convenient multiplication properties. Within the trace we should always find the trace of a coefficient and its opposite. Thanks to this property a simple algorithm to retrieve the coefficient has been designed and the keys retrieved. With knowledge of this attack, it is possible to describe some countermeasures that would harden the sparse multiplication and make the attack impossible.

UNIL, UNI PASSAU, AIT

Executive Summary

The standardisation activity, which spanned over the entire duration of the project, started with one year of analysis, planning, and preparation. A standardisation plan was developed (D9.5, M12) and its implementation decided by the project plenary. In course of the imple-mentation, we established liaisons with two working groups of the ISO/IEC JTC1 SC 27 “IT Security”1: WG2 "Cryptography and Security Mechanisms" for activities concerning low level cryptographic primitives, and WG4 "Security Controls and Services” for activities on a service level; and participated for one year (March 2017 – Feb. 2018) in the specialist task force ETSI TC CYBER STF5292 which produced a Technical Specification in the field of attribute based credentials.
In the ISO, we attended four of ISO/IEC’s semi-annual meetings around the world and also participated in standardisation work between the meetings. Detailed intermediate reporting can be found in D9.6 (M24) and D9.3 (M30). To secure our impact, three project partners also sought accreditation through the mirror committees of SC27 of two European national bodies (of Germany and Austria). Through the national bodies we were able to contribute about 90 comments for the standard ISO/IEC 19086-4 “Cloud computing Service Level Agreement (SLA) framework - Part 4: Security and privacy” of WG4, which defines objec-tives to be negotiated between cloud providers and customers in a cloud SLA. Through the leverage of our national bodies’ voting rights, we were able to add several objectives to the standard for the kinds of services and tools that we developed in the project. In more detail: objectives for integrity protection of data in motion, for anonymous and pseudonymous au-thentication support and for data minimisation cryptographic controls. We also contributed a complete overhaul of a “Cryptography Component”, which is central to the standard, by systematically extending its scope to confidentiality and integrity protection not only “in motion” (as previously proposed), but also “at rest” and “during computation”.
In WG2 we carried out an operation through three of the ISO meetings: We proposed and organized a “study period” on the potential instantiation of a new standard for redactable signatures, being one of the core technologies proposed in PRISMACLOUD. Based on positive evaluation and feedback, we proposed a new “work item” (i.e. to develop a new stand-ard) and finally found the support of five other national bodies to officially start the new standard ISO/IEC 23264 “Information technology – Security techniques – Redaction of au-thentic data”. ISO/IEC 23264 will be a standard, proposed and shaped by a H2020 project3. A first “working draft” version (of 15 pages) was prepared by project partners UNI PAS-SAU, AIT—and was just by the time of this writing (19 June, 2018) sent out by ISO on its world-wide list with a call for contribution (See Appendix for this version).
A critical assessment of our activities confirms that we could achieve actual dissemination of project results into standards even during the relatively short (for standardisation processes) project duration of 3.5 years. We were certainly also lucky to encounter standards in project stages suitable for our contribution—and to receive within the ISO context the support of colleagues from research, industry, and administration for our plans. But we also could se-cure the continuation of the standardisation activity beyond project end—with AIT and UNI PASSAU having declared to remain active in cloud security and privacy standardisation in ISO SC27 and to continue to drive the standardisation activities that sprung off the PRISMACLOUD project.

TUDA, AIT, TUGRAZ, UNEW

Executive Summary

PRISMACLOUD aims at bringing novel cryptographic concepts and methods to practical application, to improve the security and privacy of cloud based services, and make them usable for providers and users. The purpose of this deliverable is to present research results developed within PRISMACLOUD that focuses on authenticators providing long term security. In particular we show novel authenticators providing everlasting privacy that can be used within the VERIDAP tool. This tool relies on verifiable computing schemes allowing for verifiable data processing by means of performing verifiable computations on data stored in the cloud. It was described in detail in Deliverable D5.10. In Deliverable D5.11 it was shown how to extend the tool to support operations on data stored in distributed fashion, i.e. stored as secret shares. Proactive secret sharing is known to provide long-term privacy with respect to the shareholders. In this deliverable we now present authenticators that provide long-term privacy with respect to the verifiers.
Proactive secret sharing often uses commitments to ensure the integrity of the shared data after share renewal. We present research results on share renewal, that preserves information theoretic privacy.
We additionally present research results on the topic of post-quantum unforgeable authenticators. Here the long-term security focus is on the unforgeability of authenticators in particular signatures in the future against the presence of quantum adversaries.
Finally we will present our work on zero-knowledge proofs, that can be used in our TOPOCERT tool, as detailed in Deliverable D5.7. Here the sensitive information is also private with respect to verifiers in an information theoretic sense, thus achieving long-term privacy.

ATOS, ETRA, LISPA

Executive Summary

This report is the second deliverable of the task T7.1 Security and Privacy by design. This task defines the translation of privacy principles as outlined in data protection legal frameworks into privacy targets which could then be ranked and categorized to determine the design priorities. During the previous phases of this task a complete Privacy and Security report, result of the appliance of the PRIPARE Methodology Handbook1, was delivered. The D7.1 Progress report for security and privacy by design guidelines covers the whole process of the software production, from the earliest stages of the development: requirements elicitation, until the latest ones, such as: release, maintenance and decommission.
Then this deliverable evaluates if the final pilots implemented on PRISMALCOUD project complies with the recommendations given on the previous deliverable of this task, D7.1 Progress report for security and privacy by design guidelines.
In order to do so, a detailed analysis of the compliance of the privacy principles (legal and functional) have been studied. The study verifies that the final components of each use case achieve successfully the compliance of the different privacy and security controls.
This document is designed to be read by privacy and security managers, privacy and security operations managers, privacy and security engineers and, last but not least, the developers. It defines the essentials to verify that all privacy and security controls and measurements have been applied correctly.

KAU, UNIL, AIT, XITRUST

Executive Summary

This deliverable summarises the main findings of the Human Computer Interaction (HCI) research work within the PRISMACLOUD project.
The focus of our work has been on researching HCI aspects and providing HCI guidelines for the Selective Authentic Exchange Service in eHealth and for the Archistar service used in PRISMACLOUD’s eGovernment use case. These two services posed several interesting and practically relevant research challenges that we addressed using a human-centred design approach involving different types of relevant stakeholders. In particular, we conducted user studies via interviews, focus groups, cognitive walkthroughs and inspections for eliciting and refining HCI requirements and for evaluating user interface concepts with the help of user interface mockups.
As a result of our user studies, we present guidelines for making the services usable, accepted, trusted, which will also in the end help to make them well deployable.
These HCI guidelines for usable user interfaces for the Selective Authentic Exchange Service in eHealth and Archistar, or related privacy-enhancing solutions based on malleable signatures or secret sharing, are provided in the form of five HCI patterns. They form the core for this deliverable. The HCI pattern approach has enabled us capturing, sharing and structuring user interface knowledge not only within but also beyond the PRISMACLOUD project.
In particular, this deliverable include the following HCI pattern collection:
* HCI.PR1 Digital Signature Visualization
* HCI.PR2 Stencil for Digital Document Redaction
* HCI.PN3 Locking-in Fields in Redactable Digital Documents
* HCI.PN4 Archistar Configuration Split View
* HCI.PR5 Data-Centric Settings for automated Archistar Configuration
HCI.PR1 and HCR.PR2 are updated versions of patterns that we published in a conference article and presented at HCII 2018.
Moreover, details of the research results are presented in two appended research articles titled “Enhancing Privacy Controls for Patients via a Selective Authentic EHR Exchange Service – Perspectives by Medical Professionals and Patients” (Appendix A) and “Usable Configuration Management for Secure Multi-cloud Storage Applications” (Appendix B).