In the week from 16 to 20 April 2018, PRISMACLOUD attended the 26th meeting of the ISO SC27 "IT-Security Techniques" in Wuhan, China. We are having two active liaisons with SC27 working groups WG2 "Cryptography and Security Mechanisms" and WG4 "Security Controls and Services", and this was the fourth ISO meeting we were attending.
In WG4, the standard ISO/IEC 19086-4 "Cloud SLA - Security and Privacy", to which we already contributed objectives covering our newly developed services (integrity protection of data in motion, anonymous and pseudonymous authentication support, and data minimisation cryptographic controls) was propagated to "Draft International Standard" level and thus will likely be published at the upcoming 27th meeting in Norway in autumn. Although PRISMACLOUD will be over then, at least two of our project partners have already established channels through their respective national bodies (i.e. Austria and Germany) and intend to continue the PRISMACLOUD mission beyond project end.
In WG2 we were particularly successful in Wuhan: Together with the CREDENTIAL H2020 project, we managed to secure enough international support to kick off a new "work item" for a standard covering the cryptographic technology of "redactable signatures", one of the technologies we employ to minimize unnecessary dispersion of private data. We have been working towards this goal for the last 1,5 years and now also provide one of the rapporteurs of this upcoming standard.
Beyond the mentioned activities, we could again link up and network with excellent researchers from all over the world. And visiting the metropolitan area of Wuhan, a 20 million inhabitants megacity that generates about 20% of the Chinese GDP (particularly in optical technology) was also an interesting adventure and a pleasure.