Today, cloud computing is already omnipresent and starts pervading all aspects of our life, whether in the private area or in the business domain. In order to address the challenges and to enable the implementation of services with the intended security properties, a set of goals for the PRISMACLOUD project has been identified.
In particular, the goals are:
Development of cryptographic tools to protect the security of data during its lifecycle in the cloud
We aim at the development of cryptographic methods to protect confidentiality, integrity, and authenticity of data at rest beyond standard content encryption. We are also investigating how authenticity of data can be preserved throughout processing and how computing tasks could be outsourced in a verifiable manner.
Development of cryptographic tools and methods to protect privacy of users
We aim at the development of cryptographic schemes to preserve privacy of users interacting with cloud services by allowing users to only reveal the information absolutely necessary for authorization.
Creation of enabling technologies for cloud infrastructures
We target the provision of software and hardware implementations of relevant cryptographic mechanisms and novel cryptographic techniques to certify the structure of cloud topologies, to prove claims about the certified topology, and to bind topology to component attestation.
Development of a methodology for secure service composition
Development of holistic security models and their seamless integration according to security by design priciples. Examination of usability aspects to ensure user acceptance of developments within the project and development of solid business models and opportunities for trustworthy cloud services with increased security and privacy.
Experimental evaluation and validation of project results
The evaluation and validation of the developed methods and tools will be done in three pilots from three different domains, namely e-Health, Smart City and e-Government. For all stakeholders we will also provide a handbook on secure cloud usage for end users, citizens, policy makers, and security managers.
The main idea and ambition of PRISMACLOUD is to enable end-to-end security for cloud users and provide tools to protect their privacy with the best technical means possible - by cryptography.
To make this idea come true PRISMACLOUD comprises following fields of core innovations:
Verifiability of data and infrastructure use
PRISMACLOUD will research and innovate in the field of verifiable computations, functional signatures, as well as in structural integrity for certification of visualized infrastructures. All techniques will help to protect the integrity and authenticity of outsourced data with strong guarantees.
User privacy and anonymisation
PRISMACLOUD will innovate, advance and develop cryptographic methods for privacy preserving service usage by means of data minimization and data anonymisation. This tools are key seriously consider cloud environment to host services based on sensitive personal data.
Securing data at rest
PRISMACLOUD will develop novel techniques to protect the integrity and confidentiality for data stored in the cloud. We will develop methods to store unstructured data which are ideally capable to provide security in the long term and everlasting privacy. Furthermore, different cryptographic tools for structured data and seamless service integration will help to protect data in legacy applications.
Secure and efficient implementations
PRISMACLOUD will also deliver efficient and secure implementations complemented with hardware prototyping and security testing for fully integrated solutions. Access to good implementations after the projects are a basic requirement to make the novel technologies available for service Integrators.
Methodology, tools and guidelines for fast adoption
To facilitate fast adoption of PRISMACLOUD results we further develop holistic security models and methods for secure service composition. Moreover, novel HCI guidelines including HCI design patterns for usable privacy-preserving cryptography and protocols for the cloud will help to design services which respect the users' needs and therefore guarantee for best acceptance.