PRIvacy & Security MAintaining Services in the CLOUD


In PRISMACLOUD a protfolio of novel security and/or privacy enhanced services is going to be developed. Based on the Architecture a service can be seen as customization of one particular cryptographic tool (or several particular tools)  PRISMACLOUD toolbox for one specific from the application scenario. It provides a specific set of features which has been identified as particularly useful for a broader class of applications scenarios the service is targeting.

A. Data Sharing Service (DSaaS)

The PRISMACLOUD data sharing service allows multiple parties to securely store data in a cloud-of-clouds network such that no single storage node learns plaintext data, while still enabling the owner to share the data with other users of the system, i.e., the data sharing service supports secure collaboration without the need to trust one single storage provider. The delivery model of this service is IaaS.

B. Secure Archiving Service (SAaaS)

The PRISMACLOUD secure archiving service is a generic infrastructure service which can easily be integrated into cloud based backup scenarios while providing a demonstrable higher level of data privacy and availability than current cloud-based archiving solutions. The delivery model for this service is IaaS.

C. Selective Authentic Exchange Service

This service enables users to move their authentic documents to a cloud service and then delegate the selective sharing of parts of these documents to another party, while maintaining the authenticity of the selected parts. The other party can then verify the authenticity of the received data. The delivery model of this service is PaaS.

D. Privacy Enhancing ID Management Service

This service offers the capability of a privacy enhanced identity management. In particular, it allows users to store their attribute credentials obtained from some entity (e.g, a service provider or an authority) in this component and to realize a selective attribute disclosure functionality. The delivery model of this service is PaaS.

E. Verifiable Statistics Service

This service provides the functionality to delegate the computation of verifiable statistics on authenticated data in a secure way. The computations have the feature of being public verifiability, i.e., any verifier can check whether an outsourced computation has been performed correctly, or not. The delivery model for this service is PaaS.

F. Infrastructure Auditing Service

The infrastructure auditing service offers the capability to certify and prove properties of the topology of a cloud infrastructure without disclosing sensitive information about the actual infrastructure’s blueprint. The delivery model associated to this service is IaaS.

G. Encryption Proxy Service

The service supports moving legacy applications to the cloud by encrypting sensitive information identified within HTTP traffic in a format and/or order preserving way. The delivery model associated to this service is SaaS.

H. Anonymization Service

This service enables users to anonymize large data sets, and in particular database tables. The service allows users to identify private and sensitive information in the data sets and produce an anonymized version of the data set. The delivery model associated to this service is SaaS.


Become a Member