Skip to main content

Secure and Resilient Cloud Architecture

Objective

Cloud infrastructures, despite all their advantages and importance to the competitiveness of modern economies, raise fundamental questions related to the privacy, integrity, and security of offsite data storage and processing tasks. These questions are currently not answered satisfactorily by existing technologies. Furthermore, recent developments in the wake of the expansive and sometimes unauthorized government access to private and sensitive data raise major privacy and security concerns about data located in the cloud, especially when data is physically located, processed, or must transit outside the legal jurisdiction of its rightful owner. This is exacerbated by providers of cloud services that frequently move and process data without notice in ways that are detrimental to the users and their privacy.

SafeCloud will re-architect cloud infrastructures to ensure that data transmission, storage, and processing can be (1) partitioned in multiple administrative domains that are unlikely to collude, so that sensitive data can be protected by design; (2) entangled with inter-dependencies that make it impossible for any of the domains to tamper with its integrity. These two principles (partitioning and entanglement) are thus applied holistically across the entire data management stack, from communication to storage and processing.

Users will control the choice of non-colluding domains for partitioning and the tradeoffs between entanglement and performance, and thus will have full control over what happens to their data. This will make users less reluctant to manage their personal data online due to privacy concerns and will generate positive business cases for privacy-sensitive online applications such as the distributed cloud infrastructure and medical record storage platform that we address.

Field of science

  • /social sciences/economics and business
  • /social sciences/sociology/governance/public services

Call for proposal

H2020-DS-2014-1
See other projects for this call

Funding Scheme

IA - Innovation action

Coordinator

INESC TEC - INSTITUTO DE ENGENHARIADE SISTEMAS E COMPUTADORES, TECNOLOGIA E CIENCIA
Address
Rua Dr Roberto Frias Campus Da Feup
4200 465 Porto
Portugal
Activity type
Research Organisations
EU contribution
€ 524 375

Participants (6)

UNIVERSITE DE NEUCHATEL
Switzerland
EU contribution
€ 0
Address
Faubourg De L'hopital 41
2000 Neuchatel
Activity type
Higher or Secondary Education Establishments
INESC ID - INSTITUTO DE ENGENHARIADE SISTEMAS E COMPUTADORES, INVESTIGACAO E DESENVOLVIMENTO EM LISBOA
Portugal
EU contribution
€ 450 750
Address
Rua Alves Redol 9
1000 029 Lisboa
Activity type
Research Organisations
TECHNISCHE UNIVERSITAET MUENCHEN
Germany
EU contribution
€ 395 937,50
Address
Arcisstrasse 21
80333 Muenchen
Activity type
Higher or Secondary Education Establishments
CLOUD&HEAT TECHNOLOGIES GMBH
Germany
EU contribution
€ 305 060
Address
Bamberger Strasse 1
01187 Dresden
Activity type
Private for-profit entities (excluding Higher or Secondary Education Establishments)
CYBERNETICA AS
Estonia
EU contribution
€ 273 875
Address
Maealuse 2
12618 Tallinn
Activity type
Private for-profit entities (excluding Higher or Secondary Education Establishments)
MAXDATA SOFTWARE SA
Portugal
EU contribution
€ 200 812,50
Address
Rua Antonio Correia Baharem 33 A
2580 468 Carregado
Activity type
Private for-profit entities (excluding Higher or Secondary Education Establishments)