Skip to main content

Secure Data Processing in the Cloud

Deliverables

Final RestAssured Handbook

The first release of the RestAssured Handbook aligned with V3 of the RestAssured Architecture, Methodology and code.

Final Impact and Innovation Management Summary Report

This report summarizes the achievements in innovation management. It is the definitive statement of the achievements exploiting the project results, the potential for further progress.

Final Validation Plan

This document constitutes the final validation plan for all three RestAssured use cases.

Initial High Level Architecture

This report will describe the initial technical architecture of RestAssured providing a blueprint for WP3–WP6

First Impact and Innovation Management Summary Report

This report summarizes the achievements in innovation management.

Project Management and Quality Assurance Handbook

This handbook will contain key management and governance structures, procedures and contact persons; it will include clear procedures to be followed by each work package, task and deliverable leader. If required, it will be updated in periodic reports. The handbook will also define the internal procedures for measuring and evaluating the project execution and results obtained.

Integrated Approach for Enforcing End-User Privacy Policies across Third-party Cloud Infrastructures

This final report will describe the RestAssured integrated approach for detecting end-user privacy policy violations as well as their dissolving through runtime reconfigurations. It will report about the prototype implementation of the RestAssured engine for automatically restoring privacy compliancy.

Impact Plan

This plan sets out the channels and protocols by which partners communicate outside of the project, establishing a consistent and clear message, including dissemination and communication.

First Validation Plan

This document constitutes the initial validation plan for all three RestAssured use cases.

Revised Methodology and Technical Concept for Decentralized Data Lifecycle Management

This report will describe the final version of the methodology for specifying end-user privacy policies and for enforcing specified policies amongst decentralized cloud application components. It provides an integrated prototype that allows specifying end-user privacy policies, observing their changes and propagating these changes to the RestAssured Secure Enclaves

Methodology for Decentralized Data Lifecycle Management

This report will introduce the RestAssured data lifecycle management approach that allows for enforcing end-user privacy policies amongst multiple cloud service providers. It will also report on the prototype for connecting end-user privacy policies to sensitive data via encryption.

RestAssured Security and Privacy Engineering Methodology

This report will describe the overall risk-based Privacy by Design methodology to be supported by the project, as well as the semantics of the RestAssured threat models. It will also report on the prototype RestAssured modelling tool that empowers users to create threat models.

Conceptual Foundation of the RestAssured Secure Enclave

This report describes the concept of the RestAssured Secure Enclave, the API of the software encryption toolbox, as well as the prototypical implementation of augmenting of Apache Spark with software encryption libraries.

Technical Concept for Communicating Policy Changes across RestAssured Secure Enclaves

This report will describe the technical concept that captures end-users’ privacy policy changes and that selects Secure Enclaves being affected by captured changes. It also reports on a prototype enabling end-users to specify privacy policies.

Conceptual Foundation for the RestAssured Security and Privacy Engineering

This report will describe the semantics of the RestAssured mitigation models and will include the up-dated RestAssured engineering methodology. It will also report about prototype tool for creating mitigation models.

First Validation Results

This document constitutes the results of the initial validation for all three RestAssured use cases

First RestAssured Handbook

The first release of the RestAssured Handbook aligned with V2 of the RestAssured Architecture, Methodology and code

RestAssured Security and Privacy Engineering

This report will include the final version of the RestAssured risk-based privacy by design methodology that ensures a comprehensive coverage of privacy and threats in the cloud. It will report on the final version of the RestAssured modelling tools and API.

Final Validation Results

This document constitutes the results of the final validation for all three RestAssured use cases.

RestAssured Roadmap

This document will highlight issues for both future research and application of RestAssured technolo-gies.

Concept for End-User Privacy Policy Violation Detection

This report will document the RestAssured runtime meta model semantics that aims for expressing the cloud-application aspects to be checked against the privacy policies. Further, the report will describe the RestAssured approach for checking the runtime model against end-user privacy policies, and report on the prototype for detecting privacy policy violations.

Final High Level Architecture & Methodology

This report will describe the final RestAssured methodology and the overall composition of the RestAssured components at a functional level, and describes the interactions between the components, including the conceptual description of their APIs, as well as the deployment and usage of the RestAssured Testbed.

WP4 2d Half Technical Report

This report describes the work done in the second half of the project on WP4, including a description of the use of AMD SEV hardware enclaves and the development of encryption in Apache Parquet.

RestAssured Secure Enclave Manual

This report will describe the final version of the RestAssured Secure Enclave. The description will include the manual of the RestAssured Secure Enclave as well as its extension capabilities. It will also describe the RestAssured Secure Enclave Platform.

First High Level Architecture & Methodology

This report will describe the RestAssured methodology and the overall composition of the RestAssured components at a functional level, and describes the interactions between the components, including the conceptual description of their APIs, as well as the deployment and usage of the RestAssured Testbed.

Concept for Privacy Compliance Restoring Reconfigurations

This report will document the RestAssured approach for deriving adaptations plans based on runtime models and violation traces. The concept will include the utilization for privacy violation traces that will dissolve detected privacy violation root causes, and it reports on the prototype for generating and executing a reconfiguration plan for the cloud application.

Publications

Resource Optimization Across the Cloud Stack

Author(s): Zoltan Adam Mann
Published in: IEEE Transactions on Parallel and Distributed Systems, Issue 29/1, 2018, Page(s) 169-182, ISSN 1045-9219
DOI: 10.1109/TPDS.2017.2744627

Cloud simulators in the implementation and evaluation of virtual machine placement algorithms

Author(s): Zoltán Ádám Mann
Published in: Software: Practice and Experience, 2018, ISSN 0038-0644
DOI: 10.1002/spe.2579

Specification of cloud topologies and orchestration using TOSCA: a survey

Author(s): Julian Bellendorf, Zoltán Ádám Mann
Published in: Computing, 2019, ISSN 0010-485X
DOI: 10.1007/s00607-019-00750-3

Situativer Datenschutz im Fog-Computing

Author(s): Zoltán Ádám Mann, Andreas Metzger, Klaus Pohl
Published in: Informatik Spektrum, Issue 42/4, 2019, Page(s) 236-243, ISSN 0170-6012
DOI: 10.1007/s00287-019-01190-1

Using risk patterns to identify violations of data protection policies in cloud systems

Author(s): Stefan Schoenen Zoltán Ádám Mann Andreas Metzger
Published in: 13th International Workshop on Engineering Service-Oriented Applications and Cloud Services (WESOACS 2017), 2018

The special case of data protection and self-adaptation

Author(s): Zoltán Ádám Mann Andreas Metzger
Published in: IEEE/ACM 13th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS 2018), 2018

Towards a run-time model for data protection in the cloud

Author(s): Zoltán Ádám Mann Andreas Metzger Stefan Schoenen
Published in: Modellierung 2018, 2018

Secure Data Processing in the Cloud

Author(s): Zoltán Ádám Mann, Eliot Salant, Mike Surridge, Dhouha Ayed, John Boyle, Maritta Heisel, Andreas Metzger, Paul Mundt
Published in: Advances in Service-Oriented and Cloud Computing - Workshops of ESOCC 2017, 2017, Page(s) 149-153
DOI: 10.1007/978-3-319-79090-9_10

Two are better than one: An algorithm portfolio approach to cloud resource management

Author(s): Zoltán Ádám Mann
Published in: Proceedings of the 6th European Conference on Service-Oriented and Cloud Computing (ESOCC 2017), 2017, Page(s) 93-108
DOI: 10.1007/978-3-319-67262-5_8

Towards an End-to-End Architecture for Run-Time Data Protection in the Cloud

Author(s): Nazila Gol Mohammadi, Zoltan Adam Mann, Andreas Metzger, Maritta Heisel, James Greig
Published in: 2018 44th Euromicro Conference on Software Engineering and Advanced Applications (SEAA), Issue 2018, 2018, Page(s) 514-518
DOI: 10.1109/seaa.2018.00088

Modeling Data Protection Vulnerabilities of Cloud Systems using Risk Patterns

Author(s): Palm, Alexander; Mann, Zoltán Ádám; Metzger, Andreas
Published in: 10th International Conference on System Analysis and Modeling Languages, Methods, and Tools for Systems Engineering (SAM 2018), Issue 2018, 2018, Page(s) 1-19
DOI: 10.5281/zenodo.1324125

Auto-Adjusting Self-Adaptive Software Systems

Author(s): Zoltan Adam Mann, Andreas Metzger
Published in: 2018 IEEE International Conference on Autonomic Computing (ICAC), Issue 2018, 2018, Page(s) 181-186
DOI: 10.1109/icac.2018.00030

Data protection in fog computing through monitoring and adaptation

Author(s): Zoltán Ádám Mann
Published in: KuVS-Fachgespräch Fog Computing 2018, 2018

Architecture and Quality of Cloud Simulators

Author(s): Zoltán Ádám Mann
Published in: Software Engineering and Software Management 2019, 2019, Page(s) 177-178
DOI: 10.18420/se2019-56

Optimized cloud deployment of multi-tenant software considering data protection concerns - Abridged version

Author(s): Zoltán Ádám Mann, Andreas Metzger
Published in: Software Engineering und Software Management 2018, 2018, Page(s) 59-60

Finding Risk Patterns in Cloud System Models

Author(s): Florian Kunz, Zoltan Adam Mann
Published in: 2019 IEEE 12th International Conference on Cloud Computing (CLOUD), 2019, Page(s) 251-255
DOI: 10.1109/cloud.2019.00051

Optimized Cloud Deployment of Multi-tenant Software Considering Data Protection Concerns

Author(s): Zoltan Adam Mann, Andreas Metzger
Published in: 2017 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGRID), 2017, Page(s) 609-618
DOI: 10.1109/CCGRID.2017.10

Joint Optimization of Scaling and Placement of Virtual Network Services

Author(s): Sevil Draxler, Holger Karl, Zoltan Adam Mann
Published in: 2017 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGRID), 2017, Page(s) 365-370
DOI: 10.1109/CCGRID.2017.25

Cloud Topology and Orchestration Using TOSCA: A Systematic Literature Review

Author(s): Julian Bellendorf, Zoltán Ádám Mann
Published in: Service-Oriented and Cloud Computing - 7th IFIP WG 2.14 European Conference, ESOCC 2018, Como, Italy, September 12-14, 2018, Proceedings, Issue 11116, 2018, Page(s) 207-215
DOI: 10.1007/978-3-319-99819-0_16

Optimized Application Deployment in the Fog

Author(s): Zoltán Ádám Mann, Andreas Metzger, Johannes Prade, Robert Seidl
Published in: Service-Oriented Computing - 17th International Conference, ICSOC 2019, Toulouse, France, October 28–31, 2019, Proceedings, Issue 11895, 2019, Page(s) 283-298
DOI: 10.1007/978-3-030-33702-5_22

Datasets

Automotive Fleet Vehicle Data

Author(s): Mundt, Paul
Published in: Zenodo