CORDIS
EU research results

CORDIS

English EN
The European Security Certification Framework

The European Security Certification Framework

Objective

In recent years the ICT market has evolved toward a cloud-based approach. This shift together with the rapidly changing legal and regulatory landscape has heavily impacted security assurance, governance and compliance. The information security market players have tried to provide suitable solutions to cope with issues such as i) lack of means to provide higher level of assurance (e.g continuous monitoring and auditing), ii) privacy not adequately taken into account, iii) limited transparency and iv) lack of means to streamline risk management and compliance. In the certification space this has resulted in the creation of several schemas creating an additional problem, i.e. the proliferation of certification scheme. The project EU-SEC will improve the effectiveness and efficiency of existing approaches for assurance and compliance. The EU-SEC aims to create a framework under which existing, certification and assurance approaches can co-exist. The three core ideas behind the EU-SEC project are that an effective and efficient approach to trust, assurance and compliance has to: (1) balance the need of nations and business sectors to develop their specific certification schemas with the need of CSPs to reduce compliance costs (2) avoid that humans (auditors) do activities that can be performed by machines (e.g. collecting data) (3) make sure that accurate and reliable evidences/information are provided to relevant people, in a timely fashion, leveraging as much as possible automatic means. The EU-SEC framework will equip stakeholders in the ICT security ecosystem with a validated governance structure, a reference architecture, and the corresponding set of tools to improve the efficiency and effectiveness of their current approach to security governance, risks management, assurance and compliance. The EU-SEC aims to enhancing trustworthiness and transparency in the ICT supply chain through business cases developed and piloted by industrial partners.
Leaflet | Map data © OpenStreetMap contributors, Credit: EC-GISCO, © EuroGeographics for the administrative boundaries

Coordinator

FRAUNHOFER GESELLSCHAFT ZUR FOERDERUNG DER ANGEWANDTEN FORSCHUNG E.V.

Address

Hansastrasse 27c
80686 Munchen

Germany

Activity type

Higher or Secondary Education Establishments

EU Contribution

€ 893 450

Participants (9)

Sort alphabetically

Sort by EU Contribution

Expand all

CLOUD SECURITY ALLIANCE (EUROPE) LBG

United Kingdom

EU Contribution

€ 929 375

SIXSQ SARL

Switzerland

NIXU OYJ

Finland

EU Contribution

€ 406 875

PRICEWATERHOUSECOOPERS AKTIENGESELLSCHAFT WIRTSCHAFTSPRUFUNGSGESELLSCHAFT

Germany

EU Contribution

€ 89 250

MINISTRSTVO ZA JAVNO UPRAVO

Slovenia

EU Contribution

€ 165 625

MINISTERSTVO FINANCII SLOVENSKEJ REPUBLIKY

Slovakia

EU Contribution

€ 155 625

FABASOFT CLOUD GMBH

Austria

FABASOFT R&D GMBH

Austria

EU Contribution

€ 174 737,50

CAIXABANK SA

Spain

EU Contribution

€ 182 875

Project information

Grant agreement ID: 731845

Status

Ongoing project

  • Start date

    1 January 2017

  • End date

    31 December 2019

Funded under:

H2020-EU.3.7.

H2020-EU.2.1.1.

  • Overall budget:

    € 3 842 450

  • EU contribution

    € 2 997 812,50

Coordinated by:

FRAUNHOFER GESELLSCHAFT ZUR FOERDERUNG DER ANGEWANDTEN FORSCHUNG E.V.

Germany