Community Research and Development Information Service - CORDIS

H2020

PRISMACLOUD Report Summary

Project ID: 644962
Funded under: H2020-EU.2.1.1.

Periodic Reporting for period 2 - PRISMACLOUD (PRIvacy and Security MAintaining services in the CLOUD)

Reporting period: 2016-02-01 to 2017-07-31

Summary of the context and overall objectives of the project

PRISMACLOUD (PRIvacy and Security MAintaining services in the CLOUD) is a H2020 research project of 42 months duration dedicated to the enablement of secure cloud based services by improving and adopting novel methods from cryptographic research to increase the trustworthiness of cloud offerings. The research agenda of PRISMACLOUD is based on the following objectives, which we are targeting with our developments. On the one hand, we focus on confidentiality of data during their life cycle in the cloud. Secondly, we are putting significant effort in verifiability features for data in the cloud and thirdly, also the privacy of users interacting with a cloud environment.

To assure the practical relevance of the developments within PRISMACLOUD, the aforementioned efforts are accompanied by non-cryptographic research topics considered essential for the commercial success of the project results. We will provide secure and efficient software implementations of core technologies and showcase them in selected testbeds. Three different use-cases from different application domains will be used to demonstrate and evaluate the potential of the project outcome, i.e., demonstrate a measurable increase in service level security and privacy. Furthermore, novel human-computer interaction (HCI) guidelines will help to design services, which respect the users’ needs and therefore guarantee for best acceptance. In order to use the developed methods properly in novel application scenarios after the project, a holistic security framework and accompanying usage patterns will be prepared in support of service developers.

The major outcome of PRISMACLOUD will be a novel toolkit to build security and privacy enhanced services as well as a portfolio of 8 services. The delivered blueprints together with software implementations will foster the use of cryptography in cloud computing to build end-to-end secure services. The consortium with 16 partners from 7 different EU member states and two associated countries (Switzerland and Israel) is led by AIT Austrian Institute of Technology GmbH.

Work performed from the beginning of the project to the end of the period covered by the report and main results achieved so far

In the first period the use cases have been specified and the requirements gathered as well as the research gaps identified. The second period was dedicated to research and development activities towards the development of the PRISMACLOUD toolkit and services, which are among the main results of the project. In the following we present the work performed till month 30 and achievements.

WP3 is dedicated to promote the uptake of PRISMACLOUD by end users and business. For achieving this, research on factors motivating both end users and businesses to use/deploy PRISMACLOUD’s novel methods and services have been conducted as well as HCI guidelines for the development of usable user interfaces were established.

In WP4 enabling cryptographic primitives, protocols and schemes have been advanced. We improved the state in secret sharing techniques, malleable and functional signature schemes as well as format- and order-preserving encryption schemes in various different directions. The results obtained in this work package have been presented in various scientific conferences and provide the basis for the PRISMACLOUD toolkit designed in WP5.

In WP5, we researched and designed a collection of five tools which comprise the PRISMACLOUD toolkit, i.e., secret sharing based distributed storage, end-to-end authenticity while preserving privacy, verifiable data processing, certification of virtualized infrastructures, and encryption and anonymization of large data sets. All these tools were designed and implemented in software and have been cloudified via the PRISMACLOUD services in WP7. Additionally, in WP6 we provide efficient implementations of cryptographic primitives in software and also one selected functionality in hardware.

A reference architecture has been developed in WP7 together with a development methodology, which helped in the development of the 8 security and/or privacy enhanced PRISMACLOUD services. Later they will be evaluated and validated in a testbed infrastructure currently established in WP8.

The consortium was able to generate high visibility in the scientific community and published 58 publications. They also started with the exploitation of the results and already identified 6 key exploitable results.

Progress beyond the state of the art and expected potential impact (including the socio-economic impact and the wider societal implications of the project so far)

The project is advancing the state of the art in various aspects. In order to explain the expected results and the potential impact generated we are grouping the results into 4 layers, i.e., Primitives, Tools, Services and Applications.

On the Primitives layer PRISMACLOUD is advancing cryptography. Cryptographic methods are improved and adapted to fit the requirements we derived from the use cases developed in the project. Advancement of cryptography in the right direction is a basic prerequisite for generating impact. The PRISMACLOUD already achieved considerable progress in this area and we expect to generate a substantial impact in the scientific community.

The Tools layer encapsulates the so called PRISMACLOUD tools. On one hand tools describe how cryptography can be combined to provide useful functionality. On the other hand tools are accompanied with software implementations which help to apply them to build real world applications in a fast and efficient way. The goals of the Tools layer is to facilitate the possibility to build various kinds of services out of one tool in a very flexible way and therefore to open up broad application of PRISMACLOUD results. The PRISMACLOUD toolkit comprises 5 new tools which have been developed and makes the research output more tangible. We develop tools for secure object storage, flexible authentication with selective disclosure, verifiable data processing, infrastructure certification and data privacy. All tools provide new security and/or privacy properties not available today in the cloud market. Furthermore, they enable the implementation of new cloud services with increased security and privacy in short time and without deep knowledge of underlying cryptography.

To demonstrate the benefits of the tools, in the service layer we are developing new services based on the specific tools developed. The services are part of the service layer and give developers of applications a simple way to access the PRISMACLOUD tools.

The selected services will be deployed and showcased in the pilots of the projects. However, the services are designed in a domain independent manner and with broad application fields in mind and the tools easily allow to design new services. They could be commercialized right after the project by partners in different form and providers, e.g., Interoute can directly extend their offerings and reach a large market. Furthermore, some of the services do not even require a full access to the data center they run in, i.e., they can be directly deployed on public cloud services. Finally, the potential impact on the service layer is expected to be substantial, because the services give application developers an easy way to access the cryptographic tools developed and integrate them in their applications.

To outreach to end users and demonstrate the higher level of security of PRISMACLOUD services we are piloting the use cases in three domains. The use cases will be the first to support the new features of the secure services in the project and demonstrate the benefit for end users.

Related information

Follow us on: RSS Facebook Twitter YouTube Managed by the EU Publications Office Top