D6.1 - TREDISEC framework implementation

The TREDISEC project has two main objectives:

  • Design and develop solutions that fulfil both security and functional requirements of cloud-based systems
  • Develop a framework that supports users in designing, managing and using such solutions.

The solutions are offered through the framework in the form of security primitive patterns, security primitive implementations and TREDISEC Recipes. Deliverables D2.3 and D2.4 described the architecture design of the TREDISEC framework, and detailed the lifecycle of security primitives, in their three flavours, and how the framework supports that, providing different functionalities and specific features to the four user roles identified, namely: TREDISEC Security Admin, TREDISEC end-user, Security Expert engineer, Security Technology Provider.

Deliverable D6.1 is a software implementation of the TREDISEC framework architecture design, as it is described in its final version in D2.4. The present document is a description of the actual software, which is available, as a stable version at M30, from the following sources:

Following, we describe in detail the TREDISEC Framework software implementation, starting with the roles we support and how they should use the framework, the functionalities offered , making especial emphasis in three processes: packaging (critical for the creation of actionable security primitive patterns, security primitive implementations and TREDISEC Recipes), primitives testing and deployment.

The testing of security primitive implementations and TREDISEC Recipes, which can either focus in functional requirements (e.g. correct functionality of the solution, etc.) or performance (e.g. increase or reduction of time of processing after deploying the solution) is supported by the framework by making available the so-called TREDISEC Testing Environments (TTEs). These TTEs are basically virtual environments (VMs) that users of the framework can use to test the capabilities of the primitives before actually downloading/using them in their own Cloud environments. These TTEs can be also used for deploying TREDISEC recipes and play around with them, e.g. by connecting via ssh.

Additionally we provide technical information of the software implementation building blocks, technologies used, communication channels and interfaces exposed, and procedures to build, install and configure your own instance of the TREDISEC Framework.

Finally, we include the conclusions and future work we will perform in the latest stage of the project together with the initial status and expected functionality.