End-to-end security comes at odds with current functionality offered by the cloud. Existing state of the art solutions completely give up one requirement for the other. End-to-end security aims to endow the users with full control over their outsourced data, but cloud service providers may not be able to efficiently process clients' data, nor may they be able to take full advantage of cost-effective storage solutions which rely on existing deduplication and compression mechanisms.
Another important point that should not be overlooked when designing security mechanisms for cloud systems is their integration into a single framework. Typically, a security primitive is devised for a single use-case and/or a specific application. Although such a design approach may reduce the complexity of the solution, it may lead to situations where security primitives are incompatible to the point that they cannot be implemented using the same interface or the same framework.
Progress towards the objectives and advance beyond the state of the art
During this reporting period, the TREDISEC consortium partners have been focusing in designing novel end-to-end security solutions for scenarios with conflicting functional and security requirements, using as bases the representative scenarios and use-cases defined by the end-user partners. We first had to identify the functional requirements that are crucial to the cloud business and explore non-functional requirements such as storage efficiency and multi-tenancy. Next, we had to analyse the conflicts between these requirements and security needs in order to develop new solutions that address these shortcomings and enhance security. Moreover, state of the art mechanisms and solutions have been analysed thoroughly in technical work-packages (WP2, WP3, WP4 and WP5). In particular, some partners of the consortium have already achieved the following advances:
- devise new primitives to support data confidentiality and data deduplication, including the analysis of its compatibility with Proof of Ownership (PoW) mechanisms;
- actively analyse the state of the art with respect to searchable encryption, secure biometric computations, and possible parallel computation and migration mechanisms;
- describe mechanisms for an optimized storage of encrypted data based on the analysis of historical or anticipated SQL queries;
- conduct a thorough survey on the state of the art on verifiable storage, verifiable computation and verifiable ownership topics in order to identify the TREDISEC specific requirements have been conducted;
- proposed a new security model for outsourced proof of retrievability;
- propose a study on the possibility of applying verifiable computing techniques to biometric comparison;
- investigating approaches to vulnerability discovery and isolation in file systems that are used to provide storage for cloud services;
- proposed a novel mechanism which enables the emerging many-core processor architectures to provide secure isolation properties for cloud platforms and especially IaaS deployments.
The design of the TREDISEC framework which efficiently integrates the required security primitives, without incurring extra processing and storage cost at the cloud service providers or end-users, has been also a key activity during these last months. The ultimate goal of the TREDISEC framework is to facilitate the orchestration of different security primitives deployed into real cloud systems.
A first architectural model of the framework has been outlined, taking into account business, quality and operational requirements, since it should support a range of stakeholders (e.g. security administrators, developers, or cloud system engineers) and target cloud offerings.
By using the framework, security primitives can be tested in isolation or combined with others, in order to produce pre-packaged security solutions ready to be deployed, which are guaranteed of being free of incompatibilities, but also should permit cloud system engineers and security experts to select, according to their own system needs, the functional and non-functional (security and privacy) requirements they wish TREDISEC to fulfil.
Summary of work performed and main achievements
Since the project kick-off, on the 1st of April, until the 31st of December 2015, which spans from M1-M9 according to the project plan, the activities performed by the TREDISEC consortium can be structured along the following lines of work:
- Launching of the project and setting up the different procedures (quality, reporting, risk management, document/output storage and management, deliverable quality review, etc.), management structure, guidelines and supporting tools to enable a seamless and fruitful collaboration among the consortium partners, in order to achieve the project objectives and develop the work promised in the DoA according to the schedule. This has been described in a deliverable document released by M3, entitled “D1.1 Project Quality Assurance Plan”.
- Definition of the Innovation strategy for the project and agree on a plan to implement and deploy it within the existing project structures. This consisted in identifying the project key innovation points and specifying “innovation-related activities” such as monitoring, emergency plans, or take-up activities, definition of a framework for assessment of the project innovation health level and strategies to identifying and acquiring feedback from different entities and communities to better align the project results with users’ expectations. This has been described in a deliverable document released by M3, entitled “D1.5 Innovation Strategy and Plan”. In the last quarter of the period, a first innovation check has been done by the Innovation Director (from NEC) with the work-package leaders in relation to the identified key innovations of TREDISEC. The result was that, so far, there are no identified threats in the market to the expected TREDISEC innovations.
- Definition of a common project strategy for dissemination and communication of project advances and results, to set the base-line for individual partner’s activities, in order to reach the maximum impact possible. The strategy is accompanied with a plan that establishes a series of activities to promote the project along its entire duration, as well as a complete set of graphical material that supports these activities. The graphical material entails the project branding (i.e. logo, colour code, templates for documents, a poster and a promotional brochure/flyer); the project website (www.tredisec.eu) online since M2, is publicly accessible; this website is considered as the main point of contact from externals and as the first means for dissemination and communication of project advances and regular achievements (the website constitutes a deliverable and is described in the accompanying document “D7.1 TREDISEC public website”); social media accounts (i.e. dedicated LinkedIn group and twitter account); infographics ( within this period, one infographic has been made available through the website); and press releases and campaigns, to promote the project official start and the networking session at the ICT 2015 event, which TREDISEC was co-organised and where there was a scheduled talk about one specific project line of research. The communication and dissemination activities are grouped into phases, each one focusing on the promotion of certain aspects of the project, with customized key messages and targeting different type of audience (i.e. scientific, research, industry, citizens, public administration, policy-makers, etc.), making use of the most appropriate channel in each case. The dissemination and communication strategy and the associated implementation plans have been defined in two deliverable documents “D7.2 Dissemination plan” and “D7.3 Communication strategy and plan” respectively, both released in M6.
- Launching of the technical work-packages devoted to the research and development of the security primitives. Each of these work-packages, namely WP3, WP4 and WP5, focus in analysing first the different conflicts that may arise, when trying to satisfy at the same time cloud functional requirements (e.g. efficiency, reduced costs) while providing security guarantees (e.g. confidentiality, integrity); and second, researching on different schemes and primitives that overcome those conflicts.
- Description of the context scenarios and specification of the use cases that will be used to drive the technical developments and evaluate the project results. Four partners of the project (SAP, GRNET, ARSYS and MORPHO) described their context scenarios and use cases, which will be used in the project with two purposes: (i) to elicit a series of end-user requirements that will influence the design of the TREDISEC framework architecture and the security primitives developed in the technical work-packages (i.e. 3, 4 and 5); and (ii) to set up the context for the evaluation activities that will take place in the last year of the project in the context of WP6. The descriptions have been compiled into a deliverable document released by M6, entitled “D2.1 Description of the context scenarios and use cases definition”, which constitutes the achievement of the first project milestone: “MS1: Use cases and scenario context definition”.
- Specification of the requirements for the TREDISEC framework and the security primitives. As indicated in the previous point, the use case scenarios propose a series of requirements for TREDISEC technical activities from the user point of view. Besides these, the actual technological challenges the project aims to face, that is the lack of practical solutions that enable combining efficiency and security aspects in current cloud solutions, are also a source of requirements for the TREDISEC developments. All these requirements are listed and a trade-off analysis is described in a deliverable document entitled “D2.2 Requirements analysis and consolidation”, released in M9.
- Outline a proposal of architectural model for the TREDISEC framework, taking into account the requirements identified in Task 2.1. This first draft analysed first, various state of the art reference architectures of cloud systems, and second, proposed an approach that permits combinations of security primitives holistically working together in a range of cloud-based settings.
- Conduct an Initial prospect of the market and identification of suitable commercialization options for the TREDISEC outputs (i.e. the framework and the security primitives). In order to evaluate the most appropriate business model for TREDISEC that will influence the framework architecture, the implementation approach and operational model, on the one hand, and the exploitation strategies on the other hand.