Aus Aifbportal
Wechseln zu:Navigation, Suche
20150312 Password Logo transparent RGB.png

A Holistic Data Privacy and Security by Design Platform-as-a-Service Framework Introducing Distributed Encrypted Persistence in Cloud-based Applications

Kontaktperson: Gunther Schiefer

Projektstatus: abgeschlossen


The vision of PaaSword is to maximize and fortify the trust of individual, professional and corporate customers to Cloud-enabled services and applications, to safeguard both corporate and personal sensitive data stored on Cloud infrastructures and Cloud-based storage services, and to accelerate the adoption of Cloud computing technologies and paradigm shift from the European industry. Thus, PaaSword will introduce a holistic data privacy and security by design framework enhanced by sophisticated context-aware policy access models and robust policy access, decision, enforcement and governance mechanisms, which will enable the implementation of secure and transparent Cloud-based applications and services that will maintain a fully distributed and totally encrypted data persistence layer, and, thus, will foster customers' data protection, integrity and confidentiality, even in the case wherein there is no control over the underlying third-party Cloud resources utilized. In particular, PaaSword intends not only to adopt the CSA Cloud security principles, but also to extend them by capitalizing on recent innovations on (a) distributed encryption and virtual database middleware technologies that introduce a scalable secure Cloud database abstraction layer combined with sophisticated distribution and encryption methods into the processing and querying of data stored in the Cloud; (b) context-aware access control that incorporate the dynamically changing contextual information into novel group policies implementing configurable context-based access control policies and context-dependent access rights to the stored data at various different levels; and (c) policy governance, modelling and annotation techniques that allows application developers to specify an appropriate level of protection for the application’s data, while the evaluation of whether an incoming request should be granted access to the target data takes dynamically place during application runtime.

Involvierte Personen
Andreas OberweisGunther SchieferAndreas SchoknechtMurat Citak


von: 1 Januar 2015
bis: 31 Dezember 2017
Finanzierung: EU


CAS Software AG, SICS - Swedish ICT AB, ICCS - Institute of Communications and Computer Systems, Intrasoft International SA, SEERC - South East European Research Center, SixSq, UBITECH, Siemens SRL, SingularLogic Cyprus Ltd, [[Partner::Arbeitsgruppe Kryptographie und Sicherheit des Instituts für Theoretische Informatik (ITI)]]


Betriebliche Informationssysteme


PaaSword (Cloud Computing, Sicherheit, Datenbanksysteme)

Publikationen zum Projekt
 - book
 - booklet
 - proceedings
 - phdthesis
 - techreport
 - deliverable
 - manual
 - misc
 - unpublished

Yiannis Verginadis, Antonis Michalas, Panagiotis Gouvas, Gunther Schiefer, Gerald Hübsch, Iraklis Paraskakis
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services
Journal of Grid Computing, 15, (2), Seiten 219-234, Juni, 2017

Andreas Schoknecht, Gunther Schiefer, Murat Citak, Andreas Oberweis
Security-by-Design in der Cloud-Anwendungsentwicklung
HMD Praxis der Wirtschaftsinformatik, 53, (5), Seiten 688-697, Oktober, 2016

↑ top

Gunther Schiefer, Matthias Gabel, Jeremias Mechler, Andreas Schoknecht, Murat Citak
Security in a Distributed Key Management Approach
30th International Symposium on Computer-Based Medical Systems (CBMS), Seiten: 816-821, IEEE, Juni, 2017

Efi Papatheocharous, Spyros Mantzouratos, Panagiotis Gouvas, Gunther Schiefer, Sebastian T. Schork, Mohamed Ahmed Abdelraheem, Jeremias Mechler, Matthias Gabel, George Moldovan, Kateryna Yurchenko, Thomas Carnehult
PaaSword: A Data Privacy and Context-aware Security Framework for Developing Secure Cloud Applications - Technical and Scientific Contributions
European Space Projects: Developments, Implementations and Impacts in a Changing World (EPS), Seiten: 3-27, SciTePress, Porto

Rafael Dowsley, Matthias Gabel, Gerald Hübsch, Gunther Schiefer, Antonia Schwichtenberg
A Distributed Key Management Approach
In IEEE, Proc. of the 2nd International Workshop on Cloud Security and Data Privacy by Design (CloudSPD'16), co-located with the 8th IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2016), IEEE, Luxembourg, Dezember, 2016

Yiannis Verginadis, Antonis Michalas, Panagiotis Gouvas, Gunther Schiefer, Gerald Hübsch, Iraklis Paraskakis
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services
5th International Conference on Cloud Computing and Services Science, CLOSER 2015, Springer, Lisbon, Portugal, Mai, 2015

↑ top

Gunther Schiefer, Andreas Oberweis, Murat Citak, Andreas Schoknecht
Security-by-Design in der Cloud-Anwendungsentwicklung
In Cloud Computing. Die Infrastruktur der Digitalisierung., Seiten 169–183, Vieweg Verlag, Edition HMD, April, 2018

↑ top

This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644814