Aus Aifbportal
Wechseln zu:Navigation, Suche
20150312 Password Logo transparent RGB.png

A Holistic Data Privacy and Security by Design Platform-as-a-Service Framework Introducing Distributed Encrypted Persistence in Cloud-based Applications

Contact: Gunther Schiefer

Project Status: completed


The vision of PaaSword is to maximize and fortify the trust of individual, professional and corporate customers to Cloud-enabled services and applications, to safeguard both corporate and personal sensitive data stored on Cloud infrastructures and Cloud-based storage services, and to accelerate the adoption of Cloud computing technologies and paradigm shift from the European industry. Thus, PaaSword will introduce a holistic data privacy and security by design framework enhanced by sophisticated context-aware policy access models and robust policy access, decision, enforcement and governance mechanisms, which will enable the implementation of secure and transparent Cloudbased applications and services that will maintain a fully distributed and totally encrypted data persistence layer, and, thus, will foster customers' data protection, integrity and confidentiality, even in the case wherein there is no control over the underlying third-party Cloud resources utilized.In particular, PaaSword intends not only to adopt the CSA Cloud security principles, but also to extend them by capitalizing on recent innovations on (a) distributed encryption and virtual database middleware technologies that introduce a scalable secure Cloud database abstraction layer combined with sophisticated distribution and encryption methods into the processing and querying of data stored in the Cloud; (b) context-aware access control that incorporate the dynamically changing contextual information into novel group policies implementing configurable context-based access control policies and context-dependent access rights to the stored data at various different levels; and (c) policy governance, modelling and annotation techniques that allows application developers to specify an appropriate level of protection for the application’s data, while the evaluation of whether an incoming request should be granted access to the target data takes dynamically place during application runtime.

Involved Persons
Gunther Schiefer, Murat Citak, Andreas Schoknecht, Andreas Oberweis


from: 1 Januar 2015
until: 31 Dezember 2017
Funding: EU


CAS Software AGSICS - Swedish ICT ABICCS - Institute of Communications and Computer SystemsIntrasoft International SASEERC - South East European Research CenterSixSqUBITECHSiemens SRLSingularLogic Cyprus Ltd

Research Group

Business Information Systems

Area of Research

Cloud Computing, Security, Database Systems

Publications Belonging to the Project
 - book
 - booklet
 - proceedings
 - phdthesis
 - techreport
 - deliverable
 - manual
 - misc
 - unpublished

Andreas Schoknecht, Gunther Schiefer, Murat Citak, Andreas Oberweis
Security-by-Design in der Cloud-Anwendungsentwicklung
HMD Praxis der Wirtschaftsinformatik, 53, (5), pages 688-697, Oktober, 2016

Yiannis Verginadis, Antonis Michalas, Panagiotis Gouvas, Gunther Schiefer, Gerald Hübsch, Iraklis Paraskakis
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services
Journal of Grid Computing, 15, (2), pages 219-234, Juni, 2017

↑ top

Rafael Dowsley, Matthias Gabel, Gerald Hübsch, Gunther Schiefer, Antonia Schwichtenberg
A Distributed Key Management Approach
In IEEE, Proc. of the 2nd International Workshop on Cloud Security and Data Privacy by Design (CloudSPD'16), co-located with the 8th IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2016), IEEE, Luxembourg, Dezember, 2016

Efi Papatheocharous, Spyros Mantzouratos, Panagiotis Gouvas, Gunther Schiefer, Sebastian T. Schork, Mohamed Ahmed Abdelraheem, Jeremias Mechler, Matthias Gabel, George Moldovan, Kateryna Yurchenko, Thomas Carnehult
PaaSword: A Data Privacy and Context-aware Security Framework for Developing Secure Cloud Applications - Technical and Scientific Contributions
European Space Projects: Developments, Implementations and Impacts in a Changing World (EPS), pages: 3-27, SciTePress, Porto

Gunther Schiefer, Matthias Gabel, Jeremias Mechler, Andreas Schoknecht, Murat Citak
Security in a Distributed Key Management Approach
30th International Symposium on Computer-Based Medical Systems (CBMS), pages: 816-821, IEEE, Juni, 2017

Yiannis Verginadis, Antonis Michalas, Panagiotis Gouvas, Gunther Schiefer, Gerald Hübsch, Iraklis Paraskakis
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services
5th International Conference on Cloud Computing and Services Science, CLOSER 2015, Springer, Lisbon, Portugal, Mai, 2015

↑ top

Gunther Schiefer, Andreas Oberweis, Murat Citak, Andreas Schoknecht
Security-by-Design in der Cloud-Anwendungsentwicklung
Cloud Computing. Die Infrastruktur der Digitalisierung., pages 169–183, Vieweg Verlag, Edition HMD, April, 2018

↑ top