Information Protection Processes and Procedures

Dynamic Real-time Infrastructure Planner (DRIP) is responsible for the planning, validation and provisioning of the virtual infrastructure enlisted to support an application specified in SIDE. DRIP has formulated an acceptable proposed infrastructure, which automatically negotiates with cloud providers in real-time to provision the infrastructure with respect to an agreed set of service level agreements (SLAs) that will satisfy (in principle) all quality of service requirements.

Ecosystem of cloud facilities characterized by superior security guarantees, providing protection from attacks by privileged users (e.g. the cloud provider or the system administrator) and software (e.g. the hypervisor). SecureCloud is flexible, since it can satisfy a wide range of customers-specific requirements including big data processing, secure intra-cloud communication, precise microservice scheduling and reliable data storage. SecureCloud is interoperable, in that its facilities can be seamlessly integrated with best of breed offerings from the Open Source community.

The WITDOM Key Management component provides management of secrets (for example, private and public encryption keys or credentials to access the storage) that are required for operations run by protection components. Since secrets are required in trusted and untrusted domains, there are two instances of the KM component in the WITDOM architecture with similar functionalities.

WITDOM’s Secure Signal Processing (SSP) component performs secure signal processing operations on protected data and signals (encrypted, obfuscated, split or a combination thereof) in an untrusted environment, by preventing the disclosure of the sensitive information while it is being processed in the untrusted domain.