A framework for user centred privacy and security in the cloud

Niccolò Zazzeri

01 January 2015

31 December 2017

EC funded project


Trust is essential to wider uptake of cloud services but it can only come from solid mechanisms that ensure greater control over the security and privacy of the user’s data. Confidentiality and privacy are still major concerns when it comes to moving to the cloud. Many organisations are also reluctant to outsource sensitive data due to lack of control over its storage and management. What's more, it is also increasingly important to protect business assets from vulnerabilities or attacks and ensure that applications continue to operate and provide a good level of service even during an attack.

CLARUS is all about improving trust in cloud computing and securely unlocking sensitive data to enable new and better cloud services. CLARUS is developing a secure framework for storing and processing data outsourced to the cloud so end-users can monitor, audit and control their stored data while gaining the cost-saving benefits and capacity that cloud services bring.

CLARUS is paving the way towards more transparent, standardised, auditable and controllable cloud services, benefitting both consumers and providers of cloud services.

Who is the project designed for?

Information security professionals, and especially security managers can implement privacy-by-design, which ensures users of cloud services are in the driving seat when it comes to controlling their data, such as healthcare IT teams and geospatial communities.

Open source developers, tech integrators and cloud service providers can support the CLARUS proxy solution and potentially new, secure-by-design services to their customers as the market moves closer towards security-as-a-service. CLARUS can play a key role in not only moving critical applications to the cloud but also in enabling migration from a private cloud service to a pubic one, thus increasing business benefits.

How will your project benefit the end-user?

With CLARUS, cloud customers no longer need “blind trust” in their cloud service provider(s) when outsourcing their data to the cloud.

CLARUS enhances trust in cloud services through its secure and attack tolerant framework for the storing and processing of data outsourced to the cloud. This allows end users to monitor, audit and control the stored data without impairing the functionality (including the functionality provided by high-level services such as data storage, management, retrieval, transformation, etc.) and cost-saving benefits of cloud services.
CLARUS also supports the free flow of data as a necessary pre-condition for attracting data business under Digital Single Market Action #14, where the removal of data localisation restrictions is expected to boost cloud service development and uptake with significant economic benefits


Vertical Category: