SUPERCLOUD - User-Centric Management Of Security And Dependability In Clouds Of Clouds

Date: 
01/02/2015 to 31/01/2018

Introduction

Today, despite its unravelling business benefits, distributed cloud computing raises many security and dependability concerns. Root causes include increase in complexity and lack of interoperability between heterogeneous, often proprietary infrastructure technologies. SUPERCLOUD thus proposes new security and dependability infrastructure management paradigms that are :

  • user-centric, for self-service clouds-of-clouds where customers define their own protection requirements and avoid lock-ins; and
  • self-managed, for self-protecting clouds-of-clouds that reduce administration complexity through automation.

SUPERCLOUD will reach the following objectives:

  • Self-Service Security: Implementation of a cloud architecture that gives users the flexibility to define their own protection requirements and instantiate policies accordingly.
  • Self-Managed Security: Development of an autonomic security management framework that operates seamlessly over compute, storage and network layers, and across provider domains to ensure compliance with security policies.
  • End-to-End Security: Proposition of trust models and security mechanisms that enable composition of services and trust statements across different administrative provider domains.
  • Resilience: Implementation of a resource management framework that composes provider-agnostic resources in a robust manner using primitives from diverse cloud providers.

Who is the project designed for?

The target is clearly the customer! SUPERCLOUD offers business opportunities in many dimensions. For instance, SUPERCLOUD technology allows creation of value-added services that bring together resources from several, possibly untrusted, cloud providers to give users better service and more security and dependability guarantees, as illustrated by deployment of the infrastructure for healthcare use-cases. Thus, the customer can choose which security and availability services to deploy in his own self-service cloud. SUPERCLOUD can also create business opportunities for a number of other verticals, including cloud brokerage, network function virtualization, blockchain, or smart home security.

How will your project benefit the end-user?

SUPERCLOUD will build a self-management infrastructure for security and dependability of heterogeneous resources across federated clouds. Customers will be provided with self-service environments enabling adaptive, customizable security for their cloud applications and services.

SUPERCLOUD will provide innovative cryptographic methods and tools for protecting data across distributed clouds through on-demand data security services, such as access control, blind computation, privacy-preserving indexing, and data availability.

SUPERCLOUD will enable resilient network-as-a-service, leveraging software-defined networking paradigms. It will also provide strong guarantees for end-to-end security and integrated trust management across multiple infrastructure layers and cloud domain

The supporting SUPERCLOUD architecture builds on the abstraction of U-Cloud (user-centric cloud) to achieve provider independence for security management.  So far, we defined the architecture of the SUPERCLOUD security layer and the design and implementation of its components through proof-of-concepts, also showcasing the technology on two compelling healthcare use-cases. Next steps are gradual integration within and across SUPECLOUD computing, data management, and networking layers. Partners are also working on wider adoption of SUPERCLOUD ideas and innovation such as impacting the Hyperledger Fabric open-source blockchain project or creating a startup around the Janus multi-cloud storage system.

 

News

TYPES: helping users in the current quest for privacy & data protection

Types aims to safeguard the individual’s privacy and put them in control of how their data is handled by providers for commercial or advertising purposes. Types also allows users to verify in a simple way if their online rights are adequately safeguarded and if personal data is exchanged for useful reason, and namely to deliver added-value to the end-user.