Business Cases & Impact

 

PaaSword is driven by the project’s pilots. These have been selected to cover a variety of business and public ecosystems with different characteristics, thus, promoting the general applicability and validation of the project results. Five types of PaaSword pilot applications are covering important, real needs of user communities and their respective success criteria:

  • Protection of personal data in a multi-tenant CRM environment (led by CAS)
  • Secure Sensors Data Fusion and Analytics (led by Siemens)
  • Protection of Sensible Enterprise Information in Multi-tenant ERP Environments (led by SingularLogic)
  • Encrypted Persistency as PaaS/IaaS Service for Reduced Time-to-Market (led by SixSq)
  • Secure Intergovernmental Document and Personal Data Exchange (led by Ubitech)

Their business challenges provide a clear statement for a holistic data privacy and security by design framework, assisting in meeting specific security standards imperative from customer needs, EU rules or ISO standardization organizations, for cloud-based applications on Platform-as-a-Service solutions. Meeting the requirements will increase the security in cloud-based applications and, furthermore, leads to a more attractive development environment and reducing the time-to-market for new applications.

PaaSword intends to offer such a platform, supporting the encrypted persistence of the stored data by-design and which addresses the individual challenges by the pilot partners:

  • The encryption of distributed existing databases and corresponding transaction logs
  • Context-driven policies for accessing the stored information
  • Object annotations modelling access rights for specific purposes, easily understood and defined by application developers, and a corresponding interpreter generating policy enforcement rules
  • Virtualization of data storages, i.e. SQL and No-SQL, realizing the appropriate query synthesis and aposynthesis capabilities
  • Key management mechanisms making the key usage transparent to the cloud-based applications and services
  • Asymmetric encryption, enabling the per-user encryption of the stored data and the per-user definition of policies regarding said data