PRISMACLOUD – PRIVACY AND SECURITY MAINTAINING SERVICES IN THE CLOUD

PRISMACLOUD addresses these challenges and yields a portfolio of novel security enabled cloud services, guaranteeing the required security for sensitive data in the cloud.Techniques for outsourcing computation with verifiable correctness and authenticity-preservation allow to securely delegate computations to cloud providers. A distributed multi-cloud data storage architecture shares data among several cloud providers and improves security and availability. Dynamically updating shares by means of novel techniques avoids vendor lock-in, preserves data authenticity, facilitates long term privacy and promotes a dynamic cloud provider market.

prismacloud.eu

PROGRAMME: FP7-SEC-2013-1

ABSTRACT:

Risk management is a core duty in critical infrastructures as operated by utility providers. Despite the existence of numerous risk assessment tools to support the utility providers in estimating the nature and impact of possible incidents, risk management up till now is mostly a matter of best practice approaches. Risk management tools are mostly focused on one of two major topics: – the utility network physical infrastructure, consisting of, e.g. gas, water pipes or power lines – the utility’s control network including SCADA (Supervisory Control and Data Acquisition) networks and business and information systems. In the context of utility providers, these network types exhibit a significant interaction, and therefore risk management methods that focus on just one of these network types might be insufficient – referred to as interconnected utility infrastructures in this description. The main objective of this project is to identify and evaluate ‘Hybrid Risk Metrics’ for assessing and categorising security risks in interconnected utility infrastructure networks in order to provide foundations for novel protection and prevention mechanisms. The project will provide utility network providers with a risk assessment tool that – in adherence with, e.g., the BSI or ICNC recommendations – supports qualitative risk assessment based on numerical (quantitative) techniques. For that matter, our method will explicitly account for the infrastructure’s two-fold nature in terms of the utility network and the control network alongside it. The expected impact is thus a movement away from best practice only, towards the treatment of risk in utility networks based on a sound and well-understood mathematical foundation. The project will take an explicit step towards considering security in the given context of utility networks, ultimately yielding a specially tailored solution that is optimal for the application at hand.

COORDINATOR: AIT Austrian Institute of Techonology GmbH

PARTNERS:

  1. ETRA I+D S.A. – Spain.
  2. UNIVERSITÄT PASSAU – Germany
  3. LANCASTER UNIVERSITY – United Kingdom
  4. AKHELA SRL – Italy
  5. SUMINISTROS ESPECIALES ALGINETENSES COOP. V. – Spain
  6. LINZ AG FUR ENERGIE, TELEKOMMUNIKATION, VERKEHR UND KOMMUNALE DIENSTE – Austria.

KEY WORDS: Risk management, SCADA, game theory, security