Requirements and Use Cases
D1.1 PaaSword Technical Requirements (*)
In this deliverable, we examine the state-of-the-art in cloud storage security through an overview of selected tools that will be useful during the development of PaaSword. Furthermore, we present the most important works that have been done regarding context awareness and security policies since such mechanisms will provide us the necessary knowledge to build the core functionality of PaaSword. In addition to that, we present a list of core technical and non-technical requirements that must be considered not only when building new cloud services but also when an organization or business migrates to a cloud environment. This comprehensive list of requirements will help us avoid common pitfalls throughout the design of PaaSword and will eventually guide us through the decisions and strategies that need to be considered in order to build a secure and privacy preserving cloud framework. Finally, we present an analysis of existing European and national projects related to PaaSword and we also provide a comparison with PaaSword. Through this comparison, we identify limitations and drawbacks of the existing approaches and gain essential knowledge regarding the missing functionality that PaaSword should cover. Read more…
D1.2 PaaSword Security Requirements (*)
The security requirements for web applications in the cloud are critical for designing the architecture and implementing the PaaSword components. To derive these requirements, the project used a risk modeling and risk assessment methodology, proposed by the Open Web Application Security Project (OWASP), that both classifies the threats and quantifies the risks. Using this methodology, the threats per web application layer (web tier, business logic, persistency layer, and cloud layer) were analyzed to derive 22 core security requirements for the PaaSword project. Looking towards the implementation of the PaaSword components and satisfying the defined security requirements, a short review of state-of-the-art techniques related to storage security was done. The review includes advanced techniques for encryption, operations directly on encrypted data, geolocation of data, and key management as well as showing how they may be useful for PaaSword. Read more…
D1.4 Security Use Cases and Acceptance Criteria (+)
Due to the inherent attributes of cloud computing (multi-tenancy, shared storage, etc), combined with the increased public awareness on the topics of data security and privacy, cloud platforms are still considered by many as having a considerable risk of exposing private data to unauthorized users. Efforts are therefore made towards integrating established and mature security and privacy mechanisms throughout the components of such platforms. The mechanisms developed by PaaSword (i.e. context-aware policy models, key management systems, transparent key handling and encrypted database access, interpretation of security and policy-related code annotations at run-time) represent such efforts. For the resulting mechanisms, an evaluation framework and a set of validation scenarios needs to be developed – towards this goal, this deliverable presents an initial set of acceptance criteria and performance metrics, as well as of a set of security use case scenarios and concludes with a brief analysis of the security use cases and acceptance criteria with regard to the previously chosen security requirements.
Framework and Software Architecture
D1.3 PaaSword Reference Architecture (*)
The scope of this deliverable is to provide the reference architecture of the PaaSword framework. The reference architecture aims to describe the design-time and run-time components that are required in order for the security-by-design concept to be realized. These components have been designed based on the functional and non-functional requirements that have been raised by the PaaSword end-users. The cornerstone component of the architecture is the PaaSword Context Model that conceptualizes the attributes of an application’s operational environment which will be taken under consideration during run-time in order to perform security management of persisted data and policy enforcement of end-users. Read more…
D5.1 Technical Integration Points and Testing Plan (+)
In-detail documentation of the technical architecture for the PaaSword Distributed Encrypted Persistence Framework and the detailed integration points among the framework’s mechanisms. Documentation of an integration plan to guide the integration of the mechanisms of the PaaSword Distributed Encrypted Persistence Framework. In-detail documentation of the testing and evaluation plan to verify the proper functioning and performance of the integrated PaaSword Framework.
This document is the first deliverable of Work Package 5. This document aims a) to handle software components integration efforts through the design of a detailed, overall technical architecture, along with the software integration and test planning; b) to integrate the different software components that are developed in the core technical Work Packages 3, 4 and 5 into a flexible, interoperability framework and platform; c) to identify how the deployment of the integrated platform will proceed.
More specifically the document aims to describe all the activities of Task 5.1 entitled “Technical Integration Points and Testing Plan”. This task starts off with an integrated analysis of all sources available and thereafter defines necessary interfaces to integrate components. Specifications of software components (layers) described in Work Packages 3, 4 and 5 are inputs for the development of the PaaSword Platform. Based upon the software components and the objectives of the PaaSword project, the detailed technical architecture for the PaaSword integrated system was designed, focusing on the definition and documentation (at technical level) of all interfaces among the several PaaSword layers.
This deliverable summarizes the technical choices that have been taken for the sake of a smooth integration in order to verify the proper functioning and performance of the integrated PaaSword framework. These choices are relevant to the overall integration plan that has been developed in the frame of the project.
D5.2 PaaSword Framework – Early Release (+)
The early release of the integrated PaaSword Framework, documentation regarding the development and integration of the PaaSword Framework.
The present document is Deliverable 5.2 “PaaSword Framework – Early Release” of the PaaSword project. This deliverable documents the technical progress that has been achieved during the development period of the first release of the PaaSword Framework. PaaSword architecture is a multi-layered one, therefore several mechanisms that correspond to these layers have been developed until M21.
The developed mechanisms are classified as back-end mechanisms and front-end mechanisms. The goal of the project during the second year was to achieve progress in all mechanisms simultaneously in order to deliver a harmonized platform. Since some mechanisms are considered quite mature, an extensive documentation is provided for them in respective sections.
Moreover, this deliverable introduces the reader to the various graphical environments that have been designed and implemented. The majority of them have already been implemented based on the Thymeleaf1 template engine. The implemented user interfaces are also documented in this deliverable.
Finally, this document describes and documents the integration progress of PaaSword platform. This process has been described in the PaaSword Deliverable D5.1; yet in the current deliverable some statistics that refer to the development process are further analyzed.
D5.3 PaaSword Framework (+)
The final release of the integrated PaaSword Framework, documentation regarding the development and integration of the PaaSword Framework. The deliverable includes an engineers’ installation and utilization guidelines manual, the documentation of the evaluation of the technical testing of the integrated PaaSword Framework, and the software quality assurance processes, tools and activities.
This deliverable documents the methodology for the deployment of the PaaSword results in new and existing software solutions in the form of adoption guidelines for practitioners from the European software industry.
Semantic access control
D2.1 Context-aware Security Model (*)
This deliverable focuses on the development of a re-usable and generic context-aware security model, the so-called PaaSword Context-aware Security Model that can set the basis for annotating database entities, Data Access Objects (DAO) or any other web endpoints that give access to sensitive data managed by cloud applications. This model comprises two main parts. The first one refers to the evaluated contextual information (e.g. the identity of a user, its role in a company, patterns of access etc.) that should be considered before granting any access to sensitive data during the execution of a cloud application. The second part refers to the attributes that characterise sensitivity levels of data objects along with the necessary encryption and physical distribution schemes that these may entail during the bootstrapping phase of a cloud application. In this respect, the context-aware security model conceptualises through an appropriate vocabulary, all the facets, which must be available to the policy model of the PaaSword framework for enabling the annotation, generation and enforcement of effective context-aware access control policies. Read more…
D2.2 Access Policy Model (*)
This deliverable sets out to present the declarative policy model underpinning the PaaSword framework. It starts off by proposing an ontological meta-model capable of generically representing security policies. The meta-model is then reified into a number of abstract policy models, or security profiles, one for each type of security policy that the PaaSword framework aspires to support. Each profile encompasses an appropriate framework of relevant classes and properties capable of accommodating the knowledge embodied in the corresponding policy type. Concrete security policies are articulated by suitably instantiating, and possibly extending, these classes and properties. The security profiles are incorporated into Linked USDL: an ontological framework that has recently attracted considerable research attention and has been adopted in numerous EU projects, due mainly to the rich set of extensibility features that it offers. Read more…
D2.3 XACML-based Context-aware Policy Access Model (+)
The XACML-based implementation of the combined context-aware security model and the access policies model.
The purpose of this deliverable is to provide the architectural and implementation details of the authorization engine that is being implemented in the frame of the PaaSword project. The document provides justifications regarding the technical choices that have been taken under consideration during the finalization of the architecture. More specifically, PaaSword has adapted an attribute based authorization scheme which is considered more flexible when compared to other types of authorization schemes such as role based authorization and access control lists.
Although there are a lot of frameworks that realize the concept of Attribute-based Access Control (ABAC), the eXtensible Access Control Markup Language (XACML) framework has been selected as a cornerstone framework in order to implement the PaaSword authorization engine. We refer to XACML as a framework since it consists of both a conceptual architecture and a set of normative schemas that have to be used by any potential reference implementations. The PaaSword authorization engine will be also addressed as “semantic authorization engine” since it extends the existing reference implementations (which will be addressed as “syntactic authorization engines”) by incorporating new features which are thoroughly analyzed in this deliverable.
These new features relate to the reasoning capabilities that are provided during the evaluation of a specific authorization request. More specifically, the semantic authorization engine that is being developed takes advantage of the semantic expressivity of the context model  and the policy model  in order to perform advanced logical reasoning instead of a plain evaluation of an attribute-expression during the handling of an authorization request.
However, the incorporation of the aforementioned advanced feature comes with a performance penalty which has to be compensated in order for the PaaSword authorization engine to meet the qualitative aspects of efficiency, responsiveness and scalability that have been analyzed in the requirements deliverable [1, 2]. To do so, several performance experiments have been conducted in order to end-up in the optimal architecture which allows fast evaluation of authorization requests even if there is an excessive amount of attributes to be evaluated.
Based on the final decisions that have been made, the proper architectural modules have been designed. This ‘modularization’ has been directly reflected in the source-code repository of the project. This deliverable provides a bird’s eye view of the source code organization.
D3.1 Policies Enforcement Middleware Mechanisms – Early Release (+)
The early release and documentation of the prototypes of the mechanisms comprising the Policies Access, Decision and Enforcement Middleware.
In this document, we provide an overview of the first version of the PaaSword policies access, decision and enforcement middleware that has been developed, in terms of WP3. This deliverable involves all the relevant mechanisms and their sub-components that materialise the enhanced context-aware access control that PaaSword platform envisions to offer. Aspects of this deliverable provide the generic workflow that reveals the interactions between these PaaSword mechanisms, while others discuss several implementation details. The following mechanisms have been implemented and are discussed in this document:
- PaaSword Context Model Editor – a modelling tool for creating and modifying the PaaSword Context Model, based on which PaaSword Access Policies can be defined;
- PaaSword Access Policy Editor – a modelling tool for creating and modifying policy sets, policies and rules according to the PaaSword Access Policies Model;
- PaaSword Annotations Governance & Validity Control Mechanism – a software component that is responsible for governing the way that PaaSword’s context and policy models are created or modified and for providing validation-checking functionalities for each new or altered policy;
- PaaSword Annotation Interpretation Mechanism – composed of software components that undertake the interpretation of method or web-endpoint annotations into XACML-based enforceable Access Control Policies;
- PaaSword Policy Enforcement Mechanism – dedicated software components (also referred to as semantic authorisation engine) for implementing the PaaSword policy enforcement business logic. Based on this mechanism any PaaSword enabled platform will be able to perform XACML-based context-aware access control;
- Key Management Mechanism – a software mechanism that is responsible for managing the keys creation, distribution and use, based on PaaSword’s key management methodology.
These mechanisms formulate the PaaSword policies access, decision and enforcement middleware that encapsulates capabilities for:
- annotating and managing method and web-endpoint annotations,
- controlling their validity,
- dynamically interpreting them into policy enforcement rules,
- enforcing these policies using an expert system,
enhancing sensitive data security by managing the key sharing
D3.2 Policies Enforcement Middleware and IDE plugin (+)
The final release and documentation of the prototypes of the mechanisms comprising the Policies Access, Decision and Enforcement Middleware, including their integration in unified IDE plugin.
Secure Cloud Storage
This deliverable lists all the distribution and encryption algorithms. The algorithms are rated for their ability to satisfy security needs like privacy, integrity and availability. The document contains the architecture, algorithms and the explanation of design choices. Finally, the architecture is presented and it is shown how the algorithms are used in the database proxy.
This document presents data distribution and encryption schemes that can be used in order to improve the security level of data stored in outsourced databases while keeping their functionality. We analyze available techniques such as deterministic encryption and data distribution with privacy constraint and also present an overview of related work. We then present the PaaSword database design, its adversarial model and the security analysis. Furthermore, we show an alternative method based on bitmap index that can help achieving an even higher security level at the cost of potentially decreasing the performance and compatibility.
The main output of work package 4 is a java implementation of encryption and distribution techniques in the database proxy. We consider the honest-but-curious attacker model that does only focus on passive adversaries that try to learn additional information but do not interfere with the functionality of the system. The main contributions are improved security by deterministic encryption of the reverse index and better functionality by a wider support for SQL statements including joins, aggregations, wildcard search and other commonly used SQL statements. We support PostgreSQL as the back-end for relational databases.
D4.2 Physical Distribution, Encryption and Query Middleware – Early Release (+)
The early version of the prototype of the mechanisms comprising the Physical Distribution, Encryption and Query Middleware.
This deliverable presents an early release of the code for data distribution and encryption that is used in the PaaSword project. This document will provide a brief overview of the supported features in the Java implementation of encryption and distribution techniques in the database proxy. For more details about the technical aspects of the solution for SQL, please refer to deliverable D4.1.
D4.3 Physical Distribution, Encryption and Query Middleware (+)
This deliverable contains the final version of the prototype of the mechanisms comprising the Physical Distribution, Encryption and Query Middleware.
Use Cases, Demonstrators and Validation
This document contains the PaaSword evaluation framework, the validation scenario definitions and the organization of the pilot showcases, highlighting the PaaSword concepts that will be evaluated and included in each one of the involved pilot implementations.
Within the frame of this document we describe the evaluation methodology developed within the PaaSword project based on existing evaluation metrics and models selected and adapted to the specific context of the project. Starting from dedicated CUPRIMDSO criteria we conduct a breakdown to concrete metrics in accordance to the ISO standard 25010. To analyse the metrics we propose different evaluation methods adequate for the PaaSword components and provide templates to be used in the evaluation conduction to be performed in the future.
Additional focus is on the definition of concrete pilot validation scenarios describing the concrete use and integration of the PaaSword components in the industrial pilot platforms as well as the planning of their conduct of implementation.
D6.2 Pilots Implementation Report (+)
A report containing deployable PaaSword pilot prototypes and their documentation.
D6.3 Validation Results and Performance Evaluation (+)
The deliverable documents the evaluation results gathered from the execution of the PaaSword validation scenarios that will be performed based on the evaluation criteria from heterogeneous user communities. It contains an analysis of the data that has been captured during the execution of the validation scenarios with the aim of providing the partners with useful feedback regarding optimizations that have to be performed.
D6.4 PaaSword Methodology
The purpose of this deliverable is to provide the PaaSword adoption methodology to potential adopters. PaaSword is practically a framework instead of a product. This means that the developed artifacts can be combined in several ways to achieve the functional goals of the adopter.
D6.5 PaaSword Impact Assessment
Report on the qualitative and quantitative impact assessment of the project’s activities.
D7.1 Communication Roadmap (+)
This deliverable provides the communication roadmap that will serve as the communication guideline for all consortium members. We present the overall communication approach that has been developed and that defines the objectives and principles. It identifies key target audiences and appropriate channels and materials of PaaSword’s communication. A first general and partners’ specific communication plan summarize communication activities to be performed in the project’s run. The ultimate purpose of these activities is to foster broad awareness of and commitment to the project and to communicate its vision, results and achievements.
This deliverable reports all the conducted dissemination activities during the first project year while it elaborates on a dissemination plan for the upcoming project period. Specifically, this report documents the dissemination activities, the envisioned relation to standards as well as the Cloud Security Industrial Focus Group (CS-IFG) related activities of the project partners. Moreover, it briefly reports on the status of the data management plan (DMP). It constitutes one of the interim versions of the D7.2 – Dissemination Activities Report. Thus, it provides details on current and anticipated individual and collaborative dissemination activities to be conducted during the second year of the project while it quantifies the target for the dissemination results over the lifespan of the project. Read more…
This deliverable reports on communication activities of the PaaSword consortium as a whole as well as on the individual level based on the communication roadmap documented in Deliverable D7.1 Communication Roadmap (Braun & Vuong 2015). It reflects the creation of a solid communication foundation in relation to the interaction with PaaSword’s key stakeholders across Europe. The actions taken reflect communication activities undertaken during the first year. We present the further elaborated communication approach, the evaluation of the general and partners’ specific communication activities implemented in the first year and an update of the communication plan with respect to the second project year. Read more…
D7.4 Business Plan and Innovation Management (+)
The goal of this deliverable is to offer an interim report on the development of the business model which is to be adopted by the project, to provide an analysis of the current market targeted by the consortium partners, to detail the exploitation plans and efforts of the first year of the project, and, finally, to provide the description of the current plan for the efficient management of intellectual property rights.
In order to accomplish the aforementioned goals, a systematic approach is undertaken, consisting of the following steps: (i) of determining the list of the exploitable assets resulting throughout the duration of the project, of (ii) updating the initial market analysis with regard to cloud services and security market and expectations providing in the initial project proposal, (iii) of the identification of the primary and secondary market competitive products and the analysis of their similarities and differences in regard to PaaSword’s approach to security and privacy and, finally, of (iv) performing a SWOT analysis of the project. The three concluding chapters detail (v) the agreement regarding the license under which the resulting platforms is to be published, as well the license concerning the pilot showcases, (vi) the initial, global PaaSword platform business model (based on the business model canvas template), and (vii) an overview of the individual exploitation outlooks and efforts during the first year of the project.
D7.6 Data Management Plan (*)
This deliverable is the first version of PaaSword’s Data Management Plan (DMP). It includes the main elements foreseen in the European Guidelines for H2020 and the data management policy that will be used for all the datasets generated by the project. PaaSword’s DMP is driven by the project’s pilots. Specifically, this document describes the datasets related to the four (out of five) PaaSword pilots: 1) Intergovernmental Secure Document and Personal Data Exchange (led by Ubitech), 2) Secure Sensors Data Fusion and Analytics (led by Siemens), 3) Protection of personal data in a multi-tenant CRM environment (led by CAS) and 4) Protection of Sensible Enterprise Information in Multi-tenant ERP Environments (led by SingularLogic). For each of these datasets, the document presents its name, description, standards and metadata that will be used, data sharing options along with archiving and preservation details. Read more…
D8.1 Project Management Handbook (+)
This deliverable provides the project management handbook that will serve as the guideline for all consortium members. The purpose of this deliverable is to describe the strategies and methods the project will adopt to ensure the proper implementation of the management procedures and the quality of project results, as well as to introduce the continuous risk management approach in order to be able to efficiently manage threats and reduce vulnerabilities.
Publishable version of the final report on the achievements of the project.
D8.3 All reports required by the Contract
Periodic project progress reports to the EC on project management, including cost statements, and technical activities.
(*) under EC review