PaaSword - A Holistic Data Privacy and Security by Design Platform-as-a Service Framework Introducing Distributed Encrypted Pers
Although enterprises recognize the compelling economic and operational benefits of running applications and services in the Cloud, security and data privacy concerns are the main barriers in Cloud adoption. Deploying confidential information and critical IT resources in the Cloud raises concerns about vulnerability to attack, especially because of the anonymous, multi-tenant nature of cloud computing. Current Cloud applications and storage volumes often leave information at risk to theft, unauthorized exposure or malicious manipulation.
The most critical part of a modern Cloud application and services is the data persistency layer and the database itself. PaaSword aims to fortify the trust of individuals and corporate customers in Cloud-enabled services and applications. The focus is on secure storage of both corporate and personal sensitive data on Cloud infrastructures. Because valuable business benefits cannot be unlocked without addressing new data security challenges posed by Cloud Computing.
Small & medium enterprises, Open Source developers, Large companies, International agencies, Research institutions.
Open Source software available on
To address the challenges, PaaSword will introduce a holistic data privacy and security-by-design framework based on distributed and encrypted data persistence and sophisticated context-aware access control mechanisms in Cloud-based services and applications. With the innovative PaaSword approach for key management, customers will have maximal control over the use of their data in Cloud services. PaaSword will extend the Cloud Security Alliance's Cloud security principles, by capitalizing on recent innovations in virtual database middleware technologies that introduce a scalable secure Cloud database abstraction layer with sophisticated data distribution and encryption methods.
Furthermore, the implementation of enterprise security governance in Cloud environments will be supported by a novel approach towards context-aware access control mechanisms that incorporate dynamically changing contextual information into access control policies and context-dependent access rights to data stored in the Cloud. Finally, PaaSword will support developers of Cloud applications through code annotation techniques that allow specifying an appropriate level of protection for the application's data.