PaaSword - A Holistic Data Privacy and Security by Design Platform-as-a Service Framework Introducing Distributed Encrypted Pers

What user need or pain point is your project addressing?

Although enterprises recognize the compelling economic and operational benefits of running applications and services in the Cloud, security and data privacy concerns are the main barriers in Cloud adoption. Deploying confidential information and critical IT resources in the Cloud raises concerns about vulnerability to attack, especially because of the anonymous, multi-tenant nature of cloud computing. Current Cloud applications and storage volumes often leave information at risk to theft, unauthorized exposure or malicious manipulation.

The most critical part of a modern Cloud application and services is the data persistency layer and the database itself. PaaSword aims to fortify the trust of individuals and corporate customers in Cloud-enabled services and applications. The focus is on secure storage of both corporate and personal sensitive data on Cloud infrastructures. Because valuable business benefits cannot be unlocked without addressing new data security challenges posed by Cloud Computing.

Project's major results: 
- PaaSword holistic data privacy and security by design PaaS framework
- Reference architecture
- Searchable encryption scheme for secure queries
- Policy access & context-aware security models
- Policy enforcement middleware
- IDE plug-in
- PaaSword demonstrators

Target stakeholders: 

Small & medium enterprises, Open Source developers, Large companies, International agencies, Research institutions.



Open Source software available on

AppHub Directory

Project Start: 
Project End: 

How will your solution/service benefit the end-user?

To address the challenges, PaaSword will introduce a holistic data privacy and security-by-design framework based on distributed and encrypted data persistence and sophisticated context-aware access control mechanisms in Cloud-based services and applications. With the innovative PaaSword approach for key management, customers will have maximal control over the use of their data in Cloud services. PaaSword will extend the Cloud Security Alliance's Cloud security principles, by capitalizing on recent innovations in virtual database middleware technologies that introduce a scalable secure Cloud database abstraction layer with sophisticated data distribution and encryption methods.

Furthermore, the implementation of enterprise security governance in Cloud environments will be supported by a novel approach towards context-aware access control mechanisms that incorporate dynamically changing contextual information into access control policies and context-dependent access rights to data stored in the Cloud. Finally, PaaSword will support developers of Cloud applications through code annotation techniques that allow specifying an appropriate level of protection for the application's data.

Potential exploitation strategy: 
PaaSword directly addresses one of the most critical issues with security of cloud technologies. It maximizes the trust of individuals and corporate customers in cloud applications and services, as well as enhances the ability of the European software and Cloud Computing industry to deliver them. PaaSword is expected to enable European enterprises to unlock valuable business, economic and operational benefits of migrating to the cloud. It aims to attract new groups of customers and thus unlock significant economic growth and impact. Thus, PaaSword will accelerate the adoption of Cloud Computing and further improve the competitive position of cloud providers. Five demonstrators will prove PaaSword's potential in PaaS, Public sector, Logistics chain, CRM and ERP related use cases.
- Integrated PaaSword framework and all results mentioned above except for the PaaSword demonstrators will be released under Apache Licence v.2.0
- PaaSword’s compatibility with existing solutions, and it’s planned integration or extension into already existing competitive platforms offered by the industrial partners.
- The superior security and privacy enhancing mechanisms.
- Development-assisting tools (IDE policy-modeller)
- The expected low operational costs with regard to the required platform operator interventions, (due to the holistic approach.
- Maximize and fortify the trust into cloud-enabled services
- Safeguard corporate and personal sensitive data stored in cloud infrastructures
- Open-source platform and architecture

Vertical Market: