Privacy and Resilience for Internet-scale Critical Infrastructure
Motivation:State-of-the-art cloud computing enables seamless access to services and global availability of information, but inherent risks severely limit the application of this technology.
In a cloud environment, pertinent data is accessed via information and communications technology (ICT) using remote hardware instead of being stored only on a local server or computer. The benefi ts of increased storage at reduced cost allow information to be made readily available.
However, the current cloud computing model comes with perceived risks concerning resilience and privacy. There are three fundamental trends in ICT whose risks mutually reinforce each other:
- the push towards an Internet of Services - most services are provided on the web as a platform;
- cost pressures drive a migration of ICT into so-called Infrastructure clouds;
- growing importance of ICT as the critical “nervous system” for socially relevant “smart” infrastructures – such as healthcare, energy, environmental monitoring, or mobility.
The TClouds project targets cloud computing security and minimization of the widespread concerns about the security of personal data by putting its focus on privacy protection in cross-border infrastructures and on ensuring resilience against failures and attacks.
Objectives:Trustworthy Clouds (TClouds) aims to build a prototype Internetscale ICT infrastructure which allows virtualized computing, network, and storage resources over the Internet to provide scalability and cost-effi ciency. The following objectives contribute to achieving the overall goal:
- Identifying and addressing the legal and business implications and opportunities of a widespread use of infrastructure clouds, contributing to building a regulatory framework for enabling resilient and privacy-enhanced cross-border infrastructure clouds.
- Defining an architecture and prototype for securing infrastructure clouds by providing security enhancements that can be deployed on top of commodity infrastructure clouds (as a cloudof- clouds) and assessing the resilience and privacy benefi ts of security extensions of existing clouds.
- Providing resilient middleware for adaptive security on the cloud-of-clouds. The TClouds platform will provide tolerance and adaptability to mitigate security incidents and unstable operating conditions for a range of applications running on such clouds-of-clouds.
- A smart energy grid with Portugal’s leading energy and solution providers Energias de Portugal and EFACEC: TClouds will show how such energy-preserving systems can be migrated to a cloud infrastructure while increasing their resilience, privacy protection and tolerance against both hackers and hardware failures.
- A patient-centric home healthcare service with San Raff aele Hospital in Milano, Italy, will remotely monitor, diagnose and assist patients outside a hospital setting. TClouds will demonstrate how the quality of in-home healthcare can be improved cost-effi ciently without reducing privacy.
- An infrastructure cloud security architecture with welldefi ned abstractions and standardised interfaces that allow loosely coupled components to provide adaptive and scalable resilience and privacy.
- Novel resilient protocols, cloud security mechanisms, management components, and selected open source implementations.
- Proof-of-concept prototypes that evaluate our results in experiments, in conjunction with and validated by key stakeholders represented by the Advisory Board and others.