The key to a secured cloud for businesses
PRACTICE is really about hiding data from other users and cloud providers, and securing computation between servers and between untrusting parties. This means that businesses can now benefit from the economies of scale brought by cloud computing while sleeping soundly. ‘Our technologies let data owners encrypt the data themselves and provide it to a service or analyst without the key to access it,’ says Dr Klaus-Michael Koch, coordinator of the project for Austrian company Technikon. ‘Most importantly, these technologies do not have to decrypt data to process it, which enables end-to-end security for data on the cloud. Insider or outsider attacks become completely useless, as the cloud server is incapable of seeing the data, but can transform it into new encrypted results using PRACTICE tech.’ The PRACTICE framework is named SPEAR, which stands for Secure Platform for Enterprise Applications and Services. It makes use of advanced cryptographic technologies while supporting users in selecting the best possible approach and mechanisms to address their specific needs. ‘One of our final deliverables consists of a large set of general guidelines, including examples of how to integrate different secure computation tools into developed applications as well as how to deploy them in the cloud. Moreover, we demonstrated a semi-automated service for setting up these technologies on the public cloud with no special skills required. We expect our industrial partners to roll out these services in the coming years, whilst platforms from our partners Cybernetica and Partisia are already on the market,’ says Dr Koch. Thanks to PRACTICE achievements, Cybernetica is offering a general platform for analysing tax fraud, medical records, genomes or building cloud platforms. The company already works with several customers in the fintech, biotech and government sectors both in Europe and other countries. Partisia, on the other hand, demonstrated an impressive and confidential benchmarking application with several Danish banks, a consultancy house and other financial organisations. Both companies are also planning cloud-deployed services for general use. Adapting the PRACTICE framework to concrete use cases was probably the most important part of the consortium’s work, as Dr Koch and his partners always aimed at a providing market-ready and turnkey solutions. They notably provide solutions for aeroengine fleet management, auctions, privacy-preserving personal genome analyses and studies, location sharing with nearby contacts, key management, mobile data sharing and secure statistics. As Dr Koch points out, there is indeed no unique model or tool which can cover all different application scenarios. ‘In some cases, use of a particular tool for implementing some scenarios is possible but not expedient. Factors such as performance, number of participants, presence or absence of colluding parties, etc. determine whether the use of a tool to implement a use case scenario is suitable or not,’ he says. Whilst the project has been completed since the end of October 2016, project partners are now focusing on dissemination and roll-out of new services.
Keywords
PRACTICE, cloud platform, SPEAR, privacy, cryptography, genome, secure statistics, cloud provider, framework.