Name: Atos Spain & GRNET
Address: Albarracín, 25 Madrid – 28037


TREDISEC (Trust-aware, REliable and Distributed Information SEcurity in the Cloud) is a European collaborative Research and Innovation Action that leverages existing or novel cryptographic protocols and system security mechanisms, which offer strong data confidentiality, integrity and availability guarantees while permitting efficient storage and data processing across multiple tenants.


From a practical standpoint, the ambition of this project is to develop systems and techniques that make the cloud a secure and efficient place to store data. We plan to step away from a myriad of disconnected security protocols or cryptographic algorithms, and to converge instead on a (possibly standardized) single framework where all objectives are met to the highest extent possible.

Started on 1st April 2015, the ultimate goal of TREDISEC is to converge to a unified framework where resulting primitives are integrated, while following the end-to-end security principle as closely as allowed by functional and non-functional requirements.

The TREDISEC framework is a piece of software that facilitates the Cloud Security technology providers to manage the entire lifecycle of the TREDISEC Primitives and Recipes.

The framework also supports consumers of such technologies in locating and identifying them in a simple and effective manner, as well as in testing and deploying those in a specific cloud-based environment, in order to fulfil consumers’ own requirements.



Catalogue of Recipes


Primitives Included


Verifiable Integrity of Virtual Systems


This recipe includes a packaged version of the TRAVIS primitive, which provides the following functionalities: (i) continuous verification of the integrity of the outsourced business services/applications and the underlying infrastructure, (ii) monitoring and reporting about Integrity aspects in Cloud Services Agreements.

Read More

Access Control and Multi-tenancy


EPICA (Efficient and Privacy-respectful Interoperable Cloud-based Authorization) is a software implementation that controls access to resources (either services or data) in multi-tenant cloud environments. This Recipe leverages Docker to allow a fully automated deployment and testing of EPICA through the framework.

Read More

Container Isolation

Container Isolation

This recipe secures Docker image manipulation throughout its life cycle: The creation, storage and usage.

Read More

Secure storage and deletion

Traditional techniques like encryption and backups address availability and confidentiality concerns but lack transparency on resource usage and assurance that data is made inaccessible when its owner so wishes. Secure Storage and Deletion recipe enables such improved transparency and control for data owners.

Read More

Secure verifiable storage

This recipe offers cloud storage providers the advantage of ensuring a secure and confidential storage of customers’ data while satisfying the cloud storage provider’ scalability requirements and optimizing their storage savings.

Read More

Secure biometric matching

A Cloud Service using this Recipe will guarantee that the privacy of the data is preserved as all operations occur in the encrypted domain, and by providing reliable cryptographic proofs for each biometric transactions.

Read More

Secure storage with proofs of retrievability

Secure Multi-Cloud Storage emerges as the centrepiece of  tomorrow’s scalable and secure storage technologies, combining the use of multiple cloud storage services and aggressive data deduplication techniques to further reduce storage cost with security and reliability at an unmatched level.

Read More

Robust cloud platform

This recipe consists of primitives designed to mitigate the risk of compromise significantly, leading to cloud platforms that are robust against cyber exploitation.

Read More

Verifiable Computations

This recipe provides some means to cloud users to verify the correctness of operations executed (outsourced) at the cloud server’s side.

Read More

These Recipes are a joint effort of various TREDISEC partners. If you are interested in knowing more, please contact us!

Category: Access Control, Data Privacy, Identity Management, Security Monitoring, Trustworthy Data Processing, Trustworthy Data Storage, and Trustworthy Infrastructure / Cloud

Type: Software


The software can be downloaded (for free) from both:



Interfaces & Protocols:

Catalogue of TREDISEC Security Primitives:

Terms & Conditions of use:

The TREDISEC framework has been released as Open Source Software, under the Apache 2.0 license.


Project documentation and other resources can be found at:

Additional information: