TREDISEC

Trust-aware, REliable and Distributed Information SEcurity in the Cloud is a European collaborative Research and Innovation Action (RIA) (2015- ) that leverages existing or novel cryptographic protocols and system security mechanisms, which offer strong data confidentiality, integrity and availability guarantees while permitting efficient storage and data processing across multiple tenants. From a practical standpoint, the ambition of this project is to develop systems and techniques that make the cloud a secure and efficient place to store data. The project plans to step away from a myriad of disconnected security protocols or cryptographic algorithms, and to converge instead on a (possibly standardized) single framework where all objectives are met to the highest extent possible.

The current trend for data placement shows a steady shift towards the cloud. The advent of cloud storage and computation services however comes at the expense of data security and user privacy. To remedy this, customers nowadays call for end-to-end security whereby only end-users and authorized parties have access to their data and no-one else. This is especially true in the context of well-publicised data breaches and global surveillance programs. TREDISEC addresses this problem by developing systems and techniques which make the cloud a secure and efficient heaven to store data, by stepping away from a myriad of disconnected security protocols or cryptographic algorithms, to converge on a single framework where all objectives are met. More specifically, TREDISEC addresses the confidentiality and integrity of outsourced data in the presence of a powerful attacker who controls the entire network. In addition, our proposed security primitives support data compression and data deduplication, while providing the necessary means for cloud providers to efficiently search and process encrypted data. By doing so, TREDISEC aims at creating technology that will impact existing businesses and will generate new profitable business opportunities long after the project is concluded.

The TREDISEC framework is a piece of software that facilitates the Cloud Security technology providers to manage the entire lifecycle of the TREDISEC Primitives and Recipes. The framework also supports consumers of such technologies in locating and identifying them in a simple and effective manner, as well as in testing and deploying those in a specific cloud-based environment, in order to fulfil consumers’ own requirements.