Amsterdam, September 19-20th, 2017
In September 2017 RestAssured became a member of the Data Protection, Security, and Privacy in the Cloud (DPSP) Cluster.
Joining the cluster enables RestAssured to maximize the impact of the project’s outcomes by seeking synergies in the methods, tools, and solutions and identifying future research and innovation needs. The collaboration among the members of the cluster also ensures the adoption of the results by aligning the exploitation strategies and maximizing the impact of dissemination and communication activities.
Adaptant Solutions AG represented the RestAssured consortium at the DPSP meeting in Amsterdam on September 19th. Adaptant’s CTO introduced the RestAssured project to the other DPSP cluster members in a brief slide presentation, focusing on the four innovation pillars of the project: Intel SGX (read the article “Intel SGX Development from IBM” on the RestAssured blog), sticky policies, Models@runtime, and automated risk management.
Not only are many of the objectives of our fellow DPSP cluster members closely aligned to those of RestAssured, but also the technologies utilized within the projects are similar or in some cases identical. Spiros Alexakis from PaasWord gave a presentation outlining the project’s semantic policy enforcement and attribute-based access control (ABAC using XACML) as well as use cases for IoT analytics. Spiros also represented the Unicorn project outlining their cloud orchestration techniques, including semantic policy validation and real-time vulnerability assessment over multi-cloud execution environments. Other participants included Erkuden Rios Velasco presenting the MUSA project (the multi-cloud security framework) and Thomas Langer from PrismaCloud (Cloud Security as a Service).
Unfortunately, Christof Fetzer, the coordinator of the SecureCloud project, was unable to attend the meeting. Their work includes the open source release of the TaLoS project (https://github.com/lsds/TaLoS). This software allows existing applications to securely terminate their TLS connection inside a SGX secure enclave. This means that existing applications can use the TaLoS library with little if any modifications, in contrast to the SSL add-on for the Intel SGX SDK.