Introduction to the CUMULUS Project

CUMULUS framework will bring service users, service providers and cloud suppliers to work together with certification authorities in order to ensure security certificate validity in the ever-changing cloud environment.


The CUMULUS project will aim to fulfill the promise of cloud technology by dispellng concerns regarding the security, privacy, governance and compliance of the data and software services offered throught it, especially those that arise from the security properties of the different types of services available through a cloud.

Funding Scheme

CUMULUS is an EU FP7 project.


The CUMULUS project ran from October 2012 – September 2015.

Consortium Composition

For information about the CUMULUS Project partners, click here.

CUMULUS Project Deliverables

CUMULUS developed an integrated framework of models, processes and tools supporting the certification of security properties of infrastructure (IaaS), platform (PaaS) and software application layer (SaaS) services in cloud. 

For information about CUMULUS project deliverables, click here.

Cloud Security Alliance Role in CUMULUS Project

CSA will be mainly involved in tasks related to the definition of the model, process and mechanisms where it will contribute expertise and transfer knowledge from already developed CSA research products, such as GRC Stack. Moreover CSA will provide support to scenarios validation and dissemination activities by leveraging its wide (CSA corporate members), and the numerous participations in and and workshops. Furthermore CSA will facilitate interaction between CUMULUS and standard development organization (SDOs) through the recently established CSA Standards Secretariat and CSA’s International Standardization Council (ISC).