EU-SEC Project

Introduction to the EU-SEC Project

The European Security Certification Framework (EU-SEC) strives to address the security, privacy and transparency challenges associated with the greater externalisation of IT to Cloud services.

EU-SEC will create a certification framework under which existing certification and assurance schemes can co-exist. Furthermore, it will feature a tailored architecture and provide a set of tools to improve the efficiency and effectiveness of current assurance schemes targeting security, governance, risks management and compliance in the Cloud. It will be tested and validated in pilots involving industrial partners.

Funded by Horizon 2020; a funding programme created by the European Union to support and foster research in the European Research Area, the EU-SEC Consortium believes that providing a trustworthy and certified cloud services is a necessary condition to be able to provide trustworthy other added value services. This will be supported by integrating relevant requirements from public and private sector, governance schemes and the partner’s state of the art tools/architectures ranging in maturity from TRL 4 to TRL 9. It will furtherly enhance trustworthiness and transparency in the ICT supply chain through business cases developed and piloted by industrial partners.

Funding Scheme
EU-SEC is an EU H2020 project.

Duration
The EU-SEC project will run from September 2016 – August 2019.

Consortium Composition

TBA

EU-SEC Project Objectives

  • Increase user trust in Cloud Service Providers by defining principles, rules and processes for mutual recognition between different certification schemes indicating security and privacy level.
  • Stream line governance, risk management and compliance of cloud service delivering a reference architecture, mechanisms and tools for continuous auditing and certification reducing human interaction.
  • Initiate the process for the trans-European adoption of the EU-SEC framework and of the format used to express security requirements, controls and audit results to support EU-SEC’s long term sustainability.

Cloud Security Alliance Role in EU-SEC Project

CSA is contributing to the elicitation of EU-SEC framework requirements and leading the definition of the governance framework. Furthermore, CSA will have major contribution to the tools innovation and architecture development and in the execution and analysis of both pilots which will validate the components of the EU-SEC. Finally CSA leads the standardisation tasks and contribute to the dissemination and exploitation activities.