D2.2. Requirements analysis and consolidation

The objective of the TREDISEC project is to develop tools that enhance the confidentiality and integrity of the data and computations outsourced to the cloud. While a number of solutions already address some cloud security problems, the new TREDISEC framework will be designed to integrate various security primitives into a unified framework without sacrificing the scalable advantages of cloud computing.

The purpose of this deliverable is to explore the various functional and non-functional requirements (including security and privacy requirements) of cloud storage and computation systems and identify not only the most relevant ones but also those which may not be met simultaneously. With this aim, the following methodology has been applied:

• The six representative TREDISEC use cases have been analysed and a complete set of functional requirements is derived: these requirements must basically be fulfilled for the correct operation of the cloud system. On the other hand, the major security and privacy requirements of these use cases are also highlighted targeting the protection (privacy and integrity) of storage and computation operations.

• Since the description of the use cases and the derived security requirements are high-level, the deliverable further focuses on the different primitives the project aims at designing (in WP3, WP4 and WP5): Once the dedicated security and privacy requirements are defined the document explains how these requirements affect the functional requirements and specify the ultimate (and sometimes conflicting) TREDISEC requirements which basically combine one security requirement with one or several functional requirements.

• As the final target of the project is the development of a unified framework (WP6) integrating the different security primitives, this document also outlines the requirements with respect to the architecture of the framework that will help TREDISEC developer and administrators to choose the most convenient architectural approach and specify technical details. These requirements are differentiated with respect to their technical, business, and quality nature.

Thanks to the specification of the requirements combining security and operational aspects, the TREDISEC project is now moving into the design of the various security primitives (WP3, WP4 and WP5) and further into the orchestration of these individual modules.