D7.7. Business Models for TREDISEC

Under the Horizon 2020 Framework Programme, EC demands that supported research projects reach society, promoting their value and the benefits derived from the technological and scientific activity through public funding so they are returned to society. The European Commission states that businesses and consumers still do not feel confident enough to adopt cross-border cloud services for storing or processing data, because of concerns related to security, compliance with fundamental rights (regulations, etc.), and data protection in general.
In deliverable D1.6 “Innovation management report” we have already performed a review and analysis of the state of the art technologies, and concluded that current solutions lack important features from the customer’s point of view (i.e. simplicity, fast deployment, protection against vulnerabilities, etc.). Moreover, both the European Citizens and Organizations report suffering vulnerabilities with an important cost.
Therefore, improving security and privacy features will contribute to evolve the cloud offerings, placing new services and solutions on the market that are aligned with the European directive and the GDPR regulation for security and privacy.
In the TREDISEC project, we address these problems by creating technologies that will impact existing businesses and will generate new profitable business opportunities. Our value proposition is to develop novel, modular, end-to-end security primitives, which also provide functional capabilities and can be provisioned by a unified framework, covering the entire spectrum of cloud-relevant security, functional, and non-functional requirements.
In order to achieve that, TREDISEC proposes a product portfolio which is built around the following key exploitable project results:
TREDISEC Security Primitives: Software components that address specific combinations of usually exclusive functional-security requirements, such as: confidentiality with storage efficiency, confidentiality with multi-tenancy, confidentiality with efficient data processing and availability, and integrity with storage efficiency.
TREDISEC Framework: System that will combine and orchestrate the aforementioned security primitives with the objective of creating a single cloud security framework.
TREDISEC products provide and add value to the existing market solutions, such as SAP HANA and ~okeanos by GRNET being deployed within the project consortium, but also outside, such as to OpenStack and to Amazon EC2. In this way, businesses and organizations will be able to, not only address current customers’ security and privacy concerns, but also comply with corporate security requirements and EU data protection rules, without significant additional computational or storage costs, and with negligible reduction in performance.
In order to generate revenue within the EU economic area, the consortium has identified business models that will sustain the outcome of the TREDISEC project in terms of business benefits and potential triggers for markets. This document describes the relevant customer segments, depending on their needs, focusing on the sectors with a higher risk of attack (and thus, more interested in improving their systems), and the best way to approach them. We have identified two main channels to reach potential customers: an online channel for reaching users with a technical profile and “turn” them into influencers inside their companies; and a field sales force for reaching larger companies that require customization.
The proposed business model advocates the project deliverables via a unified Framework, which is able to integrate (or “glue together”) all the Security Primitives developed by the project partners.
Following this business model proposal, a “freely” available Framework does not imply that there is no benefit from it. There are numerous ways in which TREDISEC can benefit from the Framework; For example, almost certainly, the Framework will need customization for different installations. So, there will be considerable need for consultancy, maintenance and customization work to be done.

This deliverable is Confidential: only for members of the consortium (including the Commission Services)