Secure Services and Quality Testing

Fraunhofer Institute for Applied and Integrated Security

© Fraunhofer AISEC

Cloud-/SOA-Security, Digital Identities

During the last years, Cloud Compting Systems or Cloud Systems have become a multifaceted and economically priced solution to host virtual machines and store large amounts of data. These means offer Cloud customers on demand access to a broad range of infrastructure (IaaS), platform (PaaS) and software (SaaS) services at all times. Furthermore, Cloud Systems provide high flexibility and scalability.

Satisfying the protective goals of IT security - integrity, availability and confidentiality – depicts a crucial challenge within Cloud Systems for both cloud providers and customers. On the one hand, customers fear a loss of control over their data or bottlenecks in respect to the availability of used services. On the other hand, reliable and auditable allocation and accounting of resources used by the cloud customer require sophisticated monitoring systems set up by the cloud provider.

Offerings

The research field Secure Services and Quality Testings addresses these security challenges. We provide our partners within the private and public sector with concepts, solutions and tools to develop, compose, harden, provide and deploy secure and safe Cloud ecosystems (in accordance with the Governance-Risk-Compliance (GRC) approach). In these research partnerships, participants benefit from our comprehensive experience within SOA security, secure Cloud Systems and distributed Identity and Access Management (IAM).

Cloud Test Laboratory

We have established Cloud Computing testing facilities to support our projects. Within the Cloud Test Laboratory, we are able to examine function, reliability and interoperability of Cloud Systems. Thereby, all development stages of a Cloud System are involved, ranging from the design of single services and prototyping to comprehensive security tests of mature overall systems.