Abstract: We present the architectural design of SUPERCLOUD, a technical framework allowing users of cloud services to deploy ensembles of computational, storage and data communication services transparently over a number of different cloud service providers (CSPs). Such ensembles, so-called user clouds or U-clouds are strictly isolated from each other and provide fine-grained security self-management facilities. To realize U-clouds, the SUPERCLOUD architecture is divided in three abstraction layers: the compute abstraction plane, the data abstraction plane, and the network abstraction plane. In this document, we describe the overall requirements for the architecture, the sub-architectures realizing the abstraction planes, as well as their interfaces and interconnections and provide a validation of the requirements with regard to two use cases arising from health care scenarios.

Abstract: This deliverable describes the specification of Security Service Level Agreement and Security Self-Management that will form the foundations of security resource requests for customers, specifying their security policy requests and negotiation capabilities as well as the requested audit levels that provide information and feedback about actual enforcement across service providers.

Abstract: In this document we describe the preliminary architecture of the SUPERCLOUD secure computation infrastructure and self-management architecture. We define its requirements, review the state-of-the-art, and present a first design of the proposed architecture.

Abstract: In this document we present the preliminary architecture of the SUPERCLOUD data management and storage. We define the design requirements of the architecture, motivated by use cases and then review the state-of-the-art. We then present designs for the overall unifying architecture for data management as well as novel security and dependability data management features.

Abstract: In this document we describe the preliminary architecture of the SUPERCLOUD multi-cloud network virtualization platform. We define its requirements, review the state-of-the-art, and present a first design of the proposed architecture.

Abstract: In this document we describe the implementation of the SUPERCLOUD architecture. The architecture provides an abstraction layer on top of which SUPERCLOUD users can realize SUPERCLOUD services encompassing secure computation workloads, secure and privacy-preserving resilient data storage and secure networking resources spanning across different cloud service providers' computation, data storage and network resources. The components of the SUPERCLOUD architecture implementation are described. Integration between the different layers of the architecture (computing security, data protection, network security) and with the facilities for security self-management is also highlighted. Finally, we provide download and installation instructions for the released software components that can be downloaded from our common SUPERCLOUD code repository.

Abstract: This Deliverable describes the implementation of the SUPERCLOUD Security Self-Management Framework. We present the specification and development of security services that are needed by Cloud Service Customers (CSC) to define, control and manage the required level of protection over compute, storage and network planes. An important part of the Deliverable is also dedicated to the presentation of Security Service Level Specification and Negotiation Platform. In addition, we report on the integration of security services together as well as with compute, data and network components. Finally,we showcase the integration of Security Self-Management with SUPERCLOUD project use-cases demonstrators (i.e., Philips Imaging Platform).

Abstract: This report describes the prototype implementations of technical components of the compute layer of the SUPERCLOUD architecture. The prototypes are concerned with realizing secure computation environments across several cloud service providers while assuring a high level of isolation of computation from access by the service providers utilizing hardware-based security mechanisms. Ways to use hardware mechanisms like FPGA for accelerating computations are also discussed. In addition, two use case-related prototypes demonstrate how SUPERCLOUD services can be instantiated in practice, whereas prototypes related to security policy modelling and enforcement demonstrate the security self-management capabilities of the SUPERCLOUD architecture.

Abstract: This deliverable describes the software components that form the secure virtualization infrastructure and security services for computation. We give an overview of the structure of the security framework for computation, present the APIs of its main components, and provide information on how to access and use the software developed.

Abstract: This deliverable presents the consolidated distributed cloud infrastructure for computation and components for SUPERCLOUD computing security management, including the final version of the description, implementation, integration results, and evaluation of the services that were developed.

Abstract: This deliverable introduces the processing functions for data management in the SUPERCLOUD. In particular, it contains security and dependability component specifications, descriptions of distributed protocols, specifications of cryptographic mechanisms, and descriptions of the data-resilience tools.

Abstract: This deliverable describes the data management software components produced in the SUPERCLOUD project. Besides briefly presenting the components, we describe how these components can be obtained and used.

Abstract: This deliverable consolidates the results relating to data management in the SUPERCLOUD. It contains descriptions of mechanisms and documents the results obtained by integrating the data handling prototypes into the testbed.

Abstract: In this deliverable we describe the SUPERCLOUD resilient network virtualization platform. We present its main components and the techniques used to improve the dependability, scalability, and security of the platform.

Abstract: In this deliverable, we describe the software components that form the multi-cloud network virtualisation infrastructure. We give an overview of the structure of the network framework, we detail the APIs of its main components, and we give information on how to access and use the software developed.

Abstract: This deliverable presents the overall architecture of the network virtualization platform, including the final version of the description, implementation and evaluation of the services and protocols that were developed.

Abstract: This report describes the evaluation of the SUPERCLOUD components and the validation of the main demonstrators produced in the SUPERCLOUD project based on two real-world products: a medical imaging platform and a healthcare laboratory information system. It also validates the SUPERCLOUD solutions and technology against the current market-leading cloud solutions.