Skip to main content


SUNFISH ("SecUre iNFormatIon SHaring in federated heterogeneous private clouds") is an EU Research and Innovation project that began in 2015 and is dedicated to ICT, particularly to advanced cloud infrastructure and services.

The main problem that SUNFISH addresses is the lack of essential infrastructure and technology that would allow the European Public Sector to integrate computing clouds. Furthermore, legislative barriers often make it difficult to use available commercial technological solutions. The SUNFISH project aims to provide a specific, new solution to face these issues by developing and integrating software that enable secure cloud federation.

SUNFISH addresses the following objectives:

  • Integrate different clouds while assuring information security
  • Improve infrastructure usage efficiency, thanks to more effective workload management between shared private clouds
  • Develop services for EU citizens that use sensitive data shared securely between different private clouds


  • MEF – Ministry of Economy and Finance – Italy
    The Italian Ministry of Economy and Finance's Department of General Administration manages payroll functions for more than 1.5 million Italian public sector employees. Managing a payroll system requires accessing highly sensitive data (such as health, religious orientation, information on military missions abroad) from multiple public and private entities.

    Due to Italian privacy guidelines, some types of data may not be accessed in their original form by MEF. Instead, data must be pre-processed and encrypted by the data provider before being sent to MEF. As a result, MEF has to work with different entities to gather the required data in a secure and reserved manner. This raises cross-border confidential data propagation problems.

    The SUNFISH framework will enable MEF to create and deploy a cloud application to perform credit checks, while accommodating all the security requirements of relevant regulatory frameworks. The payroll application will interoperate with multiple data sources to collect data about employees. It will leverage the SUNFISH framework to enforce data confidentially requirements.

  • MFIN – Tax Department – Ministry of Finance – Malta
    The Taxation Departments within the Maltese Ministry of Finance requires taxpayers, employers, banks, and other data providers to submit information to the Commissioner for Revenue. These are submitted via a website or via web services. While medium-sized or large companies have IT systems to generate and submit the information, the majority of small businesses still use paper documents for this.

    Consequently, the tax authorities in Malta want to enable small businesses to submit the required information by providing affordable solutions in the form of Software-as-a-Service that help SMEs generate and submit the required information. The system will also be used to reduce the tax authorities' costs of operating the systems for collecting information from taxpayers.

    This use case will seek to advance the processing of data in an efficient and effective manner; manage a large number of data providers via the web; manage different workloads according to the tax and business cycles; ensure the confidentiality, integrity, and availability of data that is stored and processed on a public cloud infrastructure; and provide opportunities to share computing resources between public clouds and the MFIN private cloud.

    SEROCU is the regional organized crime unit for South East England (covering Kent, Sussex, Surrey, Hampshire, and Thames Valley). Besides its regional role, it also operates nationally as required to assist the National Cyber Crime Unit (NCCU) to investigate and prosecute offenders based in Europe and beyond.

    SEROCU currently needs to ensure the efficient and secure reception, supply, and storage of intelligence/data between regional units, local policing forces, and governmental departments (such as the National Crime Agency and the Government Communications Headquarters). As it stands, the storage of data is localised to each department, i.e., the data for the regional units is held separate from each other.

    Ideally, the solution resides in a federation of private clouds exactly as the one envisioned in the SUNFISH framework. This would allow SEROCU to reap the cost, usability, and connectivity benefits of the cloud, while sharing the infrastructure safely and reliably between many different government and policing agencies.