SUNFISH ("SecUre iNFormatIon SHaring in federated heterogeneous private clouds") addresses the lack of infrastructure and
technology allowing Public Sector players to
federate their private clouds and at the same time
respect legislative and security barriers to using
commercial technological solutions. In particular,
SUNFISH’s “Federation-as-a-Service” approach
covers: Federation Administration; Runtime and
Offline Monitoring; Data Security Assurance; Data
SUNFISH addresses the following objectives:
- Integrate different clouds while assuring information security
- Improve infrastructure usage efficiency, thanks to more effective workload management between shared private clouds
- Develop services for EU citizens that use sensitive data shared securely between different private clouds
Who is SUNFISH designed for?
The SUNFISH platform, a solution tailored
specifically for public sector bodies and
potentially private sector players. Currently there
are three real-world use cases implemented:
The Italian Ministry of Economy and Finance (MEF)
The Italian Ministry of Economy and Finance's Department of General Administration manages payroll functions for more than 1.5 million Italian public sector employees. Managing a payroll system requires accessing highly sensitive data (such as health, religious orientation, information on military missions abroad) from multiple public and private entities.
Due to Italian privacy guidelines, some types of data may not be accessed in their original form by MEF. Instead, data must be pre-processed and encrypted by the data provider before being sent to MEF. As a result, MEF has to work with different entities to gather the required data in a secure and reserved manner. This raises cross-border confidential data propagation problems.
The SUNFISH framework will enable MEF to create and deploy a cloud application to perform credit checks, while accommodating all the security requirements of relevant regulatory frameworks. The payroll application will interoperate with multiple data sources to collect data about employees. It will leverage the SUNFISH framework to enforce data confidentially requirements.
The Maltese Ministry for Finance (MFIN)
The Taxation Departments within the Maltese Ministry of Finance requires taxpayers, employers, banks, and other data providers to submit information to the Commissioner for Revenue. These are submitted via a website or via web services. While medium-sized or large companies have IT systems to generate and submit the information, the majority of small businesses still use paper documents for this.
Consequently, the tax authorities in Malta want to enable small businesses to submit the required information by providing affordable solutions in the form of Software-as-a-Service that help SMEs generate and submit the required information. The system will also be used to reduce the tax authorities' costs of operating the systems for collecting information from taxpayers.
This use case will seek to advance the processing of data in an efficient and effective manner; manage a large number of data providers via the web; manage different workloads according to the tax and business cycles; ensure the confidentiality, integrity, and availability of data that is stored and processed on a public cloud infrastructure; and provide opportunities to share computing resources between public clouds and the MFIN private cloud.
The South East Regional Organised Crime Unit (SEROCU)
SEROCU is the regional organized crime unit for South East England (covering Kent, Sussex, Surrey, Hampshire, and Thames Valley). Besides its regional role, it also operates nationally as required to assist the National Cyber Crime Unit (NCCU) to investigate and prosecute offenders based in Europe and beyond.
SEROCU currently needs to ensure the efficient and secure reception, supply, and storage of intelligence/data between regional units, local policing forces, and governmental departments (such as the National Crime Agency and the Government Communications Headquarters). As it stands, the storage of data is localised to each department, i.e., the data for the regional units is held separate from each other.
Ideally, the solution resides in a federation of private clouds exactly as the one envisioned in the SUNFISH framework. This would allow SEROCU to reap the cost, usability, and connectivity benefits of the cloud, while sharing the infrastructure safely and reliably between many different government and policing agencies.
How will SUNFISH benefit end-users?
Nowadays, the privacy and control of information
Propagation are becoming more and more relevant
issues in the public sector. Through these new
technologies, the SUNFISH consortium aims at
improving security in federated “national”, as well
as “cross-border”, clouds. The impact of the wider
adoption of cloud federation technologies will
enable a greater infrastructure usage efficiency,
encouraging a better resource utilization of the cloud
infrastructures of the Public Administration bodies,
thanks to a more effective workload management
between shared private clouds.
During the project, a secure approach for federating
private clouds is being developed, in order to
guarantee a high level of safety for EU citizens and
businesses who benefit from Public Services. In
addition, a continuous monitoring of inter-cloud
communications will be provided, as well as the
ability to share services between different private
clouds, in a fast, flexible and secure way with reduced
management costs of IT infrastructure for Public