The aim of the pilot

The aim of this pilot is to explore possible deployment scenarios for a trusted storage service for NRENs. The pilot will be built upon a federated software platform (“the cloud broker facility”) that offers the ability to easily connect different storage back-end (both private and public cloud storage back-end are supported) and store users data in a secure and privacy preserving way (thanks to the separation of storage data and metadata as well as the built-in encryption functionality) in the cloud.

The following aspects will also be explored as part of the pilot:

(i)         Longer term sustainability for a potential service;

(ii)        Legal aspects and perceived trust issues related to the storage and management of the encryption keys and metadata;

(iii)       Software scalability and performance;

Although the software already offers capabilities to test different front-end applications too, this aspect will not be fully explored during the pilot. However, requirements will be collected during the pilot lifetime and recommendations on how to further improve the front-end (end-users) functionalities will be provided.

Main technical characteristics of the pilot

The pilot will installing and operating the “cloud broker” which will be based on the open software developed by UNINETT Sigma in 2010 as part of the NEON project.

This proposed software has been built with the basic idea of separating the storage data (i.e. encrypted content) from the metadata (i.e. encryption keys, filenames, size, date, etc).

By keeping the metadata store “on premises” data confidentiality is guaranteed under the assumption that the premises are inside a “trusted domain” – e.g. TERENA.

Delivering the pilot

The technical part of the pilot will consist of installing all the components depicted in the picture above: namely a centralised cloud broker for the TERENA’s community (the green box depicted in the picture above), the web portal to access the system (front-end) and the storage back-end. The pilot will be carried out in two phases:

• Phase i - Local installation of the platform at the TERENA office. During this phase the cloud broker (the elements in the green box above) will be installed and connected to a limited storage backend offered by TERENA. A simple web portal and the necessary support for the federated access will also be developed. For this phase TERENA will sub-contract the software developer, Maarten Koopmans who will provide the necessary support for the installation. The platform will be evaluated and tested by a limited number of NRENs’ experts coordinated by TERENA.
  
  
• Phase ii - Upon successful test of Phase i, NRENs will be invited to participate in the pilot (NRENs that have already expressed their interest in participating are HEAnet, NIIF, BELNET, PSNC, and CARNet/Srce) either adding their own cloud storage back-end and/or developing new front-end applications to the cloud broker. An additional public storage back-end will also be added. During this phase it is envisage that NRENs will offer a limited number of end-users to provide feedback on the usability of the system. Although most of the user requirements will not implemented during the pilot phase, they will help shape and understand the type of service users would be looking for.

The pilot Phase ii will be operated for a 9-month period after which an evaluation will follow to assess the success of the pilot and to agree on the following steps.

There will be three deliverables produced as part of the pilot:

1. May 2012 – Pre-installation: System installation and technical documentation concerning the installation process (phase i).
2. Jan 2013 – Describe possible service models: This document will describe what service(s) can be deployed and how and will detail the service scenario recommended to phase ii and the related metrics to asses the pilot. The scenario of TERENA offering this as a (sharing) service will be considered.
3. March 2013 – Final report: Provide an evaluation of the pilot and recommendations for the next steps, based on the success of the pilot. Technical recommendations for NRENs that wish to run a local instance of the software will also be provided.

Full project description

Latest version of the full project desctiption.