D4.2. Final specification of an end-to-end secure architecture

The architectural work package of WITDOM develops a flexible end-to-end secure architecturewhich forms the basis for securing use-case applications. The description of the generic architecture for processing data in untrusted domains, presented in this report, defines each component of the architecture, their responsibilities, interfaces, security properties, and dependencies with other components.

The WITDOM architecture uses a service-orientation design paradigm (SOA), isolating applications from changes in the architecture, such as changes in implementations or locations of elements. The services provided by the components of the architecture are abstract, reusable, only loosely coupled, and can be composed with each other.

Services provided to end-users may run in trusted or untrusted domains and can range from infrastructure type services, such as data storage, to sophisticated methods that are specific to use-cases. Business-related applications are always hosted in a trusted domain, while other application functionalities are outsourced to the untrusted domain in order to benefit from better utilization of resources. Since they are located in an untrusted environment, the service providers that run those functionalities use data protected by so-called protection components.

Besides service-specific elements, the components of the architecture are composed of component of generic nature which serve as the basis for the secure functioning of the architecture, and specific protection components, which are the main features of WITDOM and serve to protect data before they are sent to untrusted domains.