The SFC project aims at transferring highly sensitive financial services into the cloud, and implementing a prototype of a cloud architecture for such financial services. Achieving this goal requires an interdisciplinary approach represented by SFC's subprojects:
Identifying and analyzing relevant cryptographic primitives for the use in a financial cloud is a key aspect of this subproject. Based on the analysis, existing cryptographic schemes will be adapted and new schemes will be developed to match the requirements imposed by the financial cloud.
This subproject aims at providing highly optimized hardware (e.g. FPGA) implementations of cryptographic schemes resultant from the previously described subproject. These implementations will be subject to extensive analyses of their resistance against side-channel attacks.
The financial cloud offers a highly complex infrastructure for financial services. Accordingly, special mechanisms and procedures demand high levels of security. This subproject focuses on how to specify security requirements, in particular with attribute-based cryptography in mind. Attribute-based cryptography is considered a key technology for the financial cloud. In addition to technological approaches to security, the socio-technical nature of the financial cloud requires consideration of human users, and thus, manual security processes.
The architecture for cloud infrastructure for financial services requires integration of the cloud solutions with standards and mechanisms, which have been established for decades in the financial sector. This integration is an important challenge that must be solved in order to achieve security and efficiency for the financial cloud.