Holiday photos or business databases – using a cloud service means to trust the provider. This is easier when the provider’s security measures are certified. The market of cloud service providers and certifications, however, is vast and unmanageable. The AUDITOR research project coordinated by Karlsruhe Institute of Technology (KIT) will provide clarity: The project partners design a data protection certification of cloud services for Europe-wide use in accordance with the new EU General Data Protection Regulation (GDPR).
Holiday photos or business databases – using a cloud service means to trust the provider. This is easier when the provider’s security measures are certified. The market of cloud service providers and certifications, however, is vast and unmanageable. The AUDITOR research project coordinated by Karlsruhe Institute of Technology (KIT) will provide clarity: The project partners design a data protection certification of cloud services for Europe-wide use in accordance with the new EU General Data Protection Regulation (GDPR).
Group photo of the kick-off meeting of the AUDITOR project in Karlsruhe. (Photo: KIT)
To reach the objective of a standardized certification, more than 25 partners of industry and science cooperate under the project funded with EUR 1.7 million by the Federal Ministry for Economic Affairs and Energy (BMWi). Among these partners are the German Federal Office for Information Security, Microsoft Deutschland, SAP, and TÜV.
First, scientists will develop a catalog of criteria for a certification according to GDPR. These criteria are to be standardized to form the basis of a DIN-SPEC (a preliminary DIN standard). It will serve as a basis of a European standard and the development of an EU-wide acknowledged data protection certification scheme.
Then, the project partners will develop a concept for using this certification scheme and will focus in particular on organizational structures and processes for certification. For this, modular certification and auditing processes will be specified and business models will be analyzed for the process.
In the course of the project of two years’ duration, the developed certification process and the catalog of criteria are planned to be tested and validated in practice.
More about the KIT Information · Systems · Technologies Center: http://www.kcist.kit.edu
In close partnership with society, KIT develops solutions for urgent challenges – from climate change, energy transition and sustainable use of natural resources to artificial intelligence, sovereignty and an aging population. As The University in the Helmholtz Association, KIT unites scientific excellence from insight to application-driven research under one roof – and is thus in a unique position to drive this transformation. As a University of Excellence, KIT offers its more than 10,000 employees and 22,800 students outstanding opportunities to shape a sustainable and resilient future. KIT – Science for Impact.