SecureCloud · Project

Keep Your Cloud Data Private Even If the Cloud Provider Gets Hacked

digitalTestedTRL 5

Imagine you rent a storage locker but don't fully trust the building manager — you'd want a safe inside the locker that only you can open. SecureCloud does exactly that for cloud computing. It uses special security features built into modern processors (like a vault inside the CPU chip) so that your data stays encrypted even while being processed. Even if hackers take over the entire cloud system — the operating system, the management software, everything — your actual computations remain locked and private. They proved it works with smart grid energy data that needs to be crunched across multiple locations.

By the numbers

consortium partners across 6 countries

57%

industry ratio in the consortium

EUR 1,499,627

EU funding for development

total project deliverables produced

demonstration deliverables with working implementations

SME partners involved

The business problem

What needed solving

Companies processing sensitive data in the cloud face a fundamental trust problem: even with encryption at rest and in transit, data must be decrypted for processing — leaving it exposed to cloud providers, rogue administrators, and attackers who compromise the cloud infrastructure. This creates a compliance and security barrier that prevents many organizations from fully leveraging cloud-based big data analytics for their most sensitive workloads.

The solution

What was built

The team built a secure microservices platform that uses Intel SGX hardware extensions to protect data during processing in untrusted cloud environments. Concrete deliverables include: a working smart grid demonstrator with realistic workloads, a microservice architecture with documented APIs, secure communication and storage mechanisms, a distributed data store with privacy features, a secure map/reduce big data processing engine, and monitoring/orchestration services for high-responsiveness applications — 23 deliverables in total.

Audience

Who needs this

Cloud service providers wanting to offer confidential computing to enterprise clientsEnergy utilities running smart grid analytics across distributed infrastructureFinancial institutions processing sensitive transactions in hybrid cloud setupsHealthcare data platforms needing GDPR-compliant cloud processing of patient recordsGovernment agencies requiring secure big data analytics on third-party infrastructure

Business applications

Who can put this to work

Energy & Utilities

enterprise

Target: Smart grid operators and energy distributors

If you are a smart grid operator dealing with sensitive metering and consumption data spread across physically distributed infrastructure — this project developed a secure cloud processing platform demonstrated specifically for smart grid workloads. It protects your data during computation even when running on third-party infrastructure with untrusted administrators, using hardware-level CPU security to keep your analytics private.

Financial Services

enterprise

Target: Banks and fintech companies processing sensitive transactions

If you are a financial institution dealing with the risk of cloud-based data breaches during transaction processing — this project built a microservices architecture with hardware-enforced confidentiality that keeps data encrypted even while being computed on. With 4 industry partners validating the approach, this means you can offload big data analytics to the cloud without exposing customer financial records to the cloud provider itself.

Healthcare & Life Sciences

mid-size

Target: Hospital networks and health data platforms

If you are a healthcare data platform dealing with strict patient data regulations and the need to process medical records in the cloud — this project created secure big data processing tools that ensure confidentiality even if the cloud infrastructure is compromised. The microservices-based design lets you isolate only the sensitive processing logic inside hardware-protected enclaves while the rest of the system handles encrypted data normally.

Frequently asked

Quick answers

What would it cost to implement this secure cloud solution?

The project was funded with EUR 1,499,627 across 7 partners over 3 years (2016-2018). Implementation costs for your organization would depend on your existing cloud infrastructure. The technology relies on Intel SGX-capable processors, which are available in standard server hardware, so the main investment would be in integration and configuration rather than exotic equipment.

Can this scale to handle enterprise-level big data workloads?

Yes, the project specifically targeted big data processing. They built and demonstrated a secure map/reduce processing engine, distributed data storage with security features, and monitoring and orchestration services designed for large, high-responsive applications. The smart grid demonstrator handled realistic workloads requiring robust responsiveness.

Who owns the intellectual property and can I license this?

The consortium of 7 partners across 6 countries (CH, DE, DK, IL, IT, UK) holds the IP, coordinated by Technische Universitaet Dresden in Germany. Licensing arrangements would need to be negotiated with the consortium. Based on available project data, the 4 industry partners and 3 SMEs in the consortium may offer commercial paths to access the technology.

Does this meet current data protection regulations like GDPR?

The project was designed to ensure confidentiality, integrity and availability of cloud-processed data — principles that align directly with GDPR requirements. By reducing the trusted computing base to just the CPU hardware and excluding millions of lines of cloud stack code, it provides a strong technical guarantee for data protection during processing.

How long would it take to integrate this into our existing cloud setup?

The project delivered a complete microservice architecture with documented APIs, including 23 total deliverables and 6 demonstration components. The microservice-based design means individual secure services can be integrated incrementally rather than requiring a full system overhaul. Integration timeline would depend on your specific cloud environment and data processing needs.

Is this still maintained or was it just a research project?

SecureCloud ran from 2016 to 2018 and is now closed. The underlying technology (Intel SGX) has since become more widely available and mature. While the project itself is not actively maintained, the consortium's 4 industry partners may have continued developing commercial products based on the results.

What kind of technical support is available?

As a completed EU research project, formal support channels have ended. However, the consortium included 3 SMEs and 4 industry partners who may offer commercial support or consulting. Technische Universitaet Dresden coordinated the project and published extensive documentation across 23 deliverables.

Consortium

Who built it

The SecureCloud consortium brings together 7 partners from 6 countries (Switzerland, Germany, Denmark, Israel, Italy, UK), with a strong 57% industry ratio — 4 industry players alongside 3 universities. This is a well-balanced team: the academic side (led by TU Dresden) provides deep security research expertise, while the 3 SMEs bring market agility and commercial motivation. The geographic spread across major European tech markets plus Israel (a global cybersecurity hub) adds credibility. For a business looking to adopt this technology, the high industry participation signals that practical usability — not just academic theory — was a priority during development.

TECHNISCHE UNIVERSITAET DRESDENCoordinator · DE
CLOUDSIGMA AGparticipant · CH
IMPERIAL COLLEGE OF SCIENCE TECHNOLOGY AND MEDICINEparticipant · UK
UNIVERSITE DE NEUCHATELparticipant · CH
CHOCOLATE CLOUD APSparticipant · DK
THE ISRAEL ELECTRIC CORPORATION LIMITEDparticipant · IL

How to reach the team

Technische Universitaet Dresden, Germany — contact through university's computer science department

Order a report on this consortium See TECHNISCHE UNIVERSITAET DRESDEN profile →

Next steps

Talk to the team behind this work.

Want to connect with the SecureCloud team for licensing or integration? SciTransfer can arrange an introduction and help you evaluate fit for your infrastructure.

Order a report on this topic More in Digital & ICT