SUPERCLOUD · Project

Secure Multi-Cloud Management That Lets You Control Your Own Data Protection Rules

digitalTestedTRL 5

Imagine you store sensitive data across several cloud providers — Amazon, Google, a local European one — and each has different security rules you can't control. It's like renting storage units from different companies but having no say in who gets a copy of your keys. SUPERCLOUD built a system that sits on top of all your clouds and lets you set one unified security policy that applies everywhere, automatically. They proved it works with real hospital systems handling medical images and lab data.

By the numbers

EUR 5,398,280

EU funding for multi-cloud security R&D

consortium partners across 6 countries

total deliverables produced

demo/prototype deliverables

50%

industry participation ratio in consortium

The business problem

What needed solving

Companies increasingly spread their data and applications across multiple cloud providers, but each provider has its own security rules and tools — creating dangerous blind spots and compliance headaches. There is no easy way to enforce a single, consistent security policy across all your clouds, leaving gaps that attackers can exploit. This problem is especially acute in regulated industries like healthcare and finance where data protection failures carry severe penalties.

The solution

What was built

The project built a multi-cloud security management architecture based on open-source hypervisor technology, including: a secure computation infrastructure with hardware-enabled trust verification for virtual machines, a proof-of-concept data management prototype, and a consolidated security management system — all integrated into a final demonstrator validated with real healthcare use cases (medical imaging platform and laboratory information system). A total of 21 deliverables were produced including 4 demo prototypes.

Audience

Who needs this

Hospital groups and health IT companies managing patient data across multiple cloudsManaged security service providers (MSSPs) offering multi-cloud protectionBanks and insurers needing consistent security policies across cloud providersCloud-native software companies with multi-cloud deployment strategiesGovernment IT departments migrating services to multi-cloud setups

Business applications

Who can put this to work

Healthcare IT

enterprise

Target: Hospital groups and health IT providers running clinical systems across multiple clouds

If you are a hospital network or health IT provider struggling to keep patient data secure across multiple cloud environments — this project developed a self-managing security layer tested with real medical imaging platforms and laboratory information systems. It lets you define one set of protection rules that apply automatically across all your cloud providers, reducing the risk of compliance gaps. The solution was validated in healthcare testbed scenarios with 12 consortium partners across 6 countries.

Managed Cloud Services

mid-size

Target: Cloud service providers and managed security service providers (MSSPs)

If you are a cloud service provider or MSSP dealing with customers who use multiple cloud platforms and demand consistent security guarantees — this project built an architecture that automates security policy enforcement across compute, storage, and network layers from different providers. The open-source-based approach avoids vendor lock-in and was developed by a consortium with 50% industry participation. It could become a differentiating feature in your multi-cloud management offering.

Financial Services IT

enterprise

Target: Banks and insurance companies with multi-cloud infrastructure

If you are a financial institution running workloads across multiple cloud providers and facing regulatory pressure to prove end-to-end data protection — this project created trust models and security mechanisms that compose security guarantees across different provider domains. The system uses hardware-enabled security to verify that your virtual machines are running in trusted environments. With EUR 5,398,280 in EU funding and 21 deliverables produced, the technology was extensively developed and tested.

Frequently asked

Quick answers

What would it cost to implement this multi-cloud security solution?

The project received EUR 5,398,280 in EU funding across 12 partners over 3 years, giving a sense of the R&D investment behind it. Implementation costs would depend on your cloud infrastructure size and complexity. The solution builds on open-source hypervisor technology, which could reduce licensing costs compared to proprietary alternatives.

Can this scale to enterprise-level cloud deployments?

The architecture was designed to work across multiple cloud providers and domains simultaneously, handling compute, storage, and network layers. It was tested in healthcare scenarios including distributed medical imaging platforms and full laboratory information systems. Based on available project data, enterprise-scale production deployment would require further engineering beyond the project prototypes.

What is the IP situation — can we license or use this technology?

The consortium included 6 industry partners and partners actively involved in open-source cloud technologies. The project was built on open-source hypervisor foundations. Specific licensing terms would need to be discussed with the coordinator, TECHNIKON (Austria), or relevant consortium members who developed specific components.

Does this meet current data protection regulations like GDPR?

The project was designed with data protection as a core concern, as confirmed by its EuroSciVoc classification including 'data protection' and 'cryptography.' It gives users control over their own security policies across cloud providers, which aligns with GDPR principles of data controller responsibility. However, the project ended in 2018, so compliance with newer regulations would need verification.

How long would it take to integrate this into our existing cloud setup?

The project produced 4 demo deliverables including a proof-of-concept prototype for data management and a consolidated security management infrastructure. The architecture provides integration points for computation, data management, and network security components. Based on available project data, integration timelines would depend on your specific multi-cloud setup and which components you adopt.

Does this work with our existing cloud providers (AWS, Azure, Google)?

SUPERCLOUD was designed specifically to be provider-agnostic, composing resources from diverse cloud providers without lock-in. The architecture sits on top of existing cloud infrastructure using an open-source hypervisor layer. It was built to work across heterogeneous infrastructure technologies from different providers.

Consortium

Who built it

The SUPERCLOUD consortium is well-balanced for technology transfer, with 12 partners split evenly between industry (6) and academia/research (6) across 6 European countries (Austria, Switzerland, Germany, France, Netherlands, Portugal). The 50% industry ratio signals strong commercial interest in the results. The coordinator, TECHNIKON from Austria, is an SME — one of only 2 SMEs in the consortium — which suggests a lean, business-minded project lead. Partners were actively contributing to open-source cloud technologies and major standardization bodies in cloud security, inter-cloud architectures, and SDN, which increases the chance that project results influenced real products and standards.

TECHNIKON FORSCHUNGS- UND PLANUNGSGESELLSCHAFT MBHCoordinator · AT
FCIENCIAS.ID - ASSOCIACAO PARA A INVESTIGACAO E DESENVOLVIMENTO DE CIENCIASparticipant · PT
ORANGE SAparticipant · FR
IBM RESEARCH GMBHparticipant · CH
INSTITUT MINES-TELECOMparticipant · FR
MAXDATA SOFTWARE SAparticipant · PT
FACULDADE DE CIENCIAS DA UNIVERSIDADE DE LISBOAthirdparty · PT
PHILIPS ELECTRONICS NEDERLAND BVparticipant · NL
TECHNISCHE UNIVERSITAT DARMSTADTparticipant · DE
FUNDACAO DA FACULDADE DE CIENCIAS DA UNIVERSIDADE DE LISBOA FPparticipant · PT
PHILIPS MEDICAL SYSTEMS NEDERLAND BVparticipant · NL

How to reach the team

TECHNIKON FORSCHUNGS- UND PLANUNGSGESELLSCHAFT MBH is an Austrian SME specializing in research and technology planning. Contact them through the CORDIS portal or their company website for technology licensing inquiries.

Order a report on this consortium See TECHNIKON FORSCHUNGS- UND PLANUNGSGESELLSCHAFT MBH profile →

Next steps

Talk to the team behind this work.

Want to know if SUPERCLOUD's multi-cloud security technology fits your infrastructure? SciTransfer can arrange a direct introduction to the right consortium partner for your use case.

Order a report on this topic More in Digital & ICT