TRINICS
Transparent information on the individual usage of cloud services
Motivation
Thanks to unlimited resources that can be scaled according to users’ needs, cloud computing has become very successful. As a result, many new cloud-based services joined the market and traditional software applications were moved into the cloud. Providers and users of cloud services both benefit from this development. The services are often cost-effective or free of charge, they enable data access from anywhere and failsafe as well as redundant data storage. All of this supersedes a company’s own infrastructure. However, these advantages might come at a cost unknown to many users as they give up their privacy. Cloud providers often use proprietary and external cloud infrastructures, which makes it hard to identify which organizations (enterprises and foreign state authorities) can access the data in the cloud. The project "Transparent Information on the Individual Usage of Cloud Services" (TRINICS) takes on this problem.
Approach and goals
The aim of this project is to increase the transparency for cloud users, enabling them to evaluate the risks and the need for action to protect their data sufficiently. To that end, the entire Internet traffic on the users’ devices is analyzed to create detailed statistics for every application regarding the used cloud-based services. Based on the results, users receive information as to whether their private data is forwarded to cloud providers in countries with low data protection standards. Nevertheless, the question whether the individual user’s behavior is risky or safe remains unanswered. This is why the solution allows for comparing one’s own cloud user profile with that of others anonymously. Depending on the individual situation, a user’s behavior can be classified as more or less problematic, based on a comparison to groups with a similar lifestyle and sociodemographic background. Furthermore, the average cloud usage of such a group can be analyzed. Users can compare different groups to better categorize their own user behavior and make well-informed decisions about their usage of cloud services.
End users will be able to see the results of the TRINICS project with an app. Also, the data will be integrated into software products of the consortium partner Rohde & Schwarz Cybersecurity , enabling business customers to use them. This significantly increases transparent and secure usage of cloud-based services for both business and private users. Comparing themselves with other businesses and institutions, users may come to realize that German and European service providers offer relatively high data security. This is how TRINICS may contribute to people and enterprises in Germany being less concerned about cloud computing.
The main goals of the TRINICS project include:
- Analyzing and identifying cloud usage on mobile devices without impairing the user’s privacy
- Creating transparency of cloud usage by making cloud data visible
- Ensuring user acceptance via sociological surveys and compliance with data security regulations
- Comparing cloud usage of different user groups anonymously
Project organization
TRINICS is a joint research project funded by the German Federal Ministry of Education and Research (BMBF) and involves various expert partners from research and industrial fields. The BMBF is the project owner for this project. Rohde & Schwarz Cybersecurity is responsible for the project lead.
- Project management: VDI/VDE Innovation + Technik GmbH
- Consortium: RWTH Aachen University (Department of Computer Science 4 – Communication and Distributed Systems, Institute of Sociology), Rohde & Schwarz Cybersecurity
- Project duration: 01/2016–06/2018
You can find further information on this project at www.trinics.de
Results
A part of the developed result of the partner COMSYS – the TRINICS-enduser component „CloudAnalyzer“ – is available under the following links of the Android App-Store and also as open source software under GitHub: