AUDITOR - European Cloud Service Data Protection Certification

The aim of the research project AUDITOR (European Cloud Service Data Protection Certification) is the conceptual design, exemplary implementation and testing of a sustainable EU-wide data protection certification of cloud services.

Certification in accordance with the EU data protection basic regulation (DSGVO) is in the interest of all parties involved:

  • The cloud customer, who may only work with those cloud providers who can provide sufficient guarantees of data protection compliance;
  • The cloud providers who can offer precisely this security with certification;
  • The certifier, for whose business area the DSGVO provides mandatory rules.

For the conception of a sustainable data protection certification, the project partners will first develop a catalogue of criteria for the certification of cloud services according to the DSGVO and strive for a corresponding standardization. In addition, suitable organisational structures and procedures for the implementation of a Europe-wide recognised data protection certification will be designed. This includes in particular the specification of modular certification and auditing processes.

Finally, in order to ensure a sustainable use and widespread distribution of AUDITOR, business models for a sustainably successful AUDITOR procedure will be investigated. The developed certification procedure and the criteria developed in the AUDITOR project and prepared for a standardization will finally be tested and validated in practice.

Partners: University of Kassel, Department of Business Informatics and System Development (consortium leader); CLOUD&HEAT Technologies GmbH; datenschutz cert GmbH; DIN-Normenausschuss Informationstechnik und Anwendungen (NIA), DIN e.V.; ecsec GmbH; EuroCloud Deutschland_eco e.V., eco - Verband der Internetwirtschaft; University of Kassel, Department of Public Law with focus on the law of technology and environmental protection

Associated partners: Federal Office for Information Security (BSI); Hornetsecurity GmbH; SCOPE Europe b.v.b.a/s.p.r.l.; Trusted Cloud e.V.; TÜV Informationstechnik GmbH; Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein; VOICE-Bundesverband der IT-Anwender e. V.

Coordinator: University of Kassel, Department of Business Informatics and Systems Development, Director of the Research Center for Information Technology Design (ITeG)
Prof. Dr. Ali Sunyaev
Phone: +49 721 608-46037
E-mail: sunyaev@kit.edu

Project duration: 2017 - 2021

Total volume: EUR 2.1 million

Funding volume: EUR 1.8 million

Website: https://www.auditor-cert.de/