SFC Securing the Financial Cloud

The SFC project is developing a cloud platform for networking banks, ATMs and financial services transfer terminals. For this, methods of hardware and software security are combined with approaches from cloud computing. To make the complex access structure secure, innovative encryption technologies are used. Each user is assigned an attribute that reflects his authorizations. These attributes flow into an individual key that only matches the shared files. This procedure is combined with hardware security modules. Even a direct manipulation of the physical security infrastructure of a terminal can withstand such hardware platforms. If, for example, the casing of an ATM is drilled out in order to play Trojan software by means of a USB stick, this prevents the hardware security module from checking the corresponding authorization. The cloud platform aimed at in the project should make it possible to combine the established security mechanisms of the banking infrastructure with the increased flexibility of a cloud solution.