|Funding from Vinnova||SEK 500 000|
|Project duration||December 2017 - May 2018|
Purpose and goal
The goal of the project was to evaluate and find a way to increase security and reduce vendor lock-in for cloud databases. The cloud is increasingly being used by organisations within the EU, however there are concerns on data security and privacy when one’s data is controlled by vendors who operate outside of EU’s jurisdiction. In this project, we wanted to see how a service could make it easier for companies to move their data between different cloud vendors, and avoid vendor lock-in.
Expected results and effects
The project resulted in several microservices and a new container-based platform that would be the key ingredients in addressing the challenges around cloud security and vendor lock-in. These services were the results of different proof of concepts around how to securely access keys and passwords through an API, as well as a microservice architecture based on Docker that would make it easier to move services between different cloud vendors. An early version of the service can be found at https://ninescontrol.com/.
Planned approach and implementation
The project was planned with our three sub-goals in mind; increased security of cloud databases, management of keys or ‘secrets’ and vendor independence. During the development phase, prestudies were performed as well as concrete tests with a few users. This was to validate, and re-design as necessary, the proposed solutions. Continuous integration in a simulated production environment, and iterative development of subcomponents have helped the project create soutions that work on different clouds, without vendor lock-in.