Overview

The overall problem that SUNFISH is trying to face is the lack of infrastructure and technology allowing Public Sector Players to federate their private clouds. To date, legislative barriers often make it difficult to use many commercial technological solutions. For example, Public Sector Entities in many EU countries cannot have system administrators resident in non-EU countries.

SUNFISH will develop and integrate software enabling secure cloud federation as required by the Public Sector. The project will achieve this by meeting the specific challenges faced by the Maltese and Italian Ministries of Finance, as well as by the UK Regional Cyber Crime Units. Solutions developed will be exploited so as to be usable by other Public, and potentially also Private Sector, Players.

THE THREE USE CASES


MEF – Ministry of Economy and Finance – Italy
Online services for managing personnel salary accounts

Context

The DAG of the Italian Ministry of Economy and Finance (MEF) is in charge of the management of payroll functions for more than 1.5 million Italian Public Sector employees. Managing a payroll system requires accessing highly sensitive data (such as health, religious orientation, information on military missions abroad) from multiple Public and Private Entities.

Users’ needs

Due to the Italian privacy framework, some types of data must not be accessed in their original form by MEF. Instead, data must be pre-processed and encrypted by the data provider before being sent to MEF. In this case, MEF has to interface with different Entities in order to gather the required data in a secure and reserved manner. This raises cross-border confidential data propagation problems.

How SUNFISH will address these needs

The SUNFISH framework will enable MEF to create and deploy a cloud application to perform credit checks while accommodating all the security requirements of relevant regulatory frameworks. The payroll application will interoperate with multiple data sources and will collect data about employees. It will leverage the SUNFISH framework to enforce data confidentially requirements.


MFIN – Tax Department – Ministry of Finance – Malta
Use of Public Cloud PaaS to host SaaS and/or to integrate with commercial SaaS solutions and MFIN own private cloud to provide data to MFIN, while ensuring data confidentiality, integrity and availability.

Context

The Taxation Departments within the Ministry of Finance requires taxpayers, employers, banks and other data providers to submit information to the Commissioner for Revenue. These are submitted via a website or via web services. Whilst medium sized or large companies have IT systems to generate and submit the information, the majority of small businesses still use the paper channel.

Users’ needs

Consequently the Tax Authorities are seeking to enable the small businesses to submit the required information by providing affordable solutions in the form of Software as a Service that help SMEs generate and submit the required information. The system will also be used to reduce the cost for the Tax Authorities to operate the systems that collect information from taxpayers.

How SUNFISH will address these needs

Processing of data in an efficient and effective manner; Manage a large number of data providers via web; Manage different workloads according to the tax and business cycles; Ensure the confidentiality, integrity and availability of data which is stored and processed on a public cloud infrastructure; Provide opportunities to share computing resources between public cloud and MFIN private cloud.


SEROCU
Secure Cloud Storage for Data

Context

SEROCU is the regional unit for the South East (covering Kent, Sussex, Surrey, Hampshire, and Thames Valley), and is a component of the South East Regional Organised Crime Unit. Besides its regional role, it also operates on a national level as required to assist the National Cyber Crime Unit (NCCU) to investigate and prosecute offenders based in Europe and those beyond European borders.

Users’ needs

There is a current need to ensure the efficient and secure reception, supply, and storage of intelligence/data between the regional units, local policing forces, and governmental departments (e.g., NCA and GCHQ). As it stands, the storage of data is localised to each department, i.e., the data for the regional units is held separate from each other.

How SUNFISH will address these needs

Ideally, the solution resides in a federation of private clouds exactly as the one envisioned in the SUNFISH framework. This would allow them to reap the cost, usability and connectivity benefits of the cloud, whilst sharing the infrastructure safely and reliably between many different Government and Policing agencies.