To content
Research Project

Next Generation Certification

(carried out at the TU Munich)

Logo des Forschungsprojekts NGCert

Context

The outsourcing of business processes and data to cloud service providers leads to increased customer demand in terms of quality, data protection and data security provided by the cloud service provider. Certificates are a proven means - not only in the IT industry - to provide customers with quick, simple, transparent and comparable information about protective measures, standards complied with and internal quality processes (e.g. EuroCloud Star Audit or "Trusted Cloud" certificate from TÜV). A certificate is the result of extensive tests carried out in an intensive collaboration between cloud service provider and certification company. The certificate, which is awarded after passing the test, is usually valid for one to three years. The high level of dynamism and rapid technological progress within the cloud service industry and the underlying technologies lead to the assumption that such certificates suggest a high level of security, although the requirements are not met, e.g., in the event of changes to the IT systems after configuration.

Benefit 

NGCert is part of the "Secure Cloud Computing" initiative of the German Federal Ministry of Education and Research (BMBF). This initiative builds on the "Trusted Cloud" technology program. The "Value4Cloud" research project funded in this program focused on the question of how cloud customers can make a suitable choice of cloud service providers for their needs. Based on defined criteria (Cloud Service Check), cloud services could be analyzed and compared to make an objective selection for the right cloud services. This catalog helps cloud customers to consider the relevant criteria when selecting cloud services. However, the cloud customer does not yet have the opportunity to verify to what extent the cloud service provider meets the selected customer requirements in terms of data quality, data protection and service quality. For this reason, NGCert's project goal is to develop principles and methods for dynamic certification. This can provide the cloud customer with the necessary transparency. In the future, the cloud customer will be able to check at any time whether the cloud service provider meets the specified requirements.

Project Objective

The aim of NGCert is to provide an accurate statement about the validity of an existing certificate. This is achieved by using dynamic processes that check continuous, (partially) automated and critical certificate requirements (based on standards such as CSA CCM, ISO 27001/27017, ISAE 3000 / ISAE3402) and monitor the current result of the check. Such dynamic certification is a process that provides continuous feedback on whether the cloud service provider meets the quality requirements of the certificate. Dynamic certification thus enables the transfer of their trust-building processes within the dynamic and rapidly changing world of cloud services.

Implementation 

The project objectives are worked through one after the other and implemented step by step in three successive iterations, each of which is divided into 8 work packages. This procedure enables a continuous comparison between practice and science and ensures the fulfillment of recognized project criteria (relevance, effectiveness, efficiency, impact and sustainability).

Work Packages

  • Further development of requirements for dynamic certification
  • Analysis of existing industry information (current audit procedures, certification requirements, preventive measures for risk minimization (CSA Cloud Control Matrix), etc., and scientific results (successes of the "Trusted Cloud" technology program)
  • Development of new methods and procedures to enable dynamic certification
  • Development of a prototype for dynamic certification
  • Continuous comparison and evaluation of practice and science

Project Results

All results of the NGCert project are summarized in the book "Management sicherer Cloud Services: Entwicklung und Evaluation dynamischer Zertifikate ". A concept for dynamic certificates to promote trust, legal security, quality and benefits of cloud services on the German market is developed. A prototype shows the exemplary use of the developed tools in practice.

Location & approach

The campus of TU Dort­mund University is located close to interstate junction Dort­mund West, where the Sauerlandlinie A 45 (Frankfurt-Dort­mund) crosses the Ruhrschnellweg B 1 / A 40. The best interstate exit to take from A 45 is "Dort­mund-Eichlinghofen" (closer to Campus Süd), and from B 1 / A 40 "Dort­mund-Dorstfeld" (closer to Campus Nord). Signs for the uni­ver­si­ty are located at both exits. Also, there is a new exit before you pass over the B 1-bridge leading into Dort­mund.

To get from Campus North to Campus South by car, there is the connection via Vogelpothsweg/Baroper Straße. We recommend you leave your car on one of the parking lots at Campus North and use the H-Bahn (suspended monorail system), which conveniently connects the two campuses.

TU Dort­mund University has its own train station ("Dort­mund Uni­ver­si­tät"). From there, suburban trains (S-Bahn) leave for Dort­mund main station ("Dort­mund Hauptbahnhof") and Düsseldorf main station via the "Düsseldorf Airport Train Station" (take S-Bahn number 1, which leaves every 20 or 30 minutes). The uni­ver­si­ty is easily reached from Bochum, Essen, Mülheim an der Ruhr and Duisburg.

You can also take the bus or subway train from Dort­mund city to the uni­ver­si­ty: From Dort­mund main station, you can take any train bound for the Station "Stadtgarten", usually lines U41, U45, U 47 and U49. At "Stadtgarten" you switch trains and get on line U42 towards "Hombruch". Look out for the Station "An der Palmweide". From the bus stop just across the road, busses bound for TU Dort­mund University leave every ten minutes (445, 447 and 462). Another option is to take the subway routes U41, U45, U47 and U49 from Dort­mund main station to the stop "Dort­mund Kampstraße". From there, take U43 or U44 to the stop "Dort­mund Wittener Straße". Switch to bus line 447 and get off at "Dort­mund Uni­ver­si­tät S".

The H-Bahn is one of the hallmarks of TU Dort­mund University. There are two stations on Campus Nord. One ("Dort­mund Uni­ver­si­tät S") is directly located at the suburban train stop, which connects the uni­ver­si­ty directly with the city of Dort­mund and the rest of the Ruhr Area. Also from this station, there are connections to the "Technologiepark" and (via Campus Süd) Eichlinghofen. The other station is located at the dining hall at Campus Nord and offers a direct connection to Campus Süd every five minutes.

The AirportExpress is a fast and convenient means of transport from Dort­mund Airport (DTM) to Dort­mund Central Station, taking you there in little more than 20 minutes. From Dort­mund Central Station, you can continue to the university campus by interurban railway (S-Bahn). A larger range of in­ter­na­tio­nal flight connections is offered at Düsseldorf Airport (DUS), which is about 60 kilometres away and can be directly reached by S-Bahn from the university station.

The departments of TU Dort­mund University are spread over two campuses, the larger Campus North and the smaller Campus South. Additionally, some areas of the university are located in the adjacent "Technologiepark".

Street navigation from and to the TU Dortmund University:

OpenStreetMap Routing Machine

The document and the graphic represent the motorways and federal highways around the TU Dortmund University in a very simplified way:

Environment map (PDF)

Environment map (graphic)

This interactive map helps you find and navigate between facilities and buildings on campus:

Interactive campus map

This document contains a simple campus map in German and English:

Campus map (PDF)