HOME > Communication Materials > 2023-10 Newsletter
October 2023 Newsletter
WELCOME TO A NEW EDITION OF MEDINA NEWSLETTER !!!
October 2023
This newsletter is a publication of the MEDINA Project, and aims to provide information on the project’s activities and to showcase the project’s achievements.
The main objective of the Horizon 2020 MEDINA project is to provide access to secure, real-time certified cloud computing. In the future, the MEDINA framework that has been developed by the European project partners strife for enabling continuous certification through a series of efficient tools. Certification is based on the European Cybersecurity Certification Scheme for Cloud Services (EUCS), which has been addressed in the project by means of uniform “assessment rules” – measures, metrics, and measurement procedures. With continuous audits, we can ensure better overall security than with point-in-time audits. +info
The outputs of the MEDINA project, which ends in October 2023, include a set of automated metrics-based tools and techniques that support continuous compliance monitoring, seamless audit trail of evidence with traceability and tamper protection, and risk-based management of certification status. Use of the MEDINA framework results in more efficient and effective audits, with less manual effort needed to find and assess relevant evidence, while improving the trustworthiness of the certification process.
The MEDINA framework has been validated in two real-world cloud use cases developed in the project, namely “European Certification of Multi-cloud backends for IoT Solutions” led by Bosch, and “Continuous Audit of SaaS Solutions for the Public Sector” led by Fabasoft. +info
Leveraging automation, ensuring compliance, enhancing trust.
MEDINA Project
WELCOME TO A NEW EDITION OF MEDINA NEWSLETTER !!!
October 2023
This newsletter is a publication of the MEDINA Project, and aims to provide information on the project’s activities and to showcase the project’s achievements.
The main objective of the Horizon 2020 MEDINA project is to provide access to secure, real-time certified cloud computing. In the future, the MEDINA framework that has been developed by the European project partners strife for enabling continuous certification through a series of efficient tools. Certification is based on the European Cybersecurity Certification Scheme for Cloud Services (EUCS), which has been addressed in the project by means of uniform “assessment rules” – measures, metrics, and measurement procedures. With continuous audits, we can ensure better overall security than with point-in-time audits. +info
The outputs of the MEDINA project, which ends in October 2023, include a set of automated metrics-based tools and techniques that support continuous compliance monitoring, seamless audit trail of evidence with traceability and tamper protection, and risk-based management of certification status. Use of the MEDINA framework results in more efficient and effective audits, with less manual effort needed to find and assess relevant evidence, while improving the trustworthiness of the certification process.
The MEDINA framework has been validated in two real-world cloud use cases developed in the project, namely “European Certification of Multi-cloud backends for IoT Solutions” led by Bosch, and “Continuous Audit of SaaS Solutions for the Public Sector” led by Fabasoft. +info
Leveraging automation, ensuring compliance, enhancing trust.
MEDINA Project
Certification & Standardization
Final release of the MEDINA framework. A third version of the MEDINA integrated solution with increased functionalities, compared to the second prototype in M27, has been released in M33 (July 2023). +info
The role of standardization in MEDINA (part II – Final). It has been almost 18 months since we wrote our initial blogpost on the topic of standardization in MEDINA, and after 3 years of successfully performing those activities it is time to provide a summary of our achievements.+info
Securing the Cloud: A Look into EUCS and the MEDINA Project. This blogpost investigates three aspects of cloud security: an overview of cloud security in general, the European Union Cloud Security Certification (EUCS), and the MEDINA Project. This article helps organizations to familiarize themselves with the future cloud security and certification landscape within the European Union. +info
Trustworthy evidence and assessment results for auditors.The MEDINA Evidence Trustworthiness Management System, provides a secure mechanism for MEDINA to maintain an audit trail of evidence and assessment results. It is implemented in Smart Contracts backboned by a common Blockchain network for several MEDINA instances, +info
Meetings
Final Expert Stakeholder Group Meeting. A new edition of MEDINA’s Expert Stakeholder Group online meeting took place on 9 October 2023, with the goal of presenting our approach to a couple of interesting aspects of the project, namely the Catalogue of Metrics and Controls, and MEDINA’s Standardization Roadmap. +info
Final MEDINA GA in Pisa (Itaty). MEDINA consortium joined in Pisa during the final General Assembly on 24 and 25 October 2023, organized by CNR. We met together to finalise the last deliverables and activities that bring the project to a successful conclusion. +info
Publications
Four MEDINA public deliverables have been released in July & October 2023: D5.5, D7.5, D7.9, D7.10, +info
Four whitepapers have been published:
- “EUROSCAL – Paving the Road Towards Automated Cybersecurity Certification in Europe”. Open access version
- “The MEDINA Controlled Natural Language”. Open access version
- “Metric Recommender System and the use of Natural Language Processing”. Open access version
- “Continuous Life-Cycle Management of Cloud Security Certifications”. Open access version
A new BSc thesis has been produced in the context of the MEDINA project:
- “Analyse und Vergleich von Compliance-Werkzeugen in Multi-Cloud-Umgebungen”. +info
Dissemination, Training and Networking
MEDINA contributes to new approaches and open-source developments relevant for the IPCEI-CIS and the European Alliance for Industrial Data, Edge and Cloud. On October 5th-6th MEDINA team members participated in the NexusForum2023 summit. +info
MEDINA was presented at Rethink! Cloud Security in Berlin. Our technical project manager Dr. Jesus Luna Garcia (Bosch) was invited to provide a keynote speech about MEDINA at the ReThink! Cloud Security event in Berlin on 21 September 2023. +info
i-4 Global Forum 102. The International Information Integrity Institute (i-4) organized the 102nd edition of their global forum in Croatia on June 26th – 28th. MEDINA was invited to provide a speech on EUCS and our approach to provide automation to the underlying certification process. This event was selected by the consortium to kick-off the EUROSCAL initiative. +info
MEDINA Training Courses. MEDINA has created four online audience-oriented courses that provide training on topics related to the project. The content of each course has been tailored to the needs of a each role role defined in the project. Each course comprises a set of videos that have been uploaded to the MEDINA YouTube channel. +info
Networking of MEDINA with three Horizon 2020 projects:
- Towards secure and trustworthy European Cloud Marketplace: MEDINA and DOME symbiosis. +info
- Enabling 360 Cloud security compliance: From Security certification to Secure DevOps through MEDINA and PIACERE H2020 projects. +info
- Security and Certification Compliance of IOT to CLOUD Infrastructure: The complementarity of approaches between EU Projects MEDINA and FISHY. +info
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No: 952633.
Latest Tweets
Contact us
Parque Tecnológico de Bizkaia, C/ Geldo. Edificio 700. E-48160 Derio (Bizkaia)
+(34) 946.430.850
Follow Us
© 2023 TECNALIA. All rights reserved.
Parque Científico y Tecnológico de Bizkaia – C/ Geldo. Edificio 700. E-48160 Derio (Bizkaia). Tel.: (+34) 946.430.850