At the core of the MEDINA project is a Modular Framework, that allows CSPs to implement and manage continuous certification of their cloud supply chain aligned to the EU CSA requirements. Because of the myriad of different cloud service delivery model as well as the different provisions on the EU CSA certification scheme, the framework itself needs to be agnostic to the actual cloud service and offer abstractions through different components. 

While MEDINA aims to provide a reference implementation of those components, it is important to note that the framework will also allow and guide a CSP to achieve continuous certification through their already established tool-chain (or a combination of both). 

Additionally, the MEDINA framework aims to support seamless transition from existing, non-continuous-based certifications, by empirically validating it with respect to the steps required in a regular audit. In the following, the individual components, or rather their role in the framework, will be detailed.   

MEDINA Framework

MEDINA Framework