DOME Federated Cloud-to-Edge Marketplace Ecosystem & the MEDINA Project

Nov 24, 2023 | News

Can MEDINA’s security framework of tools add value to DOME’s cloud-to-edge federated marketplace ecosystem?

To generate trust in the services offered on the marketplace by the cloud providers, said services must be compliant with the EU regulations, codes of conduct, standards and certification schemes, before being on-boarded and while residing on the marketplace.

As part of the roll-out activities, DOME is addressing the certification of the services inside the Marketplace in accordance with the European regulatory framework, and the upcoming EU Cloud Rulebook, which provides a single European framework with relevant binding and non-binding rules for cloud service customers and providers in Europe. At certification level, DOME proposes:

A formal process to verify the compliance against reference standards,.a methodological framework supported by existing and new tools to evaluate the compliance of the cloud services when being on-boarded in DOME,
The necessary tools to automatically continuously monitor that the certificates attained are valid (e.g., by checking the ENISA’s public registry).
Tools to continuously monitor that the security requirements from the EUCS (European Cloud Security Certification), especially those of assurance level high are always being fulfilled and to support the conformity assessment of the reference standards.

In this respect, the outcomes of the MEDINA project can leverage the implementation of the certification approach in DOME, through the MEDINA framework for EUCS certification.

All the cloud services that will be included in the DOME federated marketplace ecosystem will have to warranty some security requirements before being included. MEDINA’s tools are being considered from the beginning of the project to be incorporated as a mechanism to demonstrate that any cloud service included fulfils the EUCS requirements:

As added value services for the CSPs which want to achieve the EUCS or other certification to be able to be endorsed in DOME, or to gain competitive advantage and transparency to their customers.
As the methodological and technical baseline to define the certification and security compliance approach in DOME.

MEDINA and DOME collaboration has already started and will continue applying the outcomes and lessons learnt from MEDINA towards the implementation of the DOME marketplace with secure and certified European Cloud and Edge services.

Visual representation of the elements of the MEDINA approach

MEDINA Continuous Monitoring approach for EUCS high requirements.

Take a look at the original Blog post by Juncal Alonso from TECNALIA

Go to the MEDINA Blog Post

Cookie	Domain	Expiration	Purpose	Intrusiveness level
PHPSESSID	dome-marketplace.eu/	Session	PHP session cookie associated with embedded content from this domain.	Medium

Cookie	Domain	Expiration	Purpose	Intrusiveness level
_ga	dome-marketplace.eu	2 years	Google Analytics to count and track pageviews.	Medium
_gid	dome-marketplace.eu	2 years	Used to identify individual users.This tool is used to measure site performance and usage patterns.	Medium

Cookie	Domain	Expiration	Purpose	Intrusiveness level
moove_gdrp_popup	dome-marketplace.eu	1 yeat	Used by the GDPR plugin that indicates that the site uses cookies	Medium
Mp_*_mixpanel	dome-marketplace.eu	3 months	Used to identify individual users.This tool is used to measure site performance and usage patterns.	Medium

DOME Federated Cloud-to-Edge Marketplace Ecosystem & the MEDINA Project

Can MEDINA’s security framework of tools add value to DOME’s cloud-to-edge federated marketplace ecosystem?

Take a look at the original Blog post by Juncal Alonso from TECNALIA

Related Articles

Marketplace opens today! Cloud & Edge Services you can Trust

DOME Marketplace: Cloud & Edge services you can trust

DOME Marketplace: Contributing to Europe’s Digital Network Leadership