This document is an updated version of the CLARUS functional and technical requirements deliverable. Because the first version was elaborated early in the project, there was the need for a second version that takes into consideration the intermediate project results achieved in the other work packages, e.g. research on new security techniques, architecture considerations and implementation choices. Actually some requirements were no longer applicable while some others needed to be added, and yet others modified. Moreover, this deliverable considers the project reviewers’ comments regarding the need for specifying CLARUS developers’ requirements.

As described in the first version of this document, CLARUS can be viewed as a proxy running on trusted local premises transparently for the end-user (and, in some cases, as a software to be integrated in the cloud platform).

More precisely, the CLARUS solution is :

  • an “enhanced-security solution”

  • configurable by a dedicated actor (embodied by the IT security manager of the organization

  • considered),

  • able to support multi usage scenarios for outsourcing data to the cloud,

  • able to define security policies according to data usage and data attributes regarding

  • confidentiality and privacy,

  •  encompassing monitoring functionalities, able to face potential intrusion attempt in an

  • ‘Attack Tolerant System’ mode, which delivers appropriated counter-measures, depending on

  • the intrusion type encountered,

  • easy to integrate within the IT system of an organization, including access control

  • management capabilities.