Deliverable D3.2 is the document that describes the new security techniques designed in the scope of the CLARUS project. This document collects all the work done in task T3.2, which was about "Research on new techniques". The task started in M6, just after the task T3.1 "Characterisation of enabling technologies" finished. At the end of T3.1, we issued D3.1 [13], whose title was also "Characterisation of enabling technologies". D3.1 was an overview of available privacy-preserving and security-enabling techniques, and it was the basis of D3.2. The task T3.2 will conclude in M24, after the delivery of this document.

Moreover, this document is related to other documents from other work packages. The main references of Work package 3 are from Work package 2, which is dedicated to user and technical requirements. Namely, D3.2 takes into account the documents about the application cases (D2.1[20]), the requirements of CLARUS (D2.2 [10] and D2.3 [144]), the legal and ethical requirements (D2.4 [145]) and standardization requirements (D2.5 [149]).

The architecture of CLARUS was designed in parallel to the design of the security techniques. Therefore, the documents about its architecture (D4.1 [146] and D4.2 [21]), standardisation and interoperability (D4.3 [147]) and security as a service (D4.4 [148]) were written in accordance to D3.2.

D3.2 is also a reference for the CLARUS implementation, which is carried out in Work package 5, and CLARUS testing, which is carried out in Work package 6.

Since the research contributions reported in this document are very different, we divided the contributions according to the research field. The main parts of the document are:

  1. Cryptographic encryption schemes

  2. Data anonymization tools

  3. Data splitting

  4. Defensive tools

  5. Secure virtualisation and execution

The first three sections cover the CLARUS techniques for storing and protecting data, and the techniques for computing on this data and processing data. They cover the research on data encryption, data anonymization, and data splitting developed in the context of the CLARUS project.