Trust Services: Secure move to the cloud of the eIDAS ecosystem
Pre Information Notice
Feb 22, 2022
Negotiated Procedure
Maximum budget: €55.000,00
During 2022, ENISA is continuing to provide support to implementation of cybersecurity policies in particular in the area of Electronic Identities and Trust Services framework under the eIDAS regulation. Actions in the area of Trust Services[1] include supporting the Commission and the Member States by making available security recommendations for the implementation of trust services, mapping technical and regulatory requirements and supporting relying parties and end users to secure their electronic transactions within the eIDAS framework. These actions are defined at ENISA single programming document under Activity 2, Output 2.3 [2].
As part of its effort, ENISA would like to provide guidance on the secure move to cloud for eIDAS ecosystem and the impact on the Trust Services (CSA, article 5). This project should include at least the following activities:
- Desktop research analysis
- Overview of different technology solutions on (Qualified) Trust Services on the Cloud
- Emergence of cloud based digital signatures and other trust services
- Analysis of the Risks and Threats of moving both public facing (Qualified) Trust Services and trust providers’ internal ICT infrastructure to the Cloud
- Identify the different services, risk and threats
- Security requirements for the cloud-based (Qualified) Trust Services
- Remote signing / e-Seal / e-ledger and other (Qualified) Trust Services
- Requirements for secure and seamless integration in the cloud
- Analysis of the impact on the (Qualified) Trust Services providers moving to the cloud
[1] https://www.enisa.europa.eu/topics/trust-services
[2] enisa-single-programming-document-2022-2024
If you are interested in being invited to take part in this upcoming tender procedure, then please click on the Title link above and select 'submit your interest' before the deadline, or via the eTendering link