Skip to main content

Helmut Leopold

Head of the Center for Digital Safety & Security, AIT Austrian Institute of Technology

Cloud and the AIT Austrian Institute of Technology. In conversation with Helmut Leopold, Head of the Center for Digital Safety & Security at the AIT Austrian Institute of Technology.

Please introduce yourself

My name is Helmut Leopold, and I am head of the Center for Digital Safety & Security at the AIT Austrian Institute of Technology.

Please describe your area of responsibility

I am responsible for developing next-generation technologies for tomorrow’s cloud services on a global scale. Our main focus is to develop solutions that increase cybersecurity and data privacy for data in the cloud.

Please describe the company you work for

The AIT Austrian Institute of Technology is a company working in applied research and technology development. The AIT is Austria’s largest research and technology organization (RTO) focusing on next-generation technologies, with a staff of over 1,300 experts.

In what ways do you deal with cloud computing in your occupation?

We have a research focus on next-generation encryption technology in general and on cloud services in particular. We have developed smart encryption solutions that maximize data privacy in the cloud and ensure that users maintain control over the use of their data.

Why do you think that cloud computing can or will play an important role for your company?

The increased complexity of our digital and globally interconnected systems requires concepts and tools that reduce the complexity of and demands on infrastructure operations on the user side. The virtualization of infrastructure services and cloud solutions is the primary driving force enabling innovation processes and reducing input requirements from service operators and users.

Have you already developed a cloud strategy describing your company’s basic path into the cloud in the coming three years? If yes, what is your strategy?

The cloud strategy of the Center for Digital Safety & Security is chiefly characterized by international cooperative research projects with multiple partners.

What cloud, if any, is already in use at your company?

Private cloud systems are used for critical data, while public cloud services are used on a project basis for non-critical data.

How do you handle the many concerns voiced in regard to the cloud? How do you achieve TRUST in CLOUD?

We create trust in cloud solutions through new agile encryption technologies. Data is encrypted so that the end-user has full control over access to the data by other cloud users and the cloud operator.

How do you ensure that your individual departments know which aspects of cloud computing are allowed or forbidden?

Cloud policies are part of the cyber security strategy of the Center for Digital Safety & Security. Since the multi-party nature of research projects means that data always have a high level of criticality, the use of cloud services is evaluated carefully for each individual project.

How do you ensure that your employees have the necessary knowledge to handle a complex sourcing arrangement like cloud computing (selection, contract, SLA management)?

Employee skills: It is vital that employees have a heightened awareness of privacy and security issues relating to critical data. The project leaders have to evaluate the legal questions pertaining to the handling of data in multi-party projects.

What qualifications do you think a new IT employee needs in order to meet future IT and specialist requirements, particularly in regard to cloud computing? What kind of people and skills are you looking for?

IT qualifications: Employees must have a comprehensive understanding of the concept of virtualization; of cloud concepts in distributed systems applications; of the fusion of cloud-based calculation results in distributed systems; of secure data communication, etc.

How to you verify the quality of a potential cloud service before putting it to use?

Verifying cloud services: There is a need for improved services in the future, especially for critical data. Real-time Quality of Service (QoS) verification is required, as are appropriate concepts for continuing operations when cloud services are lost, etc. 

Trends/developments: What general future trends in cloud computing do you expect in technical as well as organizational terms?

Two major trends will have a disruptive impact on the market:

1. There will be new solutions to protect our data in the cloud. Over the past decades, there has been an exclusive focus on encryption for data communication rather than for cloud services. In the future, data in the cloud will also be subject to agile encryption, with the user deciding on access, computation, and transfer of the data or parts of the data.

2. New real-time applications such as the digital car, autonomous driving, and the connectivity of robots and industrial systems will require new cloud architectures. Cloud services for system control and IoT management will need computational power located much closer to the end-user’s location, forming edge cloud architectures. This will significantly change the service provider landscape as well as cloud service offerings.


The intention is to motivate decision makers to examine possible solutions, build up their own know-how and conduct test runs. This way, unwarranted blockades can be broken down and an atmosphere of competent and critical discussion established. In other words: Motivating reports by trailblazers persuade other decision makers to relinquish uncritical “no-go” positions.

The ECE Stream “Trust in Cloud” introduces cloud customers and their strategies and experiences with cloud migration projects. This serves to allow other organizations to learn from these experiences. Some of the cases focus on companies at the beginning of their migration projects, while others illustrate the successes achieved and experiences made.

All TiC stories follow a strict principle in that they are not marketing stories; no advertising for any products or businesses is allowed. The essential information is the experience that others can learn from.