This document provides a description of the requirements for the Distributed Trustworthy Data Management Platform. In the ATMOSPHERE environment, data from a number of different contexts, and even geographical locations, might coexist in the same federated cloud system. The main challenge in this regard is to provide an universal, fine-grained access control to the data in the cloud service. The platform must allow data owners to define their privacy, security, fairness, and transparency requirements, while maintaining traceability information about sensitive data and control the access to data. It must enforce that data cannot be externalized if it does not meet the data owner’s policies and the legal limitations.This requirements must be covered, while minimizing the complexity of the system and providing access control tools, ranging from a single record to whole columns and tables. Due to these challenges, the strategy we plan to adopt for enforcing privacy on the Distributed Trustworthiness Data Management Services Layer consists of creating the Atmosphere Privacy Protection Layer (APPL) , in order to intermediate all data access requests made by users or data processing services to some database management service that fits the application. With the the, APPL will be able to support different levels of granularity in which data is controlled. .Two main use cases are defined: end-to-end encryption and data access constraints based on policies.