Implementing Privacy Policies in the Cloud

The provision of a cloud service must fulfil policies to comply with requirements coming from different sources. One of the main sources is the European Data Protection Directive that sets out legal obligations for the cloud adoption and provision. Cloud providers that rely on the use of additional cloud services need to make sure that the level of protection offered by these is adequate. Implementing privacy policies in the cloud requires taking into account the privacy related practices adopted by service providers even during the procurement phase. Moving towards a transparency-based service provision approach, additional information that cloud customers need to evaluate is evidence of compliance with privacy policies that CSPs are able to provide. This paper gives an overview of the processes entailed for the implementation of privacy policies.

[1]  Eul Gyu Im,et al.  Malware analysis using visualized images and entropy graphs , 2014, International Journal of Information Security.

[2]  Fabio Martinelli,et al.  A Proposal on Enhancing XACML with Continuous Usage Control Features , 2009, CoreGRID@Euro-Par.

[3]  Siani Pearson,et al.  COAT: Cloud Offerings Advisory Tool , 2014, 2014 IEEE 6th International Conference on Cloud Computing Technology and Science.

[4]  Siani Pearson,et al.  Towards a Formalised Representation for the Technical Enforcement of Privacy Level Agreements , 2015, 2015 IEEE International Conference on Cloud Engineering.

[5]  Karin Bernsmed,et al.  A-PPL: An Accountability Policy Language , 2014, DPM/SETOP/QASA.

[6]  Ilaria Matteucci,et al.  Definition of Data Sharing Agreements - The Case of Spanish Data Protection Law , 2014, A4Cloud.

[7]  Laurent Gomez,et al.  PPL v2.0: Uniform Data Access and Usage Control on Cloud and Mobile , 2015, 2015 IEEE/ACM 1st International Workshop on TEchnical and LEgal aspects of data pRivacy and SEcurity.

[8]  Marinella Petrocchi,et al.  Engineering the Lifecycle of Data Sharing Agreements , 2015, ERCIM News.

[9]  Ilaria Matteucci,et al.  Towards safer information sharing in the cloud , 2014, International Journal of Information Security.

[10]  Siani Pearson,et al.  Sticky Policies: An Approach for Managing Privacy across Multiple Parties , 2011, Computer.