Sticky policies for data control in the cloud

Author

Trabelsi, Slim ; Sendor, Jakub

Author_Institution

SAP Res., Mougins, France

fYear

2012

fDate

16-18 July 2012

Firstpage

75

Lastpage

80

Abstract

One of the main security concerns related to the cloud hosting and virtualization, is the lack of Trust in the infrastructure. This lack of trust is due to the absence of transparency concerning the data handling and storage conditions. There are no concrete technical guarantees that can convince a potential cloud customer that he is fully controlling his data. In this paper we propose a security service (called SPACE) in the cloud that provides all the tools to data owner to impose his privacy preferences during the virtualization phase. SPACE is based on the sticky policy technology and offers access and usage control functionalities to the data anywhere in the cloud. In addition to the main security features offered by SPACE, new visualization and control functionalities are proposed to make the user fully aware on the storage condition of his private information.

Keywords

authorisation; cloud computing; data handling; data privacy; trusted computing; virtualisation; SPACE; access control; cloud customer; cloud hosting; data control; data handling; data storage conditions; privacy preferences; private information; security concerns; security service; sticky policy technology; usage control; virtualization; Aerospace electronics; Authorization; Data privacy; Engines; Privacy; Cloud; Control; Privay; Sticky Policies; Trust; Visualization;

fLanguage

English

Publisher

ieee

Conference_Titel

Privacy, Security and Trust (PST), 2012 Tenth Annual International Conference on

Conference_Location

Paris

Print_ISBN

978-1-4673-2323-9

Electronic_ISBN

978-1-4673-2325-3

Type

conf

DOI

10.1109/PST.2012.6297922

Filename

6297922