Cloud Security and Privacy in the Light of the 2012 EU Data Protection Regulation - Cloud Computing

Information Technology Reference

In-Depth Information

4Conluon

In this paper we analyzed the existing work and conditions for an evaluation

framework to secure cloud computing in accordance to the upcoming data pro-

tection regulation by the European Commission. It is concluded that security and

privacy are the major challenge customers and providers have to deal with when

using and offering cloud computing services. Due to the proposed data protec-

tion regulation an organization deciding to use cloud computing will have to deal

with new significant and onerous obligations. Further, also the providers have to

upgrade their policies and security implementations. The described framework

will help organization as well as providers to comply with the obligations of the

upcoming EU data protection regulation. As cloud computing will win on im-

portance in the future, the proposal for a major reform of the European Union

legal framework on the protection of personal data is an important step towards

securing sensitive data in the cloud.

References

1. The NIST Definition of Cloud Computing - SP 800-145, National Institute of Stan-

dards and Technology (2011),

http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf

2. Proposal for a Regulation of the European Parliament and of the Council on the

protection of individuals with regard to the processing of personal data and on

the free movement of such data (General Data Protection Regulation), European

Commission,

http://ec.europa.eu/justice/data-protection/

document/review2012/com 2012 11 en.pdf

3. Security Guidance for Critical Areas of Focus in Cloud Computing V3.0, Cloud

Security Alliance (2011),

https://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf

4. Nimis, J., Tai, S., Baun, C., Kunzem, M.: Cloud Computing: Web-basierte dy-

namische ITServices. Springer, Heidelberg (2011)

5. Technology Research, Gartner Inc.,

http://www.gartner.com/technology/home.jsp

6. National Institute of Standards and Technology (NIST),

http://www.nist.gov/index.html

7. Cloud Security Alliance (CSA), https://cloudsecurityalliance.org/

8. Securing Europe's Information Society (ENISA), http://www.enisa.europa.eu/

9. Guidelines on Security and Privacy in Public Cloud Computing - SP 800-144,

National Institute of Standards and Technology (2011),

http://csrc.nist.gov/publications/nistpubs/800-144/SP800-144.pdf

10. Commission proposes a comprehensive reform of the data protection rules, Euro-

pean Commission,

http://ec.europa.eu/justice/newsroom/

data-protection/news/120125 en.htm

11. Australian Government (Department of Defense), Cloud Computing Security Con-

siderations, http://www.dsd.gov.au/infosec/cloudsecurity.htm

Cloud Computing

Search WWH ::

Custom Search

Home