Options
2011
Conference Paper
Titel
Legal restraints and security requirements on personal data and their technical implementation in clouds
Abstract
Cloud computing has emerged as the new trend in the IT industry. However, in order for the adopters of this technology to be legally compliant with regard to handling of personal or sensitive data, a series of actions must be undertaken. In this paper, we present the legal requirements that exist inside the EU with regard to transnational data transfer and storage. Based on these legal requirements, we use the WS-Agreement standard to create corresponding SLAs. We then extend existing and well known technologies in order to create a data management framework that is necessary from an Infrastructure Provider point of view, so that the latter can be considered as a trusted entity with regard to data management. As an outcome, customers and Cloud providers using the presented SLA and data man agement framework are able to be compliant with the legal requirements stipulated by the Data Protection Directive with regard to transnational data transfers.
Konferenz