Legal Restraints and Security Requirements on Personal Data and Their Technical Implementation in Clouds

Benno Barnitzke; Wolfgang Ziegler; George Vafiadis; Srijith Nair; Marcelo Corrales Compagnucci; Oliver Wäldrich; Nikolaus Forgó; Theodora Varvarigou

Legal Restraints and Security Requirements on Personal Data and Their Technical Implementation in Clouds

Benno Barnitzke, Wolfgang Ziegler, George Vafiadis, Srijith Nair, Marcelo Corrales Compagnucci, Oliver Wäldrich, Nikolaus Forgó, Theodora Varvarigou

The Faculty of Law

Abstract

Cloud computing has emerged as the new trend in the IT industry. However, in order for the adopters of this technology to be legally compliant with regard to the handling of personal data, a series of actions must be undertaken. In this paper, we present the legal requirements that exist inside the EU with regard to transnational data transfer and storage. Based on these legal requirements, we then used the WS-Agreement standard to create corresponding SLAs. Subsequently, we extended existing and well known technologies in order to create a data management framework that is necessary from an Infrastructure Provider point of view, so that the latter can be considered as a trusted entity with regard to data management. As a result, customers and Cloud providers using the presented SLA and data management framework are able to be compliant with the legal requirements stipulated by the Data Protection Directive with regard to transnational data transfers.

Original language	English
Title of host publication	eChallenges e-2011 Conference Proceedings
Editors	Paul Cunningham, Miriam Cunningham
Place of Publication	Florence
Publication date	26 Oct 2011
ISBN (Print)	9781905824274
Publication status	Published - 26 Oct 2011

Cite this

Legal Restraints and Security Requirements on Personal Data and Their Technical Implementation in Clouds. / Barnitzke, Benno; Ziegler, Wolfgang; Vafiadis, George et al.

eChallenges e-2011 Conference Proceedings. ed. / Paul Cunningham; Miriam Cunningham. Florence, 2011.

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

@inproceedings{116fcccf977b48daa775f15eff42c759,

title = "Legal Restraints and Security Requirements on Personal Data and Their Technical Implementation in Clouds",

abstract = "Cloud computing has emerged as the new trend in the IT industry. However, in order for the adopters of this technology to be legally compliant with regard to the handling of personal data, a series of actions must be undertaken. In this paper, we present the legal requirements that exist inside the EU with regard to transnational data transfer and storage. Based on these legal requirements, we then used the WS-Agreement standard to create corresponding SLAs. Subsequently, we extended existing and well known technologies in order to create a data management framework that is necessary from an Infrastructure Provider point of view, so that the latter can be considered as a trusted entity with regard to data management. As a result, customers and Cloud providers using the presented SLA and data management framework are able to be compliant with the legal requirements stipulated by the Data Protection Directive with regard to transnational data transfers.",

author = "Benno Barnitzke and Wolfgang Ziegler and George Vafiadis and Srijith Nair and {Corrales Compagnucci}, Marcelo and Oliver W{\"a}ldrich and Nikolaus Forg{\'o} and Theodora Varvarigou",

year = "2011",

month = oct,

day = "26",

language = "English",

isbn = "9781905824274",

editor = "Paul Cunningham and Miriam Cunningham",

booktitle = "eChallenges e-2011 Conference Proceedings",

}

TY - GEN

T1 - Legal Restraints and Security Requirements on Personal Data and Their Technical Implementation in Clouds

AU - Barnitzke, Benno

AU - Ziegler, Wolfgang

AU - Vafiadis, George

AU - Nair, Srijith

AU - Corrales Compagnucci, Marcelo

AU - Wäldrich, Oliver

AU - Forgó, Nikolaus

AU - Varvarigou, Theodora

PY - 2011/10/26

Y1 - 2011/10/26

N2 - Cloud computing has emerged as the new trend in the IT industry. However, in order for the adopters of this technology to be legally compliant with regard to the handling of personal data, a series of actions must be undertaken. In this paper, we present the legal requirements that exist inside the EU with regard to transnational data transfer and storage. Based on these legal requirements, we then used the WS-Agreement standard to create corresponding SLAs. Subsequently, we extended existing and well known technologies in order to create a data management framework that is necessary from an Infrastructure Provider point of view, so that the latter can be considered as a trusted entity with regard to data management. As a result, customers and Cloud providers using the presented SLA and data management framework are able to be compliant with the legal requirements stipulated by the Data Protection Directive with regard to transnational data transfers.

AB - Cloud computing has emerged as the new trend in the IT industry. However, in order for the adopters of this technology to be legally compliant with regard to the handling of personal data, a series of actions must be undertaken. In this paper, we present the legal requirements that exist inside the EU with regard to transnational data transfer and storage. Based on these legal requirements, we then used the WS-Agreement standard to create corresponding SLAs. Subsequently, we extended existing and well known technologies in order to create a data management framework that is necessary from an Infrastructure Provider point of view, so that the latter can be considered as a trusted entity with regard to data management. As a result, customers and Cloud providers using the presented SLA and data management framework are able to be compliant with the legal requirements stipulated by the Data Protection Directive with regard to transnational data transfers.

M3 - Article in proceedings

SN - 9781905824274

BT - eChallenges e-2011 Conference Proceedings

A2 - Cunningham, Paul

A2 - Cunningham, Miriam

CY - Florence

ER -

Legal Restraints and Security Requirements on Personal Data and Their Technical Implementation in Clouds

Abstract

Fingerprint

Cite this