Abstract
Cloud Computing, i. e. providing on-demand access to virtualised computing resources over the Internet, is one of the current mega-trends in IT. Today, there are already several providers offering cloud computing infrastructure (IaaS), platform (PaaS) and software (SaaS) services. Although the cloud computing paradigm promises both economical as well as technological advantages, many potential users still have reservations about using cloud services as this would mean to trust a cloud provider to correctly handle their data according to previously negotiated rules. Furthermore, the virtualisation causes a location independence of offered services which could interfere with domain specific legislative regulations. In this paper, we present an approach of putting the cloud user back into power when migrating data and services into and within the cloud. We outline our work in progress, that aims at providing a platform for developing flexible service architectures for cloud computing with special consideration of security and non-functional properties.
Chapter PDF
Similar content being viewed by others
References
Abu-Libdeh, H., Princehouse, L., Weatherspoon, H.: RACS: a case for cloud storage diversity. In: Proceedings of the 1st ACM Symposium on Cloud Computing, SoCC 2010, pp. 229–240. ACM, New York (2010), http://doi.acm.org/10.1145/1807128.1807165
Aversa, R., Avvenuti, M., Cuomo, A., Di Martino, B., Di Modica, G., Distefano, S., Puliafito, A., Rak, M., Tomarchio, O., Vecchio, A., Venticinque, S., Villano, U.: The Cloud@Home Project: Towards a New Enhanced Computing Paradigm. In: Guarracino, M.R., Vivien, F., Träff, J.L., Cannatoro, M., Danelutto, M., Hast, A., Perla, F., Knüpfer, A., Di Martino, B., Alexander, M. (eds.) Euro-Par-Workshop 2010. LNCS, vol. 6586, pp. 555–562. Springer, Heidelberg (2011)
Bonvin, N., Papaioannou, T.G., Aberer, K.: A self-organized, fault-tolerant and scalable replication scheme for cloud storage. In: Proceedings of the 1st ACM Symposium on Cloud computing (SoCC 2010), pp. 205–216. ACM, New York (2010)
Catteddu, D.: Cloud Computing – Benefits, risks and recommendations for information security. ENISA Report, ENISA (November 2009)
Catteddu, D.: Security & Resilience in Governmental Clouds – Making an informed decision. ENISA Report, ENISA (January 2011)
Cranor, L.F., Garfinkel, S.L.: Designing Secure Systems That People Can Use. O’Reilly (September 2005) ISBN 978-0-596-00827-7
England, D., Randles, M., Taleb-Bendiab, A.: Designing interaction for the cloud. In: Proceedings of the 2011 Annual Conference Extended Abstracts on Human Factors in Computing Systems, CHI EA 2011, pp. 2453–2456. ACM, New York (2011), http://doi.acm.org/10.1145/1979742.1979582
Fischer-Hübner, S., Iacono, L.L., Möller, S.: Usable Security und Privacy. Datenschutz und Datensicherheit (DuD) (11), 773 (2010)
Garfinkel, S.L.: Design principles and patterns for computer systems that are simultaneously secure and usable. Ph.D. thesis, Massachusetts Institute of Technology (2005), http://simson.net/thesis/
Grolimund, D., Meisser, L., Schmid, S., Wattenhofer, R.: Cryptree: A folder tree structure for cryptographic file systems. Technical report, Purdue University, Department of Computer Science, West Lafayette, IN, USA (2006)
He, Q., Li, Z., Zhang, X.: Study on Cloud Storage System Based on Distributed Storage Systems. In: 2010 International Conference on Computational and Information Sciences, ICCIS (December 2010)
Intel Corporation: Benefits of a Client-aware Cloud. White Paper Client-aware Cloud Computing (2011), http://partnerzones.i41.nbsp.de/_misc/download.cfm?filepath=/4/0/0/4/Benefitsofclientawarecloud.pdf&filename=Benefitsofclientawarecloud&filetype=pdf&fid=624
Information technology – Security techniques – Information security management systems – Requirements. No. 27001 in ISO/IEC Standard, International Organization for Standardization (2005)
Kamara, S., Lauter, K.: Cryptographic Cloud Storage. Tech. rep., Microsoft Research Cryptography Group (2011)
Mell, P., Grance, T.: The NIST Definition of Cloud Computing. Recommendations of the National Institute of Standards and Technology (NIST), Special Publication 800–145 (January 2011), http://csrc.nist.gov/publications/drafts/800-145/Draft-SP-800-145_cloud-definition.pdf
Mosch, M.: User-controlled data sovereignty in the Cloud. In: Proceedings of the PhD Symposium at the 9th IEEE European Conference on Web Services (ECOWS 2011), Lugano, Switzerland (September 2011)
Resch, J.K., Plank, J.S.: AONT-RS: blending security and performance in dispersed storage systems. In: 9th Usenix Conference on File and Storage Technologies FAST 2011 (February 2011)
Schnjakin, M., Meinel, C.: Plattform zur Bereitstellung sicherer und hochverfügbarer Speicherressourcen in der Cloud. In: Sicher in die digitale Welt von morgen – 12. Deutscher IT-Sicherheitskongress des BSI. SecuMedia Verlag, Bonn (2011)
Seiger, R., Groß, S., Schill, A.: SecCSIE: A Secure Cloud Storage Integrator for Enterprises. In: International Workshop on Clouds for Enterprises (C4E). Luxemburg (September 2011)
Spillner, J.: Spaceflight – A versatile live demonstrator and teaching system for advanced service-oriented technologies. In: Crimean Conference on Microwave and Telecommunication Technology (CriMiCo), Sewastopol, Ukraine (September 2011) (accepted for publication)
Wang, C., Wang, Q., Ren, K., Lou, W.: Ensuring data storage security in Cloud Computing. In: Proceedings of the 17th International Workshop on Quality of Service, Charleston, SC, USA (2009)
Whittaker, Z.: Microsoft admits patriot act can access EU-based cloud data. ZDNet iGeneration Blog (June 2011), http://www.zdnet.com/blog/igeneration/microsoft-admits-patriot-act-canb-access-eu-based-cloud-data/11225
Xu, P., Zheng, W., Wu, Y., Huang, X., Xu, C.: Enabling Cloud Storage to Support Traditional Applications. In: 5th Annual ChinaGrid Conference (2010)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Groß, S., Schill, A. (2012). Towards User Centric Data Governance and Control in the Cloud. In: Camenisch, J., Kesdogan, D. (eds) Open Problems in Network Security. iNetSec 2011. Lecture Notes in Computer Science, vol 7039. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27585-2_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-27585-2_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27584-5
Online ISBN: 978-3-642-27585-2
eBook Packages: Computer ScienceComputer Science (R0)