Abstract
The advent of Cloud computing has created numerous significant challenges with regard to manipulation of data and especially personal data in cases of Clouds and federated Clouds. Existing legislation currently creates constraints and boundaries in the free usage of external Cloud providers. The aim of this paper is to provide a schema definition and usage mechanism (CPDS) that includes various levels of legal information that is necessary for automating the process of Cloud provider selection and data outsourcing. Thus the aforementioned constraints may be checked in an automated and machine understandable fashion and fully harvest the potential that is created by advances in Cloud computing like dynamic federation. In this direction, legal gaps and necessary actions are identified so that the automation avoids manual and bureaucratic steps that are necessary at the moment.
Chapter PDF
References
COM 11 final. Proposal for a Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), pp. 1–2 (2012), http://ec.europa.eu/justice/data-protection/document/review2012/com_2012_11_en.pdf
OPTIMIS Project Deliverable D.7.2.1.3 “Cloud Legal Guidelines: Technical Implementation of Legal Requirements, Exploitation of the Toolkit in Use Cases and Component Licenses”, pp. 23–33
Chow, R., Golle, P., Jakobsson, M., Shi, E., Staddon, J., Masuoka, R., Molina, J.: Controlling data in the cloud: outsourcing computation without outsourcing control. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security (CCSW 2009), pp. 85–90. ACM, New York (2009)
Pearson, S., Charlesworth, A.: Accountability as a Way Forward for Privacy Protection in the Cloud. In: Jaatun, M.G., Zhao, G., Rong, C. (eds.) CloudCom. LNCS, vol. 5931, pp. 131–144. Springer, Heidelberg (2009)
Rochwerger, B., Breitgand, D., Levy, E., Galis, A., Nagin, K., Llorente, I.M., Montero, R., Wolfsthal, Y., Elmroth, E., Caceres, J., Ben-Yehuda, M., Emmerich, W., Galan, F.: The Reservoir model and architecture for open federated cloud computing. IBM Journal of Research and Development 53(4), 4:1-4:11 (2009)
Buyya, R., Ranjan, R., Calheiros, R.N.: InterCloud: Utility-oriented federation of cloud computing environments for scaling of application services. In: Hsu, C.-H., Yang, L.T., Park, J.H., Yeo, S.-S. (eds.) ICA3PP 2010, Part I. LNCS, vol. 6081, pp. 13–31. Springer, Heidelberg (2010)
Article 29 Working Party, WP 74, Transfer of Personal Data to Third Countries: Applying Article 26 (2) of the EU Data Protection Directive to Binding Corporate Rules for International Data Transfers
European Commission, Commission Decisions on the Adequacy of the Protection of Personal Data in Third Countries, http://ec.europa.eu/justice/data-protection/document/international-transfers/adequacy/index_en.htm
OPTIMIS Project Deliverable 7.2.1.1 Cloud Legal Guidelines, pp. 91–93
Kousiouris, G., Vafiadis, G., Varvarigou, T.: A Front-end Hadoop based Data Management Service for Efficient Federated Clouds. In: 2011 IEEE Third International Conference on Cloud Computing Technology and Science (CloudCom), November 29-December 1, pp. 511–516 (2011)
Ferrer, A., et al.: OPTIMIS: A holistic approach to cloud service provisioning. Future Generation Computer Systems 28(1), 66–77 (2012) ISSN 0167-739X, 10.1016/j.future.2011.05.022
Barnitzke, B., et al.: Legal Restraints and Security Requirements on Per-sonal Data and Their Technical Implementation in Clouds. In: Workshop for E-contracting for Clouds, eChallenges (2011)
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:EN:PDF
Gordon, T.F.: Analyzing open source license compatibility issues with Carneades. In: Proceedings of the 13th International Conference on Artificial Intelligence and Law (ICAIL 2011), pp. 51–55. ACM, New York (2011)
Brandtzg, E., Parastoo, M., Mosser, S.: Towards a Domain-Specic Language to Deploy Applications in the Clouds. In: Third International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2012), Nice, France, pp. 1–6 (July 2012)
Djemame, et al.: Legal issues in clouds: towards a risk inventory. Phil. Trans. R. Soc. A 371(1983), 5, 20120075 (2013) (December 10, 2012) doi:10.1098/rsta.2012.0075
Toosi, A.N., Calheiros, R.N., Thulasiram, R.K., Buyya, R.: Resource Provisioning Policies to Increase IaaS Provider’s Profit in a Federated Cloud Environment. In: 2011 IEEE 13th International Conference on High Performance Computing and Communications (HPCC), September 2-4, pp. 279–287 (2011)
Zhang, Z., Zhang, X.: A load balancing mechanism based on ant colony and complex network theory in open cloud computing federation. In: 2010 2nd International Conference on Industrial Mechatronics and Automation (ICIMA), May 30-31, vol. 2, pp. 240–243 (2010)
OASIS LegalDocumentML TC, https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=legaldocml
OASIS LegalRuleML TC, https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=legalruleml#technical
OASIS LegalXMLeContracts TC, https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=legalxml-econtracts#technical
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 International Federation for Information Processing
About this paper
Cite this paper
Kousiouris, G., Vafiadis, G., Corrales, M. (2013). A Cloud Provider Description Schema for Meeting Legal Requirements in Cloud Federation Scenarios. In: Douligeris, C., Polemi, N., Karantjias, A., Lamersdorf, W. (eds) Collaborative, Trusted and Privacy-Aware e/m-Services. I3E 2013. IFIP Advances in Information and Communication Technology, vol 399. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-37437-1_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-37437-1_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-37436-4
Online ISBN: 978-3-642-37437-1
eBook Packages: Computer ScienceComputer Science (R0)