Data Flow Management and Compliance in Cloud Computing

Jatinder Singh; Julia Powles; Thomas Pasquier; Jean Bacon

doi:10.1109/MCC.2015.69

Data Flow Management and Compliance in Cloud Computing

Jatinder Singh, Julia Powles, Thomas Pasquier, Jean Bacon

Research output: Contribution to journal › Article › peer-review

32 Citations (Scopus)

Abstract

As cloud computing becomes an increasingly dominant means of providing computing resources, legal and regulatory issues associated with the cloud also become more pronounced. In particular, there is a heightened focus on ensuring the privacy and integrity of users' personal data. At present, the cloud is opaque, a black box. The technical means for enforcing and demonstrating compliance with data management practices lag behind legal and regulatory aspirations. Information flow control (IFC) enables auditable, fine-grained management as data moves throughout systems. IFC offers the potential to improve the visibility and control over data flows within and between cloud services and cloud-hosted applications. The authors use real-world legal/regulatory examples to show how IFC can help satisfy data management obligations and improve the accountability of responsible parties.

Original language	English
Pages (from-to)	24-32
Journal	IEEE Cloud Computing
Volume	2
Issue number	4
DOIs	https://doi.org/10.1109/MCC.2015.69
Publication status	Published - Jul 2015
Externally published	Yes

Access to Document

10.1109/MCC.2015.69

https://www.repository.cam.ac.uk/bitstream/handle/1810/255049/Singh_et_al-2015-IEEE_Cloud_Computing-AM.pdf?sequence=1

Cite this

@article{bc18b71e322a4d42a716fec1fa44a83c,

title = "Data Flow Management and Compliance in Cloud Computing",

abstract = "As cloud computing becomes an increasingly dominant means of providing computing resources, legal and regulatory issues associated with the cloud also become more pronounced. In particular, there is a heightened focus on ensuring the privacy and integrity of users' personal data. At present, the cloud is opaque, a black box. The technical means for enforcing and demonstrating compliance with data management practices lag behind legal and regulatory aspirations. Information flow control (IFC) enables auditable, fine-grained management as data moves throughout systems. IFC offers the potential to improve the visibility and control over data flows within and between cloud services and cloud-hosted applications. The authors use real-world legal/regulatory examples to show how IFC can help satisfy data management obligations and improve the accountability of responsible parties.",

keywords = "cloud computing, compliance, data protection, information flow control, privacy, regulatory issues, security",

author = "Jatinder Singh and Julia Powles and Thomas Pasquier and Jean Bacon",

year = "2015",

month = jul,

doi = "10.1109/MCC.2015.69",

language = "English",

volume = "2",

pages = "24--32",

journal = "IEEE Cloud Computing",

publisher = "IEEE, Institute of Electrical and Electronics Engineers",

number = "4",

}

TY - JOUR

T1 - Data Flow Management and Compliance in Cloud Computing

AU - Singh, Jatinder

AU - Powles, Julia

AU - Pasquier, Thomas

AU - Bacon, Jean

PY - 2015/7

Y1 - 2015/7

N2 - As cloud computing becomes an increasingly dominant means of providing computing resources, legal and regulatory issues associated with the cloud also become more pronounced. In particular, there is a heightened focus on ensuring the privacy and integrity of users' personal data. At present, the cloud is opaque, a black box. The technical means for enforcing and demonstrating compliance with data management practices lag behind legal and regulatory aspirations. Information flow control (IFC) enables auditable, fine-grained management as data moves throughout systems. IFC offers the potential to improve the visibility and control over data flows within and between cloud services and cloud-hosted applications. The authors use real-world legal/regulatory examples to show how IFC can help satisfy data management obligations and improve the accountability of responsible parties.

AB - As cloud computing becomes an increasingly dominant means of providing computing resources, legal and regulatory issues associated with the cloud also become more pronounced. In particular, there is a heightened focus on ensuring the privacy and integrity of users' personal data. At present, the cloud is opaque, a black box. The technical means for enforcing and demonstrating compliance with data management practices lag behind legal and regulatory aspirations. Information flow control (IFC) enables auditable, fine-grained management as data moves throughout systems. IFC offers the potential to improve the visibility and control over data flows within and between cloud services and cloud-hosted applications. The authors use real-world legal/regulatory examples to show how IFC can help satisfy data management obligations and improve the accountability of responsible parties.

KW - cloud computing

KW - compliance

KW - data protection

KW - information flow control

KW - privacy

KW - regulatory issues

KW - security

UR - http://www.scopus.com/inward/record.url?scp=84942417981&partnerID=8YFLogxK

U2 - 10.1109/MCC.2015.69

DO - 10.1109/MCC.2015.69

M3 - Article

AN - SCOPUS:84942417981

VL - 2

SP - 24

EP - 32

JO - IEEE Cloud Computing

JF - IEEE Cloud Computing

IS - 4

ER -

Data Flow Management and Compliance in Cloud Computing

Abstract

Access to Document

Other files and links

Fingerprint

Cite this