Hanene Rahmouni Hanene4.Rahmouni@uwe.ac.uk
Associate Lecturer - CATE - CCT - UCCT0001
Risk-driven compliant access controls for clouds
Rahmouni, Hanene Boussi; Munir, Kamran; Odeh, Mohammed; McClatchey, Richard
Authors
Kamran Munir Kamran2.Munir@uwe.ac.uk
Professor in Data Science
Mohammed Odeh Mohammed.Odeh@uwe.ac.uk
Associate Professor in Software Engineering
Richard McClatchey Richard.Mcclatchey@uwe.ac.uk
Academic Specialist - CATE
Abstract
There is widespread agreement that cloud computing have proven cost cutting and agility benefits. However, security and regulatory compliance issues are continuing to challenge the wide acceptance of such technology both from social and commercial stakeholders. An important facture behind this is the fact that clouds and in particular public clouds are usually deployed and used within
broad geographical or even international domains. This implies that the exchange of private and other protected data within the cloud environment would be governed by multiple jurisdictions. These jurisdictions have a great degree of harmonisation; however, they present possible conflicts that are hard to negotiate at run time. So far, important efforts were played in order to deal with regulatory compliance management for large distributed systems. However, measurable solutions are required for the context of cloud. In this position paper, we are suggesting an approach that starts with a conceptual model of
explicit regulatory requirements for exchanging private data on a multijurisdictional environment and build on it in order to define metrics for non-compliance or, in other terms, risks to compliance. These metrics will be integrated within usual data access-control policies and will be checked at policy analysis time before a decision to allow/deny the data access is made.
| Presentation Conference Type | Conference Paper (unpublished) |
|---|---|
| Conference Name | Proceedings of the International Arab Conference on Information Technology (ACIT 2011) |
| Start Date | Dec 11, 2011 |
| End Date | Dec 14, 2011 |
| Publication Date | Dec 11, 2011 |
| Journal | arXiv |
| Peer Reviewed | Peer Reviewed |
| Keywords | cloud, privacy, data access, semantic web, requirements engineering |
| Public URL | https://uwe-repository.worktribe.com/output/956950 |
| Publisher URL | http://www.acit2k.org/ACIT/index.php?option=com_content&task=view&id=295&Itemid=476 |
| Related Public URLs | http://arxiv.org/abs/1202.5482v2 |
| Additional Information | Additional Information : Imported from arXiv Title of Conference or Conference Proceedings : Proceedings of the International Arab Conference on Information Technology, ACIT 2011 |
You might also like
Ontology-driven generation of radiation protection procedures
(2017)
Journal Article
An ontology regulating privacy oriented access controls
(2016)
Book Chapter
A model-driven privacy compliance decision support for medical data sharing in Europe
(2011)
Journal Article
Privacy compliance in European healthgrid domains: an ontology-based approach
(2009)
Journal Article
Downloadable Citations
About UWE Bristol Research Repository
Administrator e-mail: repository@uwe.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search