Complying with Data Handling Requirements in Cloud Storage Systems

  title={Complying with Data Handling Requirements in Cloud Storage Systems},
  author={Martin Henze and Roman Matzutt and Jens Hiller and Erik M{\"u}hmer and Jan Henrik Ziegeldorf and Johannes van der Giet and Klaus Wehrle},
In past years, cloud storage systems saw an enormous rise in usage. However, despite their popularity and importance as underlying infrastructure for more complex cloud services, today's cloud storage systems do not account for compliance with regulatory, organizational, or contractual data handling requirements by design. Since legislation increasingly responds to rising data protection and privacy concerns, complying with data handling requirements becomes a crucial property for cloud storage… 
Accounting for Privacy in the Cloud Computing Landscape
This dissertation is convinced that overcoming the inherent privacy challenges of cloud computing requires cooperation between the various actors in the cloud computing landscape, i.e., users, service providers, and infrastructure providers and provides technical approaches that enable each of them to account for privacy.
A Case for Integrated Data Processing in Large-Scale Cyber-Physical Systems
This paper exemplarily study a fine blanking line which can produce up to 6.2 Gbit/s worth of data to showcase the extreme requirements found in modern manufacturing and proposes integrated data processing which keeps inherently local and small-scale tasks close to the processes while at the same time centralizing tasks relying on more complex decision procedures and remote data sources.
An Overview of Fog Computing and Edge Computing Security and Privacy Issues
Some of the main security and privacy challenges that faces fog and edge computing are surveyed illustrating how these security issues could affect the work and implementation of edge and fog computing.
Cybersecurity in Power Grids: Challenges and Opportunities
This paper analyzes the communication infrastructure of power grids to derive resulting fundamental challenges ofPower grids with respect to cybersecurity, and proposes a defense-in-depth strategy that encompasses measures for device and application security, network security, physical security, as well as policies, procedures, and awareness.
Transparent End-to-End Security for Publish/Subscribe Communication in Cyber-Physical Systems
This work proposes ENTRUST, a novel solution for key server-based end-to-end security in publish/subscribe systems that transparently realizes confidentiality, integrity, and authentication for publish/ Subscribe systems without any modification of the underlying protocol.
Machine Learning Assisted PUF Calibration for Trustworthy Proof of Sensor Data in IoT
A new class of authenticated sensing protocols are presented where the beneficence of ML techniques are used to validate the authenticity and integrity of sensor data over ambient factor variations and reduces the storage complexity of the verifier.


Practical Data Compliance for Cloud Storage
This paper introduces PRADA, a practical approach to enforce data compliance in key-value based cloud storage systems by introducing a transparent data handling layer which enables clients to specify data handling requirements and provides operators with the technical means to adhere to them.
Creating optimal cloud storage systems
A novel cloud storage management system which optimally combines storage resources from multiple providers so that redundancy, security and other non-functional properties can be adjusted adequately to the needs of the storage service consumer.
Towards Data Handling Requirements-Aware Cloud Computing
This paper identifies and discusses the challenges for enabling data handling requirements awareness in the (inter-)cloud, and shows how to extend a data storage service, AppScale, and Cassandra to followData handling requirements-aware cloud computing.
Compliance-Preserving Cloud Storage Federation Based on Data-Driven Usage Control
This paper proposes a novel approach of using data-driven usage control to preserve compliance constraints in cloud storage federation and provides a brief categorization of compliance problems into spatial, temporal, and qualitative requirements.
Monitoring Personal Data Transfers in the Cloud
This paper designs a framework for automating the collection of evidence that obligations with respect to personal data handling are being carried out in what concerns personal data transfers, and experiments the approach in the Open Stack open source IaaS implementation, showing how auditors can verify whether data transfers were compliant.
Information Flow Audit for PaaS Clouds
It is demonstrated how CamFlow can be extended to provide data-centric audit logs akin to provenance metadata in a format in which analyses can easily be automated through the use of standard graph processing tools, which allows detailed understanding of the overall system.
The Cloud Needs Cross-Layer Data Handling Annotations
This paper proposes to annotate data with sensitivity information as it leaves the control boundaries of the data owner and travels through to the cloud environment to signal privacy properties across the layers of the cloud computing architecture and enables the different stakeholders to react accordingly.
CloudFilter: practical control of sensitive data propagation to the cloud
This paper suggests a practical mechanism to ensure that an enterprise maintains control of its sensitive data while employees are allowed to use cloud services and shows that CloudFilter can be applied to control data propagation to Dropbox and GSS.
A Monitoring and Audit Logging Architecture for Data Location Compliance in Federated Cloud Infrastructures
An existing federated Cloud monitoring infrastructure can be used for data location monitoring without compromising Cloud isolation and the proposed logging architecture is validated by an e-Government case study with legal data location constraints.