The Cloud: Understanding the Security, Privacy and Trust Challenges

The Cloud: Understanding the Security, Privacy and Trust Challenges

The Cloud: Understanding the Security, Privacy and Trust Challenges

The Cloud: Understanding the Security, Privacy and Trust Challenges

Excerpt

The overall objective of The Cloud: Understanding the Security, Privacy and Trust Challenges is to advise on policy and other interventions which should be considered in order to ensure that European users of cloud environments are offered appropriate protections, and to underpin a world-leading European cloud ecosystem. Cloud computing is increasingly subject to interest from policymakers and regulatory authorities. The European Commission’s recent Digital Agenda highlighted a need to develop a pan-European ‘cloud strategy’ that will serve to support growth and jobs and build an innovation advantage for Europe. However, the concern is that currently a number of challenges and risks in respect of security, privacy and trust exist that may undermine the attainment of these broader policy objectives.

Our approach has been to undertake an analysis of the technological, operational and legal intricacies of cloud computing, taking into consideration the European dimension and the interests and objectives of all stakeholders (citizens, individual users, companies, cloud service providers, regulatory bodies and relevant public authorities).

This study represents an evolutionary progression in understanding the implications of cloud computing for security, privacy and trust. Starting from an overview of the challenges identified in the literature, the study builds upon real-life case study implementations of cloud computing for its analysis and subsequent policy considerations. As such, we intend to offer additional value for policymakers beyond a comprehensive understanding of the current theoretical or empirically derived evidence base.

As a first informal deliverable of this project, a draft literature review paper was prepared which formulated the study team’s common understanding of cloud computing and the associated open questions surrounding some of the important security, privacy and trust issues. This was based on the main academic, research and industry publications available.

In order to test the accuracy and completeness of this common understanding and to bring it to a more mature form, the study team participated in the SecureCloud conference in Barcelona on March 16–17 2010. During this conference, a series of interviews with key stakeholders from various domains were conducted. While these largely corroborated the validity of the draft literature review, a few additional comments and nuances were provided which had not been sufficiently recognised in the draft.

European Commission (2010a)

See (as of 20 November 2010) http://www.cloudsecurityalliance.org/sc2010.html

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.