Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems
Loading...
Identifiers
Publication date
2019-06-01
Advisors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any) and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.
Description
Publisher Copyright: © 2019 The Institution of Engineering and Technology.
Keywords
European General Data Protection Regulation , GDPR , Cloud-based systems , Privacy , Security , SLA , European General Data Protection Regulation , GDPR , Cloud-based systems , Privacy , Security , SLA , Computer Graphics and Computer-Aided Design , Project ID , info:eu-repo/grantAgreement/EC/H2020/644429/EU/MUlti-cloud Secure Applications/MUSA , info:eu-repo/grantAgreement/EC/780351/EU/Trustworthy and Smart Actuation in IoT systems/ENACT , info:eu-repo/grantAgreement/EC/H2020/644429/EU/MUlti-cloud Secure Applications/MUSA , info:eu-repo/grantAgreement/EC/780351/EU/Trustworthy and Smart Actuation in IoT systems/ENACT , Funding Info , The research leading to these results has received_x000D_ funding from the European Union’s Horizon 2020 research_x000D_ and innovation programme under grant agreement No 644429_x000D_ and No 780351, MUSA project and ENACT project,_x000D_ respectively. We would also like to acknowledge all the_x000D_ members of the MUSA Consortium and ENACT Consortium_x000D_ for their valuable help. , The research leading to these results has received_x000D_ funding from the European Union’s Horizon 2020 research_x000D_ and innovation programme under grant agreement No 644429_x000D_ and No 780351, MUSA project and ENACT project,_x000D_ respectively. We would also like to acknowledge all the_x000D_ members of the MUSA Consortium and ENACT Consortium_x000D_ for their valuable help.
Type
Citation
Rios Velasco , E , Iturbe , E , Larrucea , X , Rak , M , Mallouli , W , Dominiak , J , Muntes , V , Matthews , P , Gonzalez Moctezuma , L & Gonzalez , L 2019 , ' Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems ' , IET Software , vol. unknown , no. 3 , pp. 213-222 . https://doi.org/10.1049/iet-sen.2018.5293