Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems

Rios Velasco, Erkuden; Iturbe, Eider; Larrucea, Xabier; Rak, Massimiliano; Mallouli, Wissam; Dominiak, Jacek; Muntes, Victor; Matthews, Peter; Gonzalez Moctezuma, Luis; Gonzalez, Luis

Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems

Files

IET-SEN.2018.5293-YellowMark.pdf (378.79 KB)

Identifiers

ISSN: 1751-8806

DOI: 10.1049/iet-sen.2018.5293

Publication date

2019-06-01

Authors

Rios Velasco, Erkuden

Gonzalez Moctezuma, Luis

Gonzalez, Luis

Citations

Export

Abstract

Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any) and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.

Description

Keywords

European General Data Protection Regulation , GDPR , Cloud-based systems , Privacy , Security , SLA , European General Data Protection Regulation , GDPR , Cloud-based systems , Privacy , Security , SLA , Computer Graphics and Computer-Aided Design , Project ID , info:eu-repo/grantAgreement/EC/H2020/644429/EU/MUlti-cloud Secure Applications/MUSA , info:eu-repo/grantAgreement/EC/780351/EU/Trustworthy and Smart Actuation in IoT systems/ENACT , info:eu-repo/grantAgreement/EC/H2020/644429/EU/MUlti-cloud Secure Applications/MUSA , info:eu-repo/grantAgreement/EC/780351/EU/Trustworthy and Smart Actuation in IoT systems/ENACT , Funding Info , The research leading to these results has received_x000D_ funding from the European Union’s Horizon 2020 research_x000D_ and innovation programme under grant agreement No 644429_x000D_ and No 780351, MUSA project and ENACT project,_x000D_ respectively. We would also like to acknowledge all the_x000D_ members of the MUSA Consortium and ENACT Consortium_x000D_ for their valuable help. , The research leading to these results has received_x000D_ funding from the European Union’s Horizon 2020 research_x000D_ and innovation programme under grant agreement No 644429_x000D_ and No 780351, MUSA project and ENACT project,_x000D_ respectively. We would also like to acknowledge all the_x000D_ members of the MUSA Consortium and ENACT Consortium_x000D_ for their valuable help.

Type

journal article

Citation

Rios Velasco , E , Iturbe , E , Larrucea , X , Rak , M , Mallouli , W , Dominiak , J , Muntes , V , Matthews , P , Gonzalez Moctezuma , L & Gonzalez , L 2019 , ' Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems ' , IET Software , vol. unknown , no. 3 , pp. 213-222 . https://doi.org/10.1049/iet-sen.2018.5293

Full item page