RT Journal Article
T1 Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems
A1 Rios Velasco, Erkuden
A1 Iturbe, Eider
A1 Larrucea, Xabier
A1 Rak, Massimiliano
A1 Mallouli, Wissam
A1 Dominiak, Jacek
A1 Muntes, Victor
A1 Matthews, Peter
A1 Gonzalez Moctezuma, Luis
A1 Gonzalez, Luis
AB Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any) and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.
SN 1751-8806
YR 2019
FD 2019-06-01
LA eng
NO Rios Velasco , E , Iturbe , E , Larrucea , X , Rak , M , Mallouli , W , Dominiak , J , Muntes , V , Matthews , P , Gonzalez Moctezuma , L & Gonzalez , L 2019 , ' Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems ' , IET Software , vol. unknown , no. 3 , pp. 213-222 . https://doi.org/10.1049/iet-sen.2018.5293
NO Publisher Copyright: © 2019 The Institution of Engineering and Technology.
DS TECNALIA Publications
RD 23 jul 2024