Abstract
This chapter presents an SLA brokering framework that includes innovative risk-aware assessment techniques which facilitate the clarification of database and “ownership” rights of data and evaluate the probability of SLA failure. It uses the web service agreement specification (WS-Agreement) as a template and extends prior work on risk metrics from the OPTIMIS project to facilitate SLA creation between service consumers and providers within typical cloud brokerage scenarios. However, since the WS-Agreement allows for an automated mechanism between only two parties and does not cover the use of an intermediary within the agreement process, I use the specific work carried out in the AssessGrid project that includes a brokerage mechanism and pays considerable attention to addressing a risk assessment.
“Life, risk and technology are getting more intimate than ever…” (Ciborra 2007, p. 27).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The work of Claudio Ciborra, see Gutwirth and Hildebrandt (2010, p. 33).
- 2.
See, generally, Ciborra (2005).
- 3.
For details about artificial intelligence (AI) and expert systems, see Jackson (1998).
- 4.
Ciborra (2007, p. 27).
- 5.
For details about the evolution of grid infrastructure technologies, see Jones and Bird (2013, pp. 160) et seq.
- 6.
Kasemsap and Sunandha (2015, p. 33).
- 7.
Teng and Magoules (2010, p. 126).
- 8.
Shantz (2005, p. 511).
- 9.
Ciborra (2009, p. 78).
- 10.
Drissi et al. (2013, p. 143).
- 11.
See Gourlay et al. (2008, pp. 437–443).
- 12.
See Andrieux et al. (2007), Gourlay et al. (2008, p. 438). More specifically, for negotiating and creating SLAs, I use the WSAG4 J framework developed at Fraunhofer Institute SCAI. The WSAG4 J is a tool that helps to create and manage SLAs in distributed systems and has been fully implemented as part of the Open Grid Forum (OGF) WS-Agreement standard.
- 13.
The Advanced Risk Assessment and Management for Trustable Grids project (AssessGrid), was founded by the EU Commission under the FP6 IST framework (contract no. 031772).
- 14.
Djemame et al. (2011a, p. 1558).
- 15.
See Kirkham et al. (2012a, p. 1063).
- 16.
Mahmood (2014) (ed).
- 17.
Non-functional requirements present a systematic approach that provides quality to the software system. They define the criteria used in the system operation, which is specified in the system architecture . For a comprehensive explanation of non-functional requirements. See, generally, Chung et al. (2000), Chung and Sampaio do Prado Leite (2009).
- 18.
Li and Singh (2014, p. 670).
- 19.
For this definition, see American Heritage Dictionary.
- 20.
Garner (2014, p. 1524).
- 21.
See Gourlay et al. (2009, p. 36).
- 22.
Plain English ISO 31000:2018, Risk Management Dictionary [online]. Available at:
http://www.praxiom.com/iso-31000-terms.htm. Accessed May 10 2019.
- 23.
Garner (2014, p. 1525) (ed).
- 24.
Sangrasi et al. (2012, pp. 445–452).
- 25.
See Nwankwo (2014).
- 26.
See ISO 31000:2009 risk management standard sets out the principles and guidelines on risk management that can be applied to any type of risk in any field of industry or sector [online]. Available at: https://www.iso.org/obp/ui/#iso:std:43170:en. Accessed May10 2019.
- 27.
See, generally, Lund et al. (2011).
- 28.
For details, see also the 2007 OCTAVE Allegro version. See Caralli (2007).
- 29.
See, generally, Lund et al. (2011).
- 30.
Cattedu and Hogben (2009) (eds).
- 31.
ISO 22307:2008 is a privacy impact assessment for financial services and banking management tools. It recognizes the importance to mitigate risks associated to consumer data utilizing automated and networked systems [online]. Available at: https://www.iso.org/standard/40897.html. Accessed May 10 2019.
- 32.
- 33.
ISO/IEC WD 29134 PIA methodology [online]. Available at: https://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=62289. Accessed May 10 2019.
- 34.
ISO/IEC 29101:2013 Information Technology —Security Techniques—Privacy Architecture Framework [online]. Available at: https://www.iso.org/standard/45124.html. Accessed May 10 2019.
- 35.
ISO/IEC NP 19086–4 (2019) Information Technology—Cloud Computing —Service Level Agreement (SLA) framework and technology—Part 4 Security and Privacy [online]. Available at: https://www.iso.org/standard/68242.html. Accessed May 10 2019.
- 36.
ENISA has played a crucial role in providing stakeholders an overview of the main risks involved in cloud computing . See Cattedu and Hogben (2009).
- 37.
Djemame et al. (2011b, p. 119).
- 38.
Kirkham et al. (2013, p. 7).
- 39.
Djemame et al. (2011b, p. 119).
- 40.
Djemame et al. (2011b, p. 119).
- 41.
Djemame et al. (2011b, p. 119).
- 42.
Djemame et al. (2011b, p. 119).
- 43.
Khan et al. (2012, p. 122).
- 44.
Djemame et al. (2013, p. 3).
- 45.
Khan et al. (2012, p. 122).
- 46.
Khan et al. (2012, p. 122).
- 47.
Khan et al. (2012, p. 122).
- 48.
Khan et al. (2012, p. 122).
- 49.
Khan et al. (2012, p. 122).
- 50.
See Vraalsen et al. (2005, pp. 45–60).
- 51.
- 52.
Susskind (1998, p. 290). According to Susskind: “While legal problem solving will not be eliminated in tomorrow’s legal paradigm, it will nonetheless diminish markedly in significance. The emphasis will shift towards legal risk management supported by proactive facilities, which will be available in the form of legal information services and procedures. As citizens learn to seek legal guidance more regularly and far earlier than in the past, many potential legal difficulties will be dissolved before needing to be resolved. Where legal problems of today are often symptomatic of delayed legal input, earlier consultation should result in users understanding and identifying their risks and controlling them before any questions of escalation.”
- 53.
Wahlgren (2007, p. 91).
- 54.
Burnett (2005, pp. 61–67).
- 55.
Rejas-Muslera et al. (2007, pp. 118–124).
- 56.
Bradshaw et al. (2010, pp. 31–32).
- 57.
Batre et al. (2007, p. 193).
- 58.
Draft White Paper on Legal Options for the Exchange of Data through the GEOSS Data -CORE (2011). Group on Earth Observations [online]. Available at: https://www.earthobservations.org/documents/dsp/draft_white_paper_geoss_legal_interoperability_30_october_2011.pdf. Accessed May 10 2019.
- 59.
White Paper, Mechanisms to Share Data as Part of GEOSS Data -CORE, p. 3.
- 60.
White Paper, Mechanisms to Share Data as Part of GEOSS Data -CORE, p. 3.
- 61.
White Paper, Mechanisms to Share Data as Part of GEOSS Data -CORE, p. 3.
- 62.
White Paper, Mechanisms to Share Data as Part of GEOSS Data -CORE, p. 3.
- 63.
Summary White Paper, Legal Options for the Exchange of Data through the GEOSS Data -CORE, p. 2, Data Sharing Task Force, Group on Earth Observations.
- 64.
Summary White Paper, Legal Options for the Exchange of Data through the GEOSS Data -CORE, p. 19.
- 65.
Sundara Rajan (2011, p. 286).
- 66.
DG Internal Market and Services Working Paper, First Evaluation of Directive 96/9/EC on the Legal Protection of Databases , p. 4.
- 67.
Majkic (2014), preface.
- 68.
Dean (2014, p. 10).
- 69.
Ridley (2015, p. 79).
- 70.
Ridley (2015, p. 79).
- 71.
See, generally, Sakr and Gaber (2014) (eds).
- 72.
Unstructured data is the subset of information. For example: text mining in the medical field. See Holzinger et al. (2013, p. 13).
- 73.
- 74.
Krishnan (2013, p. 5).
- 75.
Vashist (2015, p. 1).
- 76.
Lohr (2015).
- 77.
See, generally, OECD (2007) Principles and Guidelines for Access to Research Data from Public Funding [online]. Available at: http://www.oecd.org/sti/inno/38500813.pdf. Accessed May 10 2019.
- 78.
Davison (2003, p. 97).
- 79.
With the exception of Mexico, South Korea and Russia.
- 80.
See Kousiouris et al. (2013, pp. 61–72). In this work, the authors refer mainly to data protection issues, however, the same principles and ideas underlying the geographic location and data transfers may apply to database rights .
- 81.
See, generally, Jentzsch (2007, p. 27).
- 82.
See ARTIST R12 Certification Model.
- 83.
- 84.
Or in countries such as Mexico, South Korea and Russia as these countries have also database rights similar the EU Database Directive.
- 85.
See GEOSS-data Core project.
- 86.
Djemame et al. (2011a, p. 1561).
- 87.
Djemame et al. (2011a, p. 1561).
- 88.
Djemame et al. (2011a, p. 1561).
- 89.
Djemame et al. (2011a, pp. 1559–1560).
- 90.
See, generally, Stone (2005, p. 14).
- 91.
- 92.
- 93.
Djemame et al. (2011a, pp. 1559–1560).
- 94.
Djemame et al. (2011a, p. 1561).
- 95.
Djemame et al. (2011b, p. 122).
- 96.
Djemame et al. (2012, pp. 9–10).
- 97.
Djemame et al. (2012, pp. 9–10).
- 98.
Djemame et al. (2012, pp. 9–10).
- 99.
Djemame et al. (2012, pp. 9–10).
- 100.
Djemame et al. (2012, pp. 9–10).
- 101.
Djemame et al. (2012, pp. 9–10).
- 102.
In computer science and software development, rule-based systems (also known as “expert-systems”) are used to store and analyze information in useful ways that tell you what to do in different situations. They are often used as the basis for AI programing and systems to find answers to various problems. See, generally, Grosan and Abraham (2011, pp. 149–185), Toosizadeh and Farshchi (2011).
- 103.
Plug-in, add-in or add-on extensions are all synonyms for software components.
- 104.
Djemame et al. (2011b, pp. 121–122).
- 105.
Kirkham et al. (2012a, p. 1067).
- 106.
Djemame et al. (2011b, p. 125).
- 107.
See ISO 31000:2009; ISO 27000 standards; ISO Guide 73:2009.
- 108.
Cattedu and Hogben (2009).
- 109.
Summer et al. (2004, p. 6).
- 110.
Djemame et al. (2011a, p. 1570).
- 111.
Leber and Hermann (2013, p. 406).
- 112.
Djemame (2016, pp. 265–278).
- 113.
Taubenberger (2011, p. 260).
- 114.
Sharif and Basri (2011, p. 222).
- 115.
Lund et al. (2011, p. 131).
- 116.
Luiijf (2016, p. 69).
- 117.
- 118.
Beckers (2015, p. 457).
- 119.
Lund et al. (2011, p. 137).
- 120.
Lund et al. (2011, p. 137). This figure has been taken from the risk management of HAI and slightly adapted by the author.
- 121.
Lund et al. (2011, p. 137).
- 122.
Many people are already using the so-called “personal cloud” like Apple’s iCloud or Dropbox or Amazon Cloud Storage or Evernote. This also includes the employees of a company or an organization who use these applications to manage their daily work activities. See Radizeski (2012, p. 22). In this sense, a “personal cloud” system is also readily available for everyone to use it.
- 123.
This example was mentioned in Chap. 2 of this book.
- 124.
- 125.
- 126.
See, generally, Smoot and Tan (2012), introduction.
- 127.
For details of the risk model, see Djemame et al. (2011b, pp. 119–126).
- 128.
Djemame et al. (2012, pp. 11–12).
- 129.
Djemame et al. (2012, pp. 11–12).
- 130.
Djemame et al. (2012, pp. 11–12).
- 131.
- 132.
Kirkham et al. (2012b, pp. 156–160).
- 133.
Kirkham et al. (2012b, pp. 156–160).
- 134.
Kirkham et al. (2012b, pp. 156–160). The results of this risk assessment are carried out using different formulas. For example, the results of the risk calculation are ranked using the Euclidean Distance norm.
- 135.
Kirkham et al. (2012b, pp. 156–160).
- 136.
See Chap. 8 of this book.
- 137.
See Article 29 Data Protection Working Party, Working Document on Genetic Data . Adopted on March 17, 2004, pp. 1–14, [online]. Available at: https://iapp.org/media/pdf/knowledge_center/wp91_Genetic-Data_03-2004.pdf . Accessed May 10 2019.
- 138.
See Forgó et al. (2010).
- 139.
Gough and Nettleton (2010, p. 149).
- 140.
Kattan et al. (2011, p. 199).
- 141.
- 142.
For this term see ISO 27000 definitions [online]. Available at: https://www.praxiom.com/iso-27000-definitions.htm. Accessed 10 May 2019.
- 143.
Khan et al. (2012, p. 124).
References
Alhadeff J et al (2010) Requirements: privacy, governance and contractual options, pp 1–122, TAS3 Deliverable, WP6, D6.1, Version 3.0 http://cordis.europa.eu/docs/projects/cnect/7/216287/080/deliverables/002-TAS3D06p1Privacyre-quirementsv3p0.pdf. Accessed May 10, 2019
Andrieux A et al (2007) Web Services Agreement Specification (WS-Agreement), Global Forum American Heritage Dictionary https://www.ahdictionary.com/word/search.html?q=risk&submit.x=872&submit.y=. Accessed May 10, 2019
Barnatt C (2010) A brief guide to cloud computing: an essential guide to the next computing revolution. Kindle Edition, s.l, p 11
Batre D et al (2007) Gaining Users’ Trust by Publishing Failure Probabilities. Security and Privacy in Communications Networks and the Workshops, SecureComm 2007. Proceedings of the Third International Conference on Security and Privacy in Communication Networks, Nice, p 193
Beckers K (2015) Pattern and security requirements: engineering-based establishment of security standards. Springer, Cham, p 457
Bonewell D (2006) Security and privacy for data warehouses: opportunity or threat? In: Tipton H, Krause M (eds) Information security management handbook, 5th edn. Auerbach Publications, Boca Ratón, p 1178
Bradshaw S, Millard C, Waelden I (2010) Contracts for Clouds: Comparison and Analysis of the Terms and Conditions of Cloud Computing Services, Queen Mary School of Law Legal Studies Research Paper No. 63/2010, pp. 31–32 http://ssrn.com/abstract01662374. Accessed May 10, 2019
Burnett R (2005) Legal risk management for the it industry. Comput Law Secur Report 21(1):61–67
Caralli R et al (2007) Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process, Technical Report. Software Engineering Institute, Carnegie Mellon, s.l
Cattedu D, Hogben G (2009) Cloud Computing: Benefits, Risks and Recommendations for Information Security, ENISA (European Network and Information Security Agency) http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk-assessment/at_down-load/fullReport. Accessed May 10 2019
Chung L et al (2000) Non-functional requirements in software engineering. Springer, New York
Chung L, Sampaio do Prado Leite J (2009) On non-functional requirements in software engineering. In: Borgida A et al (eds) Conceptual modeling: foundations and applications, Essays in Honor of John Mylopoulos, Lecture Notes in Computer Science/Information Systems and Applications, incl. Internet/Web, and HCI (Book 5600). Springer, Berlin
Ciborra C (2005) Digital Technologies and the Duality of Risk, Centre for Analysis of Risk and Regulation. London School of Economics and Political Science, London
Ciborra C (2007) Digital technologies and risk: a critical review. In: Hanseth O, Ciborra C (eds) Risk, complexity and ICT. Edgar Elgar Publishing, Cheltenham, p 27
Ciborra C (2009) Imbrication of representations: risks and digital technologies. In: Avgerou C, Lanzara F, Willcocks L (eds) Bricolage, care and information systems: Claudio Ciborra’s legacy in information systems research. Palgrave MacMillan, New York, p 78
Corrales M (2012) Privacy risk impact assessment: a new requirement for safer clouds. Beck-Online, ZD-Aktuell, p 03036
Davison M (2003) The legal protection of databases. Cambridge University Press, Cambridge, p. 97
Dean J (2014) Big data, data mining and machine learning: value creation for business leaders and practitioners. Wiley, Hoboken, p 10
Djemame K et al (2011a) Brokering of risk-aware service level agreements in grids. Concurr Comput: Pract Exp 23(13):1558–1582
Djemame K et al (2011b) A risk assessment framework and software toolkit for cloud service ecosystems, The Second International Conference on Cloud Computing, GRIDs, and Virtualization, p 119 http://www.optimis-project.eu/content/risk-assessment-framework-and-software-toolkit-cloud-service-ecosystems. Accessed May 10, 2019
Djemame K et al (2012) Legal issues in the cloud: towards a risk inventory. Philos Trans R Soc A 371(1983)
Djemame K et al (2013) Legal issues in clouds: towards a risk inventory. Phil Trans R Soc A 371(1983) https://royalsocietypublishing.org/doi/full/10.1098/rsta.2012.0075. Accessed May 10, 2019
Djemame K (2016) A risk assessment framework for cloud computing. IEEE Trans Cloud Comput 4(3):265–278
Drissi S, Houmani H, Medromi H (2013) Survey: risk assessment for cloud computing. Int J Adv Comput Sci Appl (IJACSA) 4(12):143–148
Fellows W (2013) Cloud Brokers: Now Seeking Ready-to-Pay Customers, 451 Research https://451research.com/report-long?icid=2666. Accessed May 10, 2019
Fellows W (2014) Cloud Brokers: Making ITaaS a Practical Reality? 451 Research https://451research.com/images/Marketing/451_CloudBrokers_2014_ExecOverview.pdf. Accessed May 10, 2019
Forgó N et al (2010) Ethical and legal requirements for transnational genetic research. Beck, Munich
Garner B (ed) (2014) Black’s Law dictionary, 10th edn. Thomson Reuters, St. Paul
Gouch J, Nettleton D (2010) Managing the documentation maze: answers to questions you didn’t even know. Wiley, Hoboken, p 149
Gough J, Nettleton D (2010) Managing the documentation maze: answers to questions you didn’t even know. Wiley, Hoboken
Gourlay I et al (2008) Reliability and risk in grid resource brokering. In: Second IEEE International Conference on Digital Ecosystems and Technologies (IEEE DEST 2008)
Gourlay I, Djemame J, Padgett J (2009) Evaluating provider reliability in grid resource brokering. In: 11th IEEE international conference on high performance computing and communications, p 36 https://ieeexplore.ieee.org/document/5166974. Accessed May 10, 2019
Griffith R (2012) A short introduction to cloud computing: everything you need to know in around 1000 Words, locs. 21 and 29. Kindle Edition
Grosan C, Abraham A (2011) Ruled-Based Expert Systems. In: Grosan C, Abraham C (eds) Intelligent systems: a modern approach, intelligent systems reference library, vol 17. Springer, Berlin, pp 149–185
Grossman J, Seehusen F (2015) Combining security risk assessment and security testing based on standards. In: Seehusen F et al (eds) Risk assessment and risk-driven testing, third international workshop, RISK 2015, Berlin Germany. Springer, Cham, p 23
Gutwirth S, Hildebrandt M (2010) Some caveats on profiling. In: Gutwirth S, Poullet Y, Paul de Hert P (eds) Data Protection in a Profiled World. Springer, Dordrecht, p 33
Holzinger A et al (2013) Combining HCI, natural language processing, and knowledge discovery—potential of ibm content analytics as an assistive technology in the biomedical field. In: Holzinger A, Pasi G (eds) Human computer interaction and knowledge discovery in complex, unstructured, big data, third international workshop, HCI-KDD 2013, Maribor, Slovenia, July 2013, Proceedings. Springer, Heidelberg, p 13
Ishikawa H (2015) Social big data mining. CRC Press, Boca Ratón
Jackson P (1998) Introduction to expert systems, 3rd edn. Addison-Wesley, Harlow
Jentzsch N (2007) Financial privacy: an international comparison of credit reporting systems, 2nd edn. Springer, Berlin, p 27
Jones B, Bird I (2013) Data-intensive production grids. In: Critchlow T, Kleese van Dam K (eds) Data-intensive science. Chapman & Hall (CRC Press), Boca Ratón, pp 160 et seq
Jrad F (2014) A service broker for intercloud computing, Doctoral Thesis, Karlsruhe Institute of Technology, KIT, p 4 http://d-nb.info/1054989486/34. Accessed May 10, 2019
Kasemsap K, Sunandha S (2015) The role of cloud computing adoption in global business. In: Chang V, Walter R, Wills G (eds) Delivery and adoption of cloud computing services in contemporary organizations. Information Science Reference (IGI Global), Hershey, p 33
Kattan I, Nunu A, Saleh K (2011) A stochastic model for improving information security in supply chain systems. In: Wang J (ed) Supply chain optimization, management and integration: emerging applications. Business Science Reference, Hershey, p 199
Khan A et al (2012) Security risks and their management in cloud computing. In: 2012 IEEE 4th international conference on cloud computing technology and science, IEEE computer society, p 122 https://ieeexplore.ieee.org/document/6427574. Accessed May 10, 2019
Kirkham T et al (2012a) Assuring data privacy in cloud transformations, trust, security and privacy in computing and communications (TrustCom). In: 2012 IEEE 11th international conference on digital object identifier, pp 1063–1069 https://ieeexplore.ieee.org/iel5/6294581/6295938/06296092.pdf. Accessed May 10, 2019
Kirkham T et al (2012b) Risk based SLA management in clouds: a legal perspective, The 7th International Conference for Internet Technology and Secured Transactions, IEEE (ICITST 2012), pp 156–160 https://ieeexplore.ieee.org/document/6470934. Accessed May 10, 2019
Kirkham T et al (2013) Richer requirements for better clouds. In: 2013 IEEE international conference on cloud computing technology and science. IEEE Computer Society, p 7. https://ieeexplore.ieee.org/document/6735388?section=abstract. Accessed May 10, 2019
Kitchin R (2014) The data revolution: big data, open data. Data Infrastructures & Their Consequences. Sage Publications Ltd., Los Angeles
Kousiouris G et al (2013) A cloud provider description schema for meeting legal requirements in cloud federation scenarios. In: Douligeris et al (eds) Collaborative, Trusted and Privacy-Aware e/m-Services, 12th IFIP WG 6.11 conference on e-business, e-services, and esociety, I3E 2013, Athens, Greece, Apr 25–26 2013, Proceedings. Springer, Heidelberg
Krishnan K (2013) Data warehousing in the age of big data. Elsevier, Amsterdam, p 5
Li T, Singh M (2014) Hybrid trust framework for loss of control in cloud management. In: Jeong H et al (eds) Advances in computer science and its applications: CSA 2013. Springer, Heidelberg, p 670
Leber D, Hermann J (2013) Decision analysis methods for selecting consumer services with attribute value uncertainty. In: Lee M et al (eds) Risk assessment and evaluation of predictions. Springer, New York, p 406
Lohr S (2015) Data-ism: the revolution transforming decision making, consumer behavior, and almost everything else. HarperCollins Publishers, New York
Lund M, Solhaug B, Stolen K (2011) Model-driven risk analysis: the CORAS approach. Springer, Heidelberg, p 131 et seq
Luiijf E (2016) Threats in industrial control systems. In: Colbert E, Kott A (eds) Cybersecurity of SCADA and other industrial control systems. Springer, Cham, p 69
Mckelvey N et al (2015) Cloud computing and security in the future. In: Zhu S, Hill R. Trovati M (eds) Guide to security assurance for cloud computing. Springer, Cham, p 100
Mahmood Z (2014) (ed) Continued rise of the cloud: advances and trends in cloud computing. Springer, London
Majkic Z (2014) Big data integration theory: theory and methods of database mappings, programming languages, and semantics. Springer, Cham
Nwankwo S (2014) Developing a Risk Assessment Methodology for Data Protection, IRI Blog https://blog.iri.uni-hannover.de/index.php/2014/12/17/developing-a-risk-assessment-methodology-for-data-protection/. Accessed May 10, 2019
Pearson S, Yee G (2013) (eds) Privacy and security for cloud computing, computer communications and networks series. Springer, London
Radizeski P (2012) Sellecom 2: selling cloud services, Rad-Info, Inc. Lulu.com, p 22
Rejas-Muslera R, Cuadraro-Gallego J, Rodriguez D (2007) Defining a legal risk management strategy: process, legal risk and lifecycle. In: Abrahamsson P et al (eds) Software process improvement, vol 2007. Lecture Notes in Computer Science, Programming and Software Engineering, Proceeding of the 14th European Software Process Improvement Conference, EuroSPI 2007, Potsdam, Germany, September. Springer, Berlin, pp 118–124
Ridley E (2015) Big data and risk assessment. In: Kalyvas J, Overly M (eds) Big data: a business and legal guide. CRC Press, Boca Ratón, p 79
Rosenberg J, Mateos A (2011) The cloud at your service: the when, how, and why of enterprise cloud computing. Manning Publications Co., Greenwich, p 1
Sakr S, Gaber M (2014) (eds) Large scale and big data: processing and management. CRC Press, Boca Ratón
Sangrasi A, Djemame K, Jokhio I (2012) Aggregating Node Level Risk Assessment in Grids Using an R-out-of-N Model. In: Chowdhry B et al (eds) Emerging trends and applications in information communication technologies: second international multi topic conference, IMTIC 2012, Jamshoro, Pakistan, March 2012, proceedings, communications in computer and information science, vol 281. Springer, Heidelberg, pp 445–452
Shantz J (2005) Beyond risk and boredom: reflections on claudio ciborra and sociology. Eur J Inf Syst 14:510–514
Sharif A, Basri S (2011) Software risk assessment: a review on small and medium software projects. In: Zain J, Mohd W, El-Qawasmeh E (eds) Software engineering and computer systems, Second International Conference ICSECS 2011, Kuantan, Pahang, Malaysia, June 2011, Proceedings Part 2. Springer, Heidelberg, p 222
Smoot S, Tan N (2012) Private cloud computing: consolidation, virtualization, and service-oriented infrastructure. Elsevier, Waltham
Stone R (2005) The modern law of contract, 6th edn. Cavendish Publishing, London, p 14
Summer J, Ross T, Ababouchi L (2004) Application of risk assessment in the fish industry, FAO Fisheries Technical Paper No. 442, Part 1, p 6
Sundara Rajan M (2011) Moral rights: principles, practice and new technology. Oxford University Press, Oxford, p 286
Susskind R (1998) The future of law. Oxford University Press, Oxford, p 290
Taubenberger S (2011) Problem analysis of traditional it-security risk assessment methods—an experience report from the insurance and auditing domain. In: Camensich J et al (eds) future challenges in security and privacy for academia and industry, 26th IFIP TC 11 international information security conference, SEC 2011, Lucerne Switzerland, June 2011, Proceedings. Springer, Heidelberg, p 260
Teng F, Magoules F (2010) Future of grids resources management. In: Frederic Magoules (ed) Fundamentals of grid computing: theory, algorithms and technologies. Chapman and Hall (CRC Press), Boca Ratón, p 126
Toosizadeh S, Farshchi R (2011) Ruled-based programming for building expert systems: how do you create an expert system? LAP Lambert Academic Publishing, s.l
Vashist R (2015) Cloud Computing infrastructure for massive data: a gigantic task ahead. In: Hassanien A et al (eds) Big data in complex systems: challenges and opportunities, studies in big data, Vol 9. Springer, Cham, p 1
Vraalsen F et al (2005) Specifying legal risk scenarios using the CORAS threat modeling language: experiences and the way forward. In: Herrmann P, Issarny V, Shiu S (eds) Trust management, third international conference, iTrust 2005, Paris, France, May 23–26, 2005. Proceedings, Series Vol 3477. Springer, Berlin, pp 45–60
Wahlgren P (2007) Legislative Techniques, p. 91, In: Wintgens L (ed) Legislation in Context: Essays in Legisprudence, Applied Legal Philosophy. Ashgate Pub Co., Hampshire
Williams P (2013) Information security governance: a risk assessment approach to health information systems protection. In: Hovenga E, Grain H (eds) Health information governance in a digital environment. IOS Press, Amsterdam, p 187
Wright D, De Hert P (2012) (eds) Privacy impact assessment, law, governance and technology series, vol 6. Springer, Dordrecht
Wu L et al (2013) Automated SLA negotiation framework for cloud computing. In: Cluster, cloud and grid computing (CCGrid), 2013 13th IEEE/ACM international symposium, May 2013, pp 235–244 https://ieeexplore.ieee.org/document/6546098. Accessed May 10, 2019
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this chapter
Cite this chapter
Corrales Compagnucci, M. (2020). Towards a Legal Risk Assessment. In: Big Data, Databases and "Ownership" Rights in the Cloud. Perspectives in Law, Business and Innovation. Springer, Singapore. https://doi.org/10.1007/978-981-15-0349-8_9
Download citation
DOI: https://doi.org/10.1007/978-981-15-0349-8_9
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-0348-1
Online ISBN: 978-981-15-0349-8
eBook Packages: Law and CriminologyLaw and Criminology (R0)