Automating Privacy Enforcement in Cloud Platforms

  • Peng Yu
  • Jakub Sendor
  • Gabriel Serme
  • Anderson Santana de Oliveira
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7731)


Privacy in cloud computing is a major concern for individuals, governments, service and platform providers. In this context, the compliance with regards to policies and regulations about personal data protection is essential, but hard to achieve, as the implementation of privacy controls is subject to diverse kinds of errors. In this paper we present how the enforcement of privacy policies can be facilitated by a Platform as a Service. Cloud applications developers can use non-obtrusive annotations in the code to indicate where personally identifiable information is being handled, leveraging the aspect-oriented programming (AOP) features. Subsequently the evaluation of user defined preferences is performed by trustful components provided by the platform, liberating developers from the burden of designing custom mechanisms for privacy enforcement in their software.


Cloud Computing Privacy Policy Cloud Provider Cloud Platform Cloud Application 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Implementing p3p using database technology. In: Proceedings of the 19th International Conference on Data Engineering, pp. 595–606 (March 2003)Google Scholar
  2. 2.
    Ashley, P., Hada, S., Karjoth, G., Powers, C., Schunter, M.: Enterprise privacy authorization language (epal). Research report 3485 (2003)Google Scholar
  3. 3.
    Bussard, L., Neven, G., Preiss, F.S.: Matching privacy policies and preferences: Access control, obligatons, authorisations, and downstream usage. In: Camenisch, J., Fischer-Hübner, S., Rannenberg, K. (eds.) Privacy and Identity Management for Life, pp. 313–326. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  4. 4.
    Byun, J.W., Bertino, E., Li, N.: Purpose based access control of complex data for privacy protection. In: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies, SACMAT 2005, pp. 102–110. ACM, New York (2005)CrossRefGoogle Scholar
  5. 5.
    Chen, K., Wang, D.W.: An aspect-oriented approach to privacy-aware access control. In: 2007 International Conference on Machine Learning and Cybernetics, vol. 5, pp. 3016–3021 (August 2007)Google Scholar
  6. 6.
    Cohen, S., Nutt, W., Serebrenik, A.: Rewriting aggregate queries using views. In: Proceedings of the Eighteenth ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, PODS 1999, pp. 155–166. ACM, New York (1999)CrossRefGoogle Scholar
  7. 7.
    Cranor, L.: P3P: making privacy policies more useful. IEEE Security Privacy 1(6), 50–55 (2003)CrossRefGoogle Scholar
  8. 8.
    Idrees, M.S., Serme, G., Roudier, Y., de Oliveira, A.S., Grall, H., Südholt, M.: Evolving Security Requirements in Multi-layered Service-Oriented-Architectures. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., de Capitani di Vimercati, S. (eds.) DPM 2011 and SETOP 2011. LNCS, vol. 7122, pp. 190–205. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  9. 9.
    Itani, W., Kayssi, A.I., Chehab, A.: Privacy as a service: Privacy-aware data storage and processing in cloud computing architectures. In: DASC, pp. 711–716. IEEE (2009)Google Scholar
  10. 10.
    Lang, U.: Openpmf scaas: Authorization as a service for cloud & soa applications. In: CloudCom, pp. 634–643. IEEE (2010)Google Scholar
  11. 11.
    Langheinrich, M.: A Privacy Awareness System for Ubiquitous Computing Environments. In: Borriello, G., Holmquist, L.E. (eds.) UbiComp 2002. LNCS, vol. 2498, pp. 237–245. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  12. 12.
    LeFevre, K., Agrawal, R., Ercegovac, V., Ramakrishnan, R., Xu, Y., DeWitt, D.J.: Limiting disclosure in hippocratic databases. In: Nascimento, M.A., Özsu, M.T., Kossmann, D., Miller, R.J., Blakeley, J.A., Schiefer, K.B. (eds.) VLDB, pp. 108–119. Morgan Kaufmann (2004)Google Scholar
  13. 13.
    Mont, M.C., Thyne, R.: A Systemic Approach to Automate Privacy Policy Enforcement in Enterprises. In: Danezis, G., Golle, P. (eds.) PET 2006. LNCS, vol. 4258, pp. 118–134. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  14. 14.
    Mowbray, M., Pearson, S.: A client-based privacy manager for cloud computing. In: Bosch, J., Clarke, S. (eds.) COMSWARE, p. 5. ACM (2009)Google Scholar
  15. 15.
    Pearson, S., Charlesworth, A.: Accountability as a Way Forward for Privacy Protection in the Cloud. In: Jaatun, M.G., Zhao, G., Rong, C. (eds.) CloudCom 2009. LNCS, vol. 5931, pp. 131–144. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  16. 16.
    Rizvi, S., Mendelzon, A., Sudarshan, S., Roy, P.: Extending query rewriting techniques for fine-grained access control. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, SIGMOD 2004, pp. 551–562. ACM, New York (2004)CrossRefGoogle Scholar
  17. 17.
    Sweeney, L.: k-anonymity: A model for protecting privacy. International Journal on Uncertainty Fuzziness and Knowledge-based Systems 10(5), 557–570 (2002)MathSciNetzbMATHCrossRefGoogle Scholar
  18. 18.
    Tootoonchian, A., Saroiu, S., Ganjali, Y., Wolman, A.: Lockr: better privacy for social networks. In: Liebeherr, J., Ventre, G., Biersack, E.W., Keshav, S. (eds.) CoNEXT, pp. 169–180. ACM (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Peng Yu
    • 1
  • Jakub Sendor
    • 2
  • Gabriel Serme
    • 2
  • Anderson Santana de Oliveira
    • 2
  1. 1.Université de Technologie de CompiègneFrance
  2. 2.SAP ResearchFrance

Personalised recommendations