A Cloud Provider Description Schema for Meeting Legal Requirements in Cloud Federation Scenarios

  • George Kousiouris
  • George Vafiadis
  • Marcelo Corrales
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 399)


The advent of Cloud computing has created numerous significant challenges with regard to manipulation of data and especially personal data in cases of Clouds and federated Clouds. Existing legislation currently creates constraints and boundaries in the free usage of external Cloud providers. The aim of this paper is to provide a schema definition and usage mechanism (CPDS) that includes various levels of legal information that is necessary for automating the process of Cloud provider selection and data outsourcing. Thus the aforementioned constraints may be checked in an automated and machine understandable fashion and fully harvest the potential that is created by advances in Cloud computing like dynamic federation. In this direction, legal gaps and necessary actions are identified so that the automation avoids manual and bureaucratic steps that are necessary at the moment.


Cloud computing legal issues personal data data management Cloud federation 


  1. 1.
    COM 11 final. Proposal for a Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), pp. 1–2 (2012), http://ec.europa.eu/justice/data-protection/document/review2012/com_2012_11_en.pdf
  2. 2.
    OPTIMIS Project Deliverable D. “Cloud Legal Guidelines: Technical Implementation of Legal Requirements, Exploitation of the Toolkit in Use Cases and Component Licenses”, pp. 23–33Google Scholar
  3. 3.
    Chow, R., Golle, P., Jakobsson, M., Shi, E., Staddon, J., Masuoka, R., Molina, J.: Controlling data in the cloud: outsourcing computation without outsourcing control. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security (CCSW 2009), pp. 85–90. ACM, New York (2009)CrossRefGoogle Scholar
  4. 4.
    Pearson, S., Charlesworth, A.: Accountability as a Way Forward for Privacy Protection in the Cloud. In: Jaatun, M.G., Zhao, G., Rong, C. (eds.) CloudCom. LNCS, vol. 5931, pp. 131–144. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  5. 5.
    Rochwerger, B., Breitgand, D., Levy, E., Galis, A., Nagin, K., Llorente, I.M., Montero, R., Wolfsthal, Y., Elmroth, E., Caceres, J., Ben-Yehuda, M., Emmerich, W., Galan, F.: The Reservoir model and architecture for open federated cloud computing. IBM Journal of Research and Development 53(4), 4:1-4:11 (2009)CrossRefGoogle Scholar
  6. 6.
    Buyya, R., Ranjan, R., Calheiros, R.N.: InterCloud: Utility-oriented federation of cloud computing environments for scaling of application services. In: Hsu, C.-H., Yang, L.T., Park, J.H., Yeo, S.-S. (eds.) ICA3PP 2010, Part I. LNCS, vol. 6081, pp. 13–31. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  7. 7.
    Article 29 Working Party, WP 74, Transfer of Personal Data to Third Countries: Applying Article 26 (2) of the EU Data Protection Directive to Binding Corporate Rules for International Data TransfersGoogle Scholar
  8. 8.
    European Commission, Commission Decisions on the Adequacy of the Protection of Personal Data in Third Countries, http://ec.europa.eu/justice/data-protection/document/international-transfers/adequacy/index_en.htm
  9. 9.
  10. 10.
    OPTIMIS Project Deliverable Cloud Legal Guidelines, pp. 91–93Google Scholar
  11. 11.
    Kousiouris, G., Vafiadis, G., Varvarigou, T.: A Front-end Hadoop based Data Management Service for Efficient Federated Clouds. In: 2011 IEEE Third International Conference on Cloud Computing Technology and Science (CloudCom), November 29-December 1, pp. 511–516 (2011)Google Scholar
  12. 12.
    Ferrer, A., et al.: OPTIMIS: A holistic approach to cloud service provisioning. Future Generation Computer Systems 28(1), 66–77 (2012) ISSN 0167-739X, 10.1016/j.future.2011.05.022Google Scholar
  13. 13.
    Barnitzke, B., et al.: Legal Restraints and Security Requirements on Per-sonal Data and Their Technical Implementation in Clouds. In: Workshop for E-contracting for Clouds, eChallenges (2011)Google Scholar
  14. 14.
  15. 15.
    Gordon, T.F.: Analyzing open source license compatibility issues with Carneades. In: Proceedings of the 13th International Conference on Artificial Intelligence and Law (ICAIL 2011), pp. 51–55. ACM, New York (2011)Google Scholar
  16. 16.
  17. 17.
    Brandtzg, E., Parastoo, M., Mosser, S.: Towards a Domain-Specic Language to Deploy Applications in the Clouds. In: Third International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2012), Nice, France, pp. 1–6 (July 2012)Google Scholar
  18. 18.
    Djemame, et al.: Legal issues in clouds: towards a risk inventory. Phil. Trans. R. Soc. A 371(1983), 5, 20120075 (2013) (December 10, 2012) doi:10.1098/rsta.2012.0075 CrossRefGoogle Scholar
  19. 19.
    Toosi, A.N., Calheiros, R.N., Thulasiram, R.K., Buyya, R.: Resource Provisioning Policies to Increase IaaS Provider’s Profit in a Federated Cloud Environment. In: 2011 IEEE 13th International Conference on High Performance Computing and Communications (HPCC), September 2-4, pp. 279–287 (2011)Google Scholar
  20. 20.
    Zhang, Z., Zhang, X.: A load balancing mechanism based on ant colony and complex network theory in open cloud computing federation. In: 2010 2nd International Conference on Industrial Mechatronics and Automation (ICIMA), May 30-31, vol. 2, pp. 240–243 (2010)Google Scholar
  21. 21.
  22. 22.
  23. 23.

Copyright information

© International Federation for Information Processing 2013

Authors and Affiliations

  • George Kousiouris
    • 1
  • George Vafiadis
    • 1
  • Marcelo Corrales
    • 2
  1. 1.National Technical University of AthensGreece
  2. 2.Leibniz University of HanoverGermany

Personalised recommendations