Advertisement

Secure Data Processing in the Cloud

  • Zoltán Ádám Mann
  • Eliot Salant
  • Mike Surridge
  • Dhouha Ayed
  • John Boyle
  • Maritta Heisel
  • Andreas Metzger
  • Paul Mundt
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 824)

Abstract

Data protection is a key issue in the adoption of cloud services. The project “RestAssured – Secure Data Processing in the Cloud,” financed by the European Union’s Horizon 2020 research and innovation programme, addresses the challenge of data protection in the cloud with a combination of innovative security solutions, data lifecycle management techniques, run-time adaptation, and automated risk management. This paper gives an overview about the project’s goals and current status.

Keywords

Cloud computing Data protection Privacy Secure hardware enclaves Sticky policies Run-time adaptation Automated risk management 

Notes

Acknowledgement

The research leading to these results has received funding from the European Community’s Horizon 2020 research and innovation programme under grant agreement no 731678.

References

  1. 1.
    Zheng, W., Dave, A., Beekman, J.G., Popa, R.A., Gonzalez, J.E., Stoica, I.: Opaque: an oblivious and encrypted distributed analytics platform. In: Proceedings of the 14th USENIX symposium on Networked Systems Design and Implementation (NSDI 2017), pp. 283–298. USENIX Assoc (2017)Google Scholar
  2. 2.
    Mann, Z.Á., Metzger, A.: Optimized cloud deployment of multi-tenant software considering data protection concerns. In: Proceedings of the 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid 2017), pp. 609–618. IEEE Press (2017)Google Scholar
  3. 3.
    Dräxler, S., Karl, H., Mann, Z.Á.: Joint optimization of scaling and placement of virtual network services. In: Proceedings of the 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid 2017), pp. 365–370. IEEE Press (2017)Google Scholar
  4. 4.
    Schoenen, S., Mann, Z.Á., Metzger, A.: Using risk patterns to identify violations of data protection policies in cloud systems. In: 13th International Workshop on Engineering Service-Oriented Applications and Cloud Services (WESOACS) (2017)Google Scholar
  5. 5.
    Beckers, K., Côté, I., Goeke, L., Güler, S., Heisel, M.: A structured method for security requirements elicitation concerning the cloud computing domain. Int. J. Secure Softw. Eng. (IJSSE) 5(2), 20–43 (2014)CrossRefGoogle Scholar
  6. 6.
    Surridge, M., Nasser, B., Chen, X., Chakravarthy, A., Melas, P.: Run-time risk management in adaptive ICT systems. In: 8th International Conference on Availability, Reliability and Security (ARES), pp. 102–110. IEEE (2013)Google Scholar
  7. 7.
    Chakravarthy, A., Wiegand, S., Chen, X., Nasser, B., Surridge, M.: Trustworthy systems design using semantic risk modelling. In: Proceedings of the 1st International Conference on Cyber Security for Sustainable Society, pp. 49–81. Digital Economy Sustainable Society Network (2015)Google Scholar
  8. 8.
    ISO/IEC 27001:2013. Information technology – Security Techniques – Information security management systems – Requirements, International Organization for Standardization (2013)Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  • Zoltán Ádám Mann
    • 1
  • Eliot Salant
    • 2
  • Mike Surridge
    • 3
  • Dhouha Ayed
    • 4
  • John Boyle
    • 5
  • Maritta Heisel
    • 1
  • Andreas Metzger
    • 1
  • Paul Mundt
    • 6
  1. 1.University of Duisburg-EssenDuisburgGermany
  2. 2.IBM Haifa Research LabsHaifaIsrael
  3. 3.University of Southampton IT Innovation CentreSouthamptonUK
  4. 4.Thales ServicesPalaiseauFrance
  5. 5.Oxford Computer ConsultantsOxfordUK
  6. 6.Adaptant Solutions AGMunichGermany

Personalised recommendations