A user data location control model for cloud services

Kaniz Fatema; Philip D. Healy; Vincent C. Emeakaroha; John P. Morrison; Theo Lynn

doi:10.5220/0004855404760488

A user data location control model for cloud services

Kaniz Fatema
, Philip D. Healy
, Vincent C. Emeakaroha
, John P. Morrison
, Theo Lynn

School of Computer Science and Information Technology

Research output: Chapter in Book/Report/Conference proceedings › Conference proceeding › peer-review

Abstract

A data location control model for Cloud services is presented that uses an authorization system as its core control element. The model is intended for use by enterprises that collect personal data from end users that can potentially be stored and processed at multiple geographic locations. By adhering to the model's authorization decisions, the enterprise can address end users' concerns about the location of their data by incorporating their preferences about the location of their personal data into an authorization policy. The model also ensures that the end users have visibility into the location of their data and are informed when the location of their data changes. A prototype of the model has been implemented that provides the data owner with an interface that allows their location preferences to be expressed. These preferences are stored internally as XACML policy documents. Thereafter, movements or remote duplications of the data must be authorized by submitting requests to an ISO/IEC 10181-3:1996 compliant policy enforcement point. End users can, at any time, view up-to-date information on the locations where their data is stored via a web interface. Furthermore, XACML obligations are used to ensure that end users are informed whenever the location of their data changes.

Original language	English
Title of host publication	CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science
Publisher	SciTePress
Pages	476-488
Number of pages	13
ISBN (Print)	9789897580192
DOIs	https://doi.org/10.5220/0004855404760488
Publication status	Published - 2014
Event	4th International Conference on Cloud Computing and Services Science, CLOSER 2014 - Barcelona, Spain Duration: 3 Apr 2014 → 5 Apr 2014

Publication series

Name	CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science

Conference

Conference	4th International Conference on Cloud Computing and Services Science, CLOSER 2014
Country/Territory	Spain
City	Barcelona
Period	3/04/14 → 5/04/14

Keywords

Access control
Authorization system
Cloud computing
Data location
XACML

Access to Document

10.5220/0004855404760488

Cite this

Fatema, K., Healy, P. D., Emeakaroha, V. C., Morrison, J. P., & Lynn, T. (2014). A user data location control model for cloud services. In CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science (pp. 476-488). (CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science). SciTePress. https://doi.org/10.5220/0004855404760488

@inproceedings{458fb93a2ae846a28fa1d5465d4fd53d,

title = "A user data location control model for cloud services",

abstract = "A data location control model for Cloud services is presented that uses an authorization system as its core control element. The model is intended for use by enterprises that collect personal data from end users that can potentially be stored and processed at multiple geographic locations. By adhering to the model's authorization decisions, the enterprise can address end users' concerns about the location of their data by incorporating their preferences about the location of their personal data into an authorization policy. The model also ensures that the end users have visibility into the location of their data and are informed when the location of their data changes. A prototype of the model has been implemented that provides the data owner with an interface that allows their location preferences to be expressed. These preferences are stored internally as XACML policy documents. Thereafter, movements or remote duplications of the data must be authorized by submitting requests to an ISO/IEC 10181-3:1996 compliant policy enforcement point. End users can, at any time, view up-to-date information on the locations where their data is stored via a web interface. Furthermore, XACML obligations are used to ensure that end users are informed whenever the location of their data changes.",

keywords = "Access control, Authorization system, Cloud computing, Data location, XACML",

author = "Kaniz Fatema and Healy, \{Philip D.\} and Emeakaroha, \{Vincent C.\} and Morrison, \{John P.\} and Theo Lynn",

year = "2014",

doi = "10.5220/0004855404760488",

language = "English",

isbn = "9789897580192",

series = "CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science",

publisher = "SciTePress",

pages = "476--488",

booktitle = "CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science",

note = "4th International Conference on Cloud Computing and Services Science, CLOSER 2014 ; Conference date: 03-04-2014 Through 05-04-2014",

}

Fatema, K, Healy, PD, Emeakaroha, VC, Morrison, JP & Lynn, T 2014, A user data location control model for cloud services. in CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science. CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science, SciTePress, pp. 476-488, 4th International Conference on Cloud Computing and Services Science, CLOSER 2014, Barcelona, Spain, 3/04/14. https://doi.org/10.5220/0004855404760488

A user data location control model for cloud services. / Fatema, Kaniz; Healy, Philip D.; Emeakaroha, Vincent C. et al.
CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science. SciTePress, 2014. p. 476-488 (CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science).

Research output: Chapter in Book/Report/Conference proceedings › Conference proceeding › peer-review

TY - GEN

T1 - A user data location control model for cloud services

AU - Fatema, Kaniz

AU - Healy, Philip D.

AU - Emeakaroha, Vincent C.

AU - Morrison, John P.

AU - Lynn, Theo

PY - 2014

Y1 - 2014

N2 - A data location control model for Cloud services is presented that uses an authorization system as its core control element. The model is intended for use by enterprises that collect personal data from end users that can potentially be stored and processed at multiple geographic locations. By adhering to the model's authorization decisions, the enterprise can address end users' concerns about the location of their data by incorporating their preferences about the location of their personal data into an authorization policy. The model also ensures that the end users have visibility into the location of their data and are informed when the location of their data changes. A prototype of the model has been implemented that provides the data owner with an interface that allows their location preferences to be expressed. These preferences are stored internally as XACML policy documents. Thereafter, movements or remote duplications of the data must be authorized by submitting requests to an ISO/IEC 10181-3:1996 compliant policy enforcement point. End users can, at any time, view up-to-date information on the locations where their data is stored via a web interface. Furthermore, XACML obligations are used to ensure that end users are informed whenever the location of their data changes.

AB - A data location control model for Cloud services is presented that uses an authorization system as its core control element. The model is intended for use by enterprises that collect personal data from end users that can potentially be stored and processed at multiple geographic locations. By adhering to the model's authorization decisions, the enterprise can address end users' concerns about the location of their data by incorporating their preferences about the location of their personal data into an authorization policy. The model also ensures that the end users have visibility into the location of their data and are informed when the location of their data changes. A prototype of the model has been implemented that provides the data owner with an interface that allows their location preferences to be expressed. These preferences are stored internally as XACML policy documents. Thereafter, movements or remote duplications of the data must be authorized by submitting requests to an ISO/IEC 10181-3:1996 compliant policy enforcement point. End users can, at any time, view up-to-date information on the locations where their data is stored via a web interface. Furthermore, XACML obligations are used to ensure that end users are informed whenever the location of their data changes.

KW - Access control

KW - Authorization system

KW - Cloud computing

KW - Data location

KW - XACML

UR - https://www.scopus.com/pages/publications/84902352564

U2 - 10.5220/0004855404760488

DO - 10.5220/0004855404760488

M3 - Conference proceeding

AN - SCOPUS:84902352564

SN - 9789897580192

T3 - CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science

SP - 476

EP - 488

BT - CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science

PB - SciTePress

T2 - 4th International Conference on Cloud Computing and Services Science, CLOSER 2014

Y2 - 3 April 2014 through 5 April 2014

ER -

Fatema K, Healy PD, Emeakaroha VC, Morrison JP, Lynn T. A user data location control model for cloud services. In CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science. SciTePress. 2014. p. 476-488. (CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science). doi: 10.5220/0004855404760488

A user data location control model for cloud services

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this