Paper Info
Title
A Data Location Control Model for Cloud Service Deployments.
Abstract
A data location control model for Cloud services is presented. The model is intended for use by Cloud SaaS providers that collect personal data that can potentially be stored and processed at multiple geographic locations. It incorporates users' location preferences into authorization decisions by converting them into XACML policies that are consulted before data transfer operations. The model also ensures that the users have visibility into the location of their data and are informed when the location of their data changes. A prototype of the model has been implemented and was used to perform validation tests in various Cloud setups. These scenarios serve to demonstrate how location control can be integrated on top of existing public and private Cloud platforms. A sketch is also provided of an architecture that embeds location control functionality directly into the OpenStack Cloud platform. We further propose an enhancement to the model that alters its behaviour from being restrictive to prescriptive so that Cloud providers can copy data to a non-preferred locations in case of emergency. Under this approach, the number of authorized vs unauthorized transfers can be made publicly available by the provider as an assurance measure for consumers.
Year
DOI
Venue
2014
10.1007/978-3-319-25414-2_8
Communications in Computer and Information Science
Keywords
Field
DocType
Authorization system,Access control,Data location,XACML,Cloud computing
Architecture,Visibility,Data transmission,Computer science,Computer network,Software as a service,XACML,Access control,Database,Sketch,Cloud computing
Conference
Volume
ISSN
Citations 
512
1865-0929
0
PageRank 
References 
Authors
0.34
0
5
Name
Order
Citations
PageRank
Kaniz Fatema111310.47
Philip D. Healy210012.49
Vincent C. Emeakaroha332520.40
John P. Morrison426245.28
Theo Lynn511622.40