Privacy in cloud computing is a major concern for individuals, governments, service and platform providers. In this context, the compliance with regards to policies and regulations about personal data protection is essential, but hard to achieve, as the implementation of privacy controls is subject to diverse kinds of errors. In this paper we present how the enforcement of privacy policies can be facilitated by a Platform as a Service. Cloud applications developers can use non-obtrusive annotations in the code to indicate where personally identifiable information is being handled, leveraging the aspect-oriented programming (AOP) features. Subsequently the evaluation of user defined preferences is performed by trustful components provided by the platform, liberating developers from the burden of designing custom mechanisms for privacy enforcement in their software.
Automating privacy enforcement in cloud platforms
DPM 2012, 7th International Workshop on Data Privacy Management, in conjunction with the 17th annual European research event in Computer Security symposium (ESORICS 2012), 13-14 September 2012, Pisa, Italy / Also published in LNCS, Springer, Vol 7731/2013
Type:
Conférence
City:
Pisa
Date:
2012-09-13
Department:
Sécurité numérique
Eurecom Ref:
3804
Copyright:
© Springer. Personal use of this material is permitted. The definitive version of this paper was published in DPM 2012, 7th International Workshop on Data Privacy Management, in conjunction with the 17th annual European research event in Computer Security symposium (ESORICS 2012), 13-14 September 2012, Pisa, Italy / Also published in LNCS, Springer, Vol 7731/2013 and is available at : http://dx.doi.org/10.1007/978-3-642-35890-6_12
See also:
PERMALINK : https://www.eurecom.fr/publication/3804
