Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems

Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any) and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644429 and No 780351, MUSA project and ENACT project, respectively. We would also like to acknowledge all the members of the MUSA Consortium and ENACT Consortium for their valuable help

Trust Model for Optimized Cloud Services

Cloud computing with its inherent advantages draws attention for business critical applications, but concurrently expects high level of trust in cloud service providers. Reputation-based trust is emerging as a good choice to model trust of cloud service providers based on available evidence. Many existing reputation based systems either ignore or give less importance to uncertainty linked with the evidence. In this paper, we propose an uncertainty model and define our approach to compute opinion for cloud service providers. Using subjective logic operators along with the computed opinion values, we propose mechanisms to calculate the reputation of cloud service providers. We evaluate and compare our proposed model with existing reputation models

Privacy Management Service Contracts as a New Business Opportunity for Operators

Recognizing the importance of privacy management as a business process and a business support process, this paper proposes the use of service level agreements (SLA’s) around privacy features, including qualitative and quantitative ones. Privacy metrics are defined by both parties with boundary values on each qualitative or qualitative feature. Their distribution is relying on stress distributions used in this field. The use of service level agreements also casts privacy management into a business perspective with benefits and costs to either party in a process. This approach is especially relevant for communications operators as brokers between content owners (individuals, businesses) and enterprise applications; in this context, the privacy SLA management would be carried out by the operator, while the terms and conditions of the SLA negotiation reside with the two external parties. This work was carried out as part of the large EU project PRIME www.prime.project.eu.org. on privacy enhancing technologies.Content Owners;Enterprise Business Processes;Managed Service Contracts;Privacy Agreements;Service Level Agreements (SLA's);Telecommunications Operators

Goodbye to Projects? - Review of development interventions and livelihoods approaches in Uganda

Approaches to projects and development have undergone considerable change in the last decade with significant policy shifts on governance, gender, poverty eradication, and environmental issues. Most recently this has led to the adoption and promotion of the sustainable livelihood (SL) approach. The adoption of the SL approach presents challenges to development interventions including: the future of projects and programmes, and sector wide approaches (SWAPs) and direct budgetary support. This paper `Review of development interventions and livelihood approaches in Uganda¿ is the fourth in the series of the project working papers. This is the output of a literature review and series of interviews on development interventions in Uganda.Department for International Developmen

A look at cloud architecture interoperability through standards

Enabling cloud infrastructures to evolve into a transparent platform while preserving integrity raises interoperability issues. How components are connected needs to be addressed. Interoperability requires standard data models and communication encoding technologies compatible with the existing Internet infrastructure. To reduce vendor lock-in situations, cloud computing must implement universal strategies regarding standards, interoperability and portability. Open standards are of critical importance and need to be embedded into interoperability solutions. Interoperability is determined at the data level as well as the service level. Corresponding modelling standards and integration solutions shall be analysed