Cloud technology options towards Free Flow of Data

This whitepaper collects the technology solutions that the projects in the Data Protection, Security and Privacy Cluster propose to address the challenges raised by the working areas of the Free Flow of Data initiative. The document describes the technologies, methodologies, models, and tools researched and developed by the clustered projects mapped to the ten areas of work of the Free Flow of Data initiative. The aim is to facilitate the identification of the state-of-the-art of technology options towards solving the data security and privacy challenges posed by the Free Flow of Data initiative in Europe. The document gives reference to the Cluster, the individual projects and the technologies produced by them

A Review Of Multi-Tenant Database And Factors That Influence Its Adoption.

A Multi-tenant database (MTD) is a way of deploying a Database as a Service (DaaS). This is gaining momentum with significant increase in the number of organizations ready to take advantage of the technology. A multi-tenant database refers to a principle where a single instance of a Database Management System (DBMS) runs on a server, serving multiple clients organizations (tenants). This is a database which provides database support to a number of separate and distinct groups of users or tenants. This concept spreads the cost of hardware, software and other services to a large number of tenants, therefore significantly reducing per tenant cost. Three different approaches of implementing multi-tenant database have been identified. These methods have been shown to be increasingly better at pooling resources and also processing administrative operations in bulk. This paper reports the requirement of multi-tenant databases, challenges of implementing MTD, database migration for elasticity in MTD and factors influencing the choice of models in MTD. An insightful discussion is presented in this paper by grouping these factors into four categories. This shows that the degree of tenancy is an influence to the approach to be adopted and the capital and operational expenditure are greatly reduced in comparison with an on-premises solutio

Security and Privacy Issues in Cloud Computing

Cloud computing transforming the way of information technology (IT) for consuming and managing, promising improving cost efficiencies, accelerate innovations, faster time-to-market and the ability to scale applications on demand (Leighton, 2009). According to Gartner, while the hype grew ex-ponentially during 2008 and continued since, it is clear that there is a major shift towards the cloud computing model and that the benefits may be substantial (Gartner Hype-Cycle, 2012). However, as the shape of the cloud computing is emerging and developing rapidly both conceptually and in reality, the legal/contractual, economic, service quality, interoperability, security and privacy issues still pose significant challenges. In this chapter, we describe various service and deployment models of cloud computing and identify major challenges. In particular, we discuss three critical challenges: regulatory, security and privacy issues in cloud computing. Some solutions to mitigate these challenges are also proposed along with a brief presentation on the future trends in cloud computing deployment

PaaSword: A Data Privacy and Context-aware Security Framework for Developing Secure Cloud Applications - Technical and Scientific Contributions

Most industries worldwide have entered a period of reaping the benefits and opportunities cloud offers. At the same time, many efforts are made to address engineering challenges for the secure development of cloud systems and software.With the majority of software engineering projects today relying on the cloud, the task to structure end-to-end secure-by-design cloud systems becomes challenging but at the same time mandatory. The PaaSword project has been commissioned to address security and data privacy in a holistic way by proposing a context-aware security-by-design framework to support software developers in constructing secure applications for the cloud. This chapter presents an overview of the PaaSword project results, including the scientific achievements as well as the description of the technical solution. The benefits offered by the framework are validated through two pilot implementations and conclusions are drawn based on the future research challenges which are discussed in a research agenda

An Empirical Analysis of Security Issues in Cloud Environment

Cloud Computing is a flexible, cost-effective, and proven delivery platform for providing business or consumer IT services over the Internet. However, cloud Computing presents an added level of risk because essential services are often outsourced to a third party, which makes it harder to maintain data security and privacy, support data and service availability, and demonstrate compliance. Cloud Computing leverages many technologies (SOA, virtualization, Web 2.0); it also inherits their security issues, which we discuss here, identifying the main vulnerabilities in this kind of systems and the most important threats found in the literature related to Cloud Computing and its environment as well as to identify and relate vulnerabilities and threats with possible solutions

CHALLENGES OF VALUE CREATION THROUGH CLOUD SAAS: BUSINESS/IT ALIGNMENT IN SERVICE ORIENTED INDUSTRIES

Although Business/IT alignment has gathered much interest in the past, it still presents a challenge for service sector companies facing Software-as-a-Service (SaaS) sourcing. Such companies lack managerial experience and competency of using ubiquitous technologies and SaaS applications in order to create business value. This paper provides evidence on how SaaS strengthens alignment between IT and business strategies and how it indirectly creates value for service sector enterprises. We employ semi-structured interviews and case studies to determine how aligning business strategy with SaaS -enabled IT strategy can lead to value creation. We found out that the features of SaaS such as on-demand self-service, rapid elasticity and measured service are considered advantageous by the companies, whilst dependence on a single vendor, incompatibility and information security were considered as a disadvantage. Future research could explore other cloud service models, such as Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) to reveal how and why other cloud service applications can succeed or fail supporting Business-IT alignment