Conference Publication Details
Mandatory Fields
Kaniz Fatema , Philip D. Healy ,Vincent C. Emeakaroha , John P. Morrison and Theo Lynn
4th International Conference on Cloud Computing and Services Science CLOSER2014
A User Data Location Control Model for Cloud Services
In Press
Optional Fields
Authorization system, access control, data location, XACML, Cloud computing
Barcelona, Spain
A data location control model for Cloud services is presented that uses an authorization system as its core control element. The model is intended for use by enterprises that collect personal data from end users that can potentially be stored and processed at multiple geographic locations. By adhering to the model’s authorization decisions, the enterprise can address end users’ concerns about the location of their data by incorporating their preferences about the location of their personal data into an authorization policy. The model also ensures that the end users have visibility into the location of their data and are informed when the location of their data changes. A prototype of the model has been implemented that provides the data owner with an interface that allows their location preferences to be expressed. These preferences are stored internally as XACML policy documents. Thereafter, movements or remote duplications of the data must be authorized by submitting requests to an ISO/IEC 10181-3:1996 compliant policy enforcement point. End users can, at any time, view up-to-date information on the locations where their data is stored via a web interface. Furthermore, XACML obligations are used to ensure that end users are informed whenever the location of their data changes. 1 INTRODUCTION Cloud Computing offers a new style of computing that allows consumers to pay only for the services used and frees them from the management overhead of the underlying infrastructure. Although Cloud Computing has gained significant traction in recent years, surveys have consistently shown that consumers’ concerns around security and loss of control over data are hindering adoption (Subashini and Kavitha, 2011; Chen and Zhao, 2012). Additionally, the physical location of data can have an impact on its vulnerability to disclosure and can have implications for service quality and legal consequences (Albeshri et al., 2012; Gondree and Peterson, 2013). Many regulations such as HIPAA and the EU Data Protection Directive impose restrictions on the movement of data between geographical locations. Data location therefore represents a sensitive issue for enterprises that offer cloud services. Existing and potential customers seek assurance that the enterprise will act as faithful stewards of information entrusted to them, and the enterprise itself wishes to avoid falling foul of data protection rules and other regulations. However, these concerns must be balanced against the enterprise’s desire to maintain redundancy and operational efficiency. There are a number of valid rea- sons for copying data to geographically dispersed locations. These may include: • Risk Mitigation Copying data to more than one physical location provides a hedge against localised catastrophic events such as fires and natural disasters. • Operational Expenditure Due to the geographically variable nature of overheads, such as energy costs, it may be cheaper to store and/or process data at a location other than where it was stored originally. • Storage Capacity If a data centre has limited capacity it might be helpful to offload some storage to another location. • Maintenance Data may sometimes need to be moved temporarily in order to facilitate data centre maintenance, upgrade or relocation. • Localised Caching Content delivery networks, such as Akamai and Amazon CloudFront, replicate data to edge servers in order to improve users’ quality of experience. Enterprises that offer Cloud services must therefore balance the benefits of migrating data against concerns relating to trustworthiness in the eyes of users and regulatory compliance.
Grant Details