A Data Location Control Model for Cloud Service Deployments

Kaniz Fatema, Philip D. Healy, Vincent C. Emeakaroha, John P. Morrison, Theo Lynn

Research output: Chapter in Book/Published conference outputConference publication

Abstract

A data location control model for Cloud services is presented. The model is intended for use by Cloud SaaS providers that collect personal data that can potentially be stored and processed at multiple geographic locations. It incorporates users’ location preferences into authorization decisions by converting them into XACML policies that are consulted before data transfer operations. The model also ensures that the users have visibility into the location of their data and are informed when the location of their data changes. A prototype of the model has been implemented and was used to perform validation tests in various Cloud setups. These scenarios serve to demonstrate how location control can be integrated on top of existing public and private Cloud platforms. A sketch is also provided of an architecture that embeds location control functionality directly into the OpenStack Cloud platform. We further propose an enhancement to the model that alters its behaviour from being restrictive to prescriptive so that Cloud providers can copy data to a non-preferred locations in case of emergency. Under this approach, the number of authorized vs unauthorized transfers can be made publicly available by the provider as an assurance measure for consumers.
Original languageEnglish
Title of host publicationCloud Computing and Services Sciences. CLOSER 2014
PublisherSpringer
Chapter8
Pages117-133
ISBN (Electronic)978-3-319-25414-2
ISBN (Print)978-3-319-25413-5
DOIs
Publication statusPublished - 30 Dec 2015

Publication series

NameCloud Computing and Services Sciences
Volume512
ISSN (Print)1865-0929
ISSN (Electronic)1865-0937

Fingerprint

Dive into the research topics of 'A Data Location Control Model for Cloud Service Deployments'. Together they form a unique fingerprint.

Cite this