Protecting Free Expression Online with Freenet
IEEE Internet Computing
Web Privacy with P3p
DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
Privacy: What Developers and IT Professionals Should Know
Privacy: What Developers and IT Professionals Should Know
Sociotechnical Architecture for Online Privacy
IEEE Security and Privacy
Design for privacy in ubiquitous computing environments
ECSCW'93 Proceedings of the third conference on European Conference on Computer-Supported Cooperative Work
A collection of privacy design patterns
Proceedings of the 2006 conference on Pattern languages of programs
Verifiable and Revocable Expression of Consent to Processing of Aggregated Personal Data
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
IEEE Transactions on Software Engineering
Simplified privacy controls for aggregated services: suspend and resume of personal data
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
Pond: the oceanstore prototype
FAST'03 Proceedings of the 2nd USENIX conference on File and storage technologies
User Requirements for Cloud Computing Architecture
CCGRID '10 Proceedings of the 2010 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing
SECaaS: security as a service for cloud-based applications
Proceedings of the Second Kuwait Conference on e-Services and e-Systems
Reference deployment models for eliminating user concerns on cloud security
The Journal of Supercomputing
Privacy management in global organisations
CMS'12 Proceedings of the 13th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security
Hi-index | 0.00 |
The Cloud is a relatively new concept and so it is unsurprising that the information assurance, data protection, network security and privacy concerns have yet to be fully addressed. This paper seeks to begin the process of designing data protection controls into clouds from the outset so as to avoid the costs associated with bolting on security as an afterthought. Our approach is firstly to consider cloud maturity from an enterprise level perspective, describing a novel capability maturity model. We use this model to explore privacy controls within an enterprise cloud deployment, and explore where there may be opportunities to design in data protection controls as exploitation of the Cloud matures. We demonstrate how we might enable such controls via the use of design patterns. Finally, we consider how Service Level Agreements (SLAs) might be used to ensure that third party suppliers act in support of such controls.