Tackling cloud compliance through information flow control:
Gespeichert in:
1. Verfasser: | |
---|---|
Format: | Abschlussarbeit Buch |
Sprache: | English |
Veröffentlicht: |
Passau
2015
|
Schlagworte: | |
Online-Zugang: | https://nbn-resolving.org/urn:nbn:de:bvb:739-opus4-3696 Volltext Inhaltsverzeichnis |
Beschreibung: | viii, 263 Seiten Diagramme |
Internformat
MARC
LEADER | 00000nam a2200000 c 4500 | ||
---|---|---|---|
001 | BV043691080 | ||
003 | DE-604 | ||
005 | 20210506 | ||
007 | t | ||
008 | 160728s2015 |||| m||| 00||| eng d | ||
035 | |a (OCoLC)954191303 | ||
035 | |a (DE-599)BVBBV043691080 | ||
040 | |a DE-604 |b ger |e rda | ||
041 | 0 | |a eng | |
049 | |a DE-739 |a DE-355 |a DE-29 | ||
084 | |a ST 200 |0 (DE-625)143611: |2 rvk | ||
100 | 1 | |a Herkenhöner, Ralph |e Verfasser |4 aut | |
245 | 1 | 0 | |a Tackling cloud compliance through information flow control |c Ralph Herkenhöner |
264 | 1 | |a Passau |c 2015 | |
300 | |a viii, 263 Seiten |b Diagramme | ||
336 | |b txt |2 rdacontent | ||
337 | |b n |2 rdamedia | ||
338 | |b nc |2 rdacarrier | ||
502 | |b Dissertation |c Universität Passau |d 2016 | ||
650 | 0 | 7 | |a Informationsfluss |0 (DE-588)4161668-6 |2 gnd |9 rswk-swf |
650 | 0 | 7 | |a Cloud Computing |0 (DE-588)7623494-0 |2 gnd |9 rswk-swf |
650 | 0 | 7 | |a Compliance-System |0 (DE-588)4442497-8 |2 gnd |9 rswk-swf |
655 | 7 | |0 (DE-588)4113937-9 |a Hochschulschrift |2 gnd-content | |
689 | 0 | 0 | |a Cloud Computing |0 (DE-588)7623494-0 |D s |
689 | 0 | 1 | |a Compliance-System |0 (DE-588)4442497-8 |D s |
689 | 0 | 2 | |a Informationsfluss |0 (DE-588)4161668-6 |D s |
689 | 0 | |5 DE-604 | |
776 | 0 | 8 | |i Erscheint auch als |n Online-Ausgabe |o urn:nbn:de:bvb:739-opus4-3696 |
856 | 4 | |u https://nbn-resolving.org/urn:nbn:de:bvb:739-opus4-3696 |x Resolving-System | |
856 | 4 | 1 | |u https://opus4.kobv.de/opus4-uni-passau/frontdoor/index/index/docId/369 |z kostenfrei |3 Volltext |
856 | 4 | 2 | |m Digitalisierung UB Passau - ADAM Catalogue Enrichment |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029103743&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
912 | |a ebook | ||
999 | |a oai:aleph.bib-bvb.de:BVB01-029103743 |
Datensatz im Suchindex
_version_ | 1804176465450762240 |
---|---|
adam_text | Contents
1 Introduction and methodology 1
1.1 Prospects of IT outsourcing to clouds ..................................... 1
1.2 Problem statement on legally compliant cloud computing..................... 4
1.3 Goal and objectives of the thesis.......................................... 4
1.4 Methodological approach.................................................... 5
1.5 Structure of the thesis.................................................... 8
1.6 Scientific contribution.................................................... 9
2 Cloud computing and legal compliance 11
2.1 The cloud computing paradigm.............................................. 11
2.1.1 Towards a comprehensive definition of cloud computing.............. 11
2.1.2 Concepts of utilisation............................................ 14
2.1.3 Alternative approaches............................................. 17
2.2 Understanding IT outsourcing to cloud infrastructures.................... 18
2.2.1 Legitimate actors and their interaction........................... 19
2.2.2 Relevance of legal compliance...................................... 22
2.3 Technical impact of clouds on legal compliance........................... 23
2.3.1 Evaluating cloud infrastructures . ................................ 23
2.3.2 Distributed computing and location inhomogeneity................... 24
2.3.3 Impact of virtualisation ......................................... 25
2.4 Summary of related work ......................................... 26
2.5 Conclusions on legally compliant clouds ............................... 27
3 Legal analysis and technical requirements 29
3.1 Lawfulness of cloud computing............................................ 30
3.1.1 Data categories and corresponding legal norms ............. 30
3.1.2 Basic requirements for data processing in clouds................... 33
3.2 Limits and handling of carrying out data processing....................... 35
3.2.1 Processor, controller, and their responsibilities ............... . 36
3.2.2 Inspection of the processor...................................... 37
3.2.3 Prohibition and limitation of data transmission.................... 38
3.2.4 Professional secret................................................ 41
3.3 Necessary safeguards at the cloud provider.................................41
v
3.3.1 Confidentiality........................................................41
3.3.2 Authenticity and integrity ........................................... 42
3.3.3 Availability.......................................................... 43
3.3.4 Handling subcontractors................................................43
3.3.5 Multi-tenancy and rule of separation.................................. 44
3.3.6 Other obligations......................................................44
3.4 Dealing with sectoral requirements............................................45
3.4.1 Financial sector...................................................... 46
3.4.2 Tax data in the cloud..................................................48
3.4.3 Export control and dual-use........................................... 50
3.4.4 Medical and healthcare sector......................................... 51
3.4.5 Public sector......................................................... 52
3.5 Special requirements......................................................... 54
3.5.1 Retention, deletion and documentation................................. 54
3.5.2 Search and confiscation in the cloud.................................. 56
3.5.3 Necessity for location-determined data processing .................... 57
3.6 Conclusions on technical requirements........................................ 61
3.6.1 Identification of the necessary level of security..................... 62
3.6.2 Security policies..................................................... 64
3.6.3 Implementation and enforcement of safeguards.......................... 64
3.6.4 Monitoring, documentation, and reporting of compliance.................66
3.6.5 Final conclusion...................................................... 66
4 Technical analysis of cloud computing and supporting legal compliance 67
4.1 Towards an IaaS cloud computing ontology..................................... 68
4.1.1 The entity-relationship model (using an ontology’s notation)...........69
4.1.2 Classification of virtual resources................................... 70
4.1.3 Classification of hardware resources................................ 77
4.1.4 Cloud infrastructure ................................................. 83
4.2 Cloud security management ................................................... 89
4.2.1 Effective level of security .......................................... 89
4.2.2 Cloud security policies................................................94
4.2.3 Security measures in the cloud........................................ 96
4.2.4 Counter measures and incident response................................104
4.2.5 Conclusions on cloud security management..............................105
4.3 Compliance management in the cloud...........................................105
4.3.1 Logging and documentation.............................................105
4.3.2 Compliance monitoring ................................................108
4.3.3 Compliance reporting..................................................110
4.3.4 Conclusions on compliance management..................................Ill
4.4 Conclusions on implementing legally compliant clouds ........................112
vi
5 Tackling location inhomogeneity with information flow control 113
5.1 Information flow in cloud infrastructures.................................114
5.1.1 Information flow in IaaS cloud computing.............................115
5.1.2 Separation of responsibility and information flow control............118
5.1.3 Conclusions on modelling information flow............................120
5.2 Limits of existing models for information flow control ...................124
5.2.1 Mandatory access control vs. discretionary access control ...........125
5.2.2 Lattice-based models for access control..............................126
5.2.3 Issues on tackling location inhomogeneity in clouds .................143
5.3 Towards a complete model of information flow control.......................145
5.3.1 General model on information flow control............................145
5.3.2 Introducing location-determination in information flow control.....149
5.3.3 Introducing availability in information flow control.................152
5.3.4 Information flow control in the cloud management process.............154
5.4 Implementing information flow control.....................................162
5.4.1 Trustworthy resource classification .................................163
5.4.2 Resource allocation and management...................................166
5.4.3 Compliance monitoring and reporting..................................170
5.5 Conclusions on tackling location inhomogeneity in clouds .................173
6 Implementation and Evaluation 175
6.1 Implementing and evaluating location determination in OpenStack...........176
6.1.1 Resource management and logging in OpenStack.........................176
6.1.2 Location-determining resource management and logging architecture . 178
6.1.3 Experimental set-up and evaluation results ..........................181
6.2 The price and return on legally compliant cloud computing.................185
6.2.1 Complying with legislation and corporate customers’requirements . . 185
6.2.2 Technical feasibility of legally compliant cloud computing...........187
6.2.3 Trustworthiness of legally compliant cloud computing.................190
6.3 Conclusions on legal and technical boundary ..............................191
7 Conclusions and directions for future research 193
7.1 Main contributions and results............................................193
7.2 Application and practical implications......................................195
7.3 Outlook on directions of future research..................................197
A Comparison of virtual resources in current cloud infrastructres 201
B Construction of a lattice-based system using confidentiality classes 205
C XML-based location policies 209
C.l XML Schema Definition......................................................209
C.2 Example policies used in the experiment ...................................210
vii
D Logs and screenshots of the experiment 213
D.l Log-files of the nova server...............................................213
D.2 Logging data of ceilometer.................................................214
D.3 Screenshots of the dashboard...............................................222
D.4 Screenshots of the audit board.............................................224
Glossary 227
Acronyms 229
Symbols 233
List of Figures 237
List of Tables 239
List of Listings 241
List of Definitions 242
References 245
viii
|
any_adam_object | 1 |
author | Herkenhöner, Ralph |
author_facet | Herkenhöner, Ralph |
author_role | aut |
author_sort | Herkenhöner, Ralph |
author_variant | r h rh |
building | Verbundindex |
bvnumber | BV043691080 |
classification_rvk | ST 200 |
collection | ebook |
ctrlnum | (OCoLC)954191303 (DE-599)BVBBV043691080 |
discipline | Informatik |
format | Thesis Book |
fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01832nam a2200421 c 4500</leader><controlfield tag="001">BV043691080</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20210506 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">160728s2015 |||| m||| 00||| eng d</controlfield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)954191303</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV043691080</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-739</subfield><subfield code="a">DE-355</subfield><subfield code="a">DE-29</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 200</subfield><subfield code="0">(DE-625)143611:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Herkenhöner, Ralph</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Tackling cloud compliance through information flow control</subfield><subfield code="c">Ralph Herkenhöner</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Passau</subfield><subfield code="c">2015</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">viii, 263 Seiten</subfield><subfield code="b">Diagramme</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="502" ind1=" " ind2=" "><subfield code="b">Dissertation</subfield><subfield code="c">Universität Passau</subfield><subfield code="d">2016</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Informationsfluss</subfield><subfield code="0">(DE-588)4161668-6</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Cloud Computing</subfield><subfield code="0">(DE-588)7623494-0</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Compliance-System</subfield><subfield code="0">(DE-588)4442497-8</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="655" ind1=" " ind2="7"><subfield code="0">(DE-588)4113937-9</subfield><subfield code="a">Hochschulschrift</subfield><subfield code="2">gnd-content</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Cloud Computing</subfield><subfield code="0">(DE-588)7623494-0</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Compliance-System</subfield><subfield code="0">(DE-588)4442497-8</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="2"><subfield code="a">Informationsfluss</subfield><subfield code="0">(DE-588)4161668-6</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe</subfield><subfield code="o">urn:nbn:de:bvb:739-opus4-3696</subfield></datafield><datafield tag="856" ind1="4" ind2=" "><subfield code="u">https://nbn-resolving.org/urn:nbn:de:bvb:739-opus4-3696</subfield><subfield code="x">Resolving-System</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">https://opus4.kobv.de/opus4-uni-passau/frontdoor/index/index/docId/369</subfield><subfield code="z">kostenfrei</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Passau - ADAM Catalogue Enrichment</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029103743&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ebook</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-029103743</subfield></datafield></record></collection> |
genre | (DE-588)4113937-9 Hochschulschrift gnd-content |
genre_facet | Hochschulschrift |
id | DE-604.BV043691080 |
illustrated | Not Illustrated |
indexdate | 2024-07-10T07:32:37Z |
institution | BVB |
language | English |
oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-029103743 |
oclc_num | 954191303 |
open_access_boolean | 1 |
owner | DE-739 DE-355 DE-BY-UBR DE-29 |
owner_facet | DE-739 DE-355 DE-BY-UBR DE-29 |
physical | viii, 263 Seiten Diagramme |
psigel | ebook |
publishDate | 2015 |
publishDateSearch | 2015 |
publishDateSort | 2015 |
record_format | marc |
spelling | Herkenhöner, Ralph Verfasser aut Tackling cloud compliance through information flow control Ralph Herkenhöner Passau 2015 viii, 263 Seiten Diagramme txt rdacontent n rdamedia nc rdacarrier Dissertation Universität Passau 2016 Informationsfluss (DE-588)4161668-6 gnd rswk-swf Cloud Computing (DE-588)7623494-0 gnd rswk-swf Compliance-System (DE-588)4442497-8 gnd rswk-swf (DE-588)4113937-9 Hochschulschrift gnd-content Cloud Computing (DE-588)7623494-0 s Compliance-System (DE-588)4442497-8 s Informationsfluss (DE-588)4161668-6 s DE-604 Erscheint auch als Online-Ausgabe urn:nbn:de:bvb:739-opus4-3696 https://nbn-resolving.org/urn:nbn:de:bvb:739-opus4-3696 Resolving-System https://opus4.kobv.de/opus4-uni-passau/frontdoor/index/index/docId/369 kostenfrei Volltext Digitalisierung UB Passau - ADAM Catalogue Enrichment application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029103743&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis |
spellingShingle | Herkenhöner, Ralph Tackling cloud compliance through information flow control Informationsfluss (DE-588)4161668-6 gnd Cloud Computing (DE-588)7623494-0 gnd Compliance-System (DE-588)4442497-8 gnd |
subject_GND | (DE-588)4161668-6 (DE-588)7623494-0 (DE-588)4442497-8 (DE-588)4113937-9 |
title | Tackling cloud compliance through information flow control |
title_auth | Tackling cloud compliance through information flow control |
title_exact_search | Tackling cloud compliance through information flow control |
title_full | Tackling cloud compliance through information flow control Ralph Herkenhöner |
title_fullStr | Tackling cloud compliance through information flow control Ralph Herkenhöner |
title_full_unstemmed | Tackling cloud compliance through information flow control Ralph Herkenhöner |
title_short | Tackling cloud compliance through information flow control |
title_sort | tackling cloud compliance through information flow control |
topic | Informationsfluss (DE-588)4161668-6 gnd Cloud Computing (DE-588)7623494-0 gnd Compliance-System (DE-588)4442497-8 gnd |
topic_facet | Informationsfluss Cloud Computing Compliance-System Hochschulschrift |
url | https://nbn-resolving.org/urn:nbn:de:bvb:739-opus4-3696 https://opus4.kobv.de/opus4-uni-passau/frontdoor/index/index/docId/369 http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029103743&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |
work_keys_str_mv | AT herkenhonerralph tacklingcloudcompliancethroughinformationflowcontrol |