During the recent few years, Cloud Computing has gained a strategic importance in the development of the ICT sector. Cloud Services have been adopted by companies, public administrations, and private customers to store and process data. As the requirements in terms of information reliability, accessibility, and availability increase, so do the requirements related to confidentiality and security of sensitive and classified data (e-mail, medical records, etc.). These are therefore translated into legal requirements constraints. When data are used by a Cloud application, security and confidentiality issues may arise due to the geographical distribution of the Cloud Providers’ data center. Indeed, it is a very common practice for a Cloud Provider to have its registered office in a country, while the several data centers it controls are located in different continents of the world. This business strategy, clearly aimed at maximizing profit by reducing expenses (especially in terms of taxes), is in contrast to the variegated national laws, which may provide specific requirements and security measures for the treatment of different kinds of data. This chapter presents an overview of the current initiatives concerning the legislation awareness in Cloud Computing and reports the main aspects to take into account to approach such a topic.
Legislation-aware cloud computing: An overview
Di Martino, Beniamino;Cretella, Giuseppina;Esposito, Antonio
2017
Abstract
During the recent few years, Cloud Computing has gained a strategic importance in the development of the ICT sector. Cloud Services have been adopted by companies, public administrations, and private customers to store and process data. As the requirements in terms of information reliability, accessibility, and availability increase, so do the requirements related to confidentiality and security of sensitive and classified data (e-mail, medical records, etc.). These are therefore translated into legal requirements constraints. When data are used by a Cloud application, security and confidentiality issues may arise due to the geographical distribution of the Cloud Providers’ data center. Indeed, it is a very common practice for a Cloud Provider to have its registered office in a country, while the several data centers it controls are located in different continents of the world. This business strategy, clearly aimed at maximizing profit by reducing expenses (especially in terms of taxes), is in contrast to the variegated national laws, which may provide specific requirements and security measures for the treatment of different kinds of data. This chapter presents an overview of the current initiatives concerning the legislation awareness in Cloud Computing and reports the main aspects to take into account to approach such a topic.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
