Multilateral privacy in clouds: Requirements for use in industry

Abstract

After the virtualisation of single components of computing systems such as storage, networks or computing devices the next step is the abstraction of the infrastructure as a whole: cloud computing. There are already cloud services on the market, but most of them rely on proprietary technology. Hence standards for cloud computing are needed that realise the requirements we have for present systems. In this context it is important to think of requirements for privacy when personal data are distributed in cloud services and on the other hand on restrictions an owner of computing resources wants to impose. It is important to note that the concepts that enable multilateral privacy are also needed by industry for the flexible realisation of service level agreements and governance to incorporate cloud services in business processes and to be compliant with legal regulations as e.g. SOX, EuroSOX. Therefore the methods that are needed to realise business critical IT services as cloud services are the same as for privacy.