Abstract
The emerging new EU data protection regulation requires that regardless of the location of the data centers a cloud service provider will have to comply with the EU data protection regulation if it provides services to EU citizens. Handling personal data in a legally compliant way is a very important factor for ensuring the trustworthiness of a cloud service provider. In this paper we present a software component called Contract Validation Service (ConVS) that validates digital contracts and helps to automate contract-based access to personal data. The paper then shows how an authorisation system can use the ConVS to automate legally compliant authorisation decisions from XACML format-ted EU Data Protection Derivative rules. Such automation in determining contract-based access decisions offers the potential to significantly reduce the effort of ensuring legal compliance of the cloud service providers.
Original language | English |
---|---|
Title of host publication | 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing (UCC) |
Publisher | IEEE |
ISBN (Electronic) | 978-0-7695-5697-0 |
DOIs | |
Publication status | Published - 14 Mar 2016 |