Just a few years ago, people used to carry their documents around on disks. Then, more recently, many people switched to memory sticks. Cloud computing refers to the ability to access and manipulate information stored on remote servers, using any Internet-enabled platform, including smartphones. Computing facilities and applications will increasingly be delivered as a service, over the Internet. We are already making use of cloud computing when, for example, we use applications such as Google Mail, Microsoft Office365 1 or Google Docs. In the future, governments, companies and individuals will increasingly turn to the cloud. The cloud computing paradigm changes the way in which information is managed, especially where personal data processing is concerned. End-users can access cloud services without the need for any expert knowledge of the underlying technology. This is a key characteristic of cloud computing, which offers the advantage of reducing cost through the sharing of computing and storage resources, combined with an ondemand provisioning mechanism based on a pay-per-use business model. These new features have a direct impact on the IT budget and cost of ownership, but also bring up issues of traditional security, trust and privacy mechanisms. Privacy, in this report, refers to the right to self-determination, that is, the right of individuals to ‘know what is known about them’, be aware of stored information about them, control how that information is communicated and prevent its abuse. In other words, it refers to more than just confidentiality of information. Protection of personal information (or data protection) derives from the right to privacy via the associated right to self-determination. Every individual has the right to control his or her own data, whether private, public or professional. Without knowledge of the physical location of the server or of how the processing of personal data is configured, end-users consume cloud services without any information about the processes involved. Data in the cloud are easier to manipulate, but also easier to lose control of. For instance, storing personal data on a server somewhere in cyberspace could pose a major threat to individual privacy. Cloud computing thus raises a number of privacy and security questions. Can cloud providers be trusted? Are cloud servers reliable enough? What happens if data get lost? What about privacy and lock-in? Will switching to another cloud be difficult? Privacy issues are increasingly important in the online world. It is generally accepted that due consideration of privacy issues promotes user confidence and economic development. However, the secure release, management and control of personal information into the cloud represents a huge challenge for all stakeholders, involving pressures both legal and commercial. This report analyses the challenges posed by cloud computing and the standardization work being done by various standards development organizations (SDOs) to mitigate privacy risks in the cloud, including the role
of privacy-enhancing technologies.
No comments:
Post a Comment