Towards Trusted Location Specific Information for Cloud Servers
DOI:
https://doi.org/10.13052/jicts2245-800X.511Keywords:
Datacenter design, Trusted cloud geolocation, Data sovereignty, Privacy, Confidentiality, Data integrity, Data protectionAbstract
Every physical datacenter is located somewhere on the globe. It is subject to the local legislation, including data protection related laws. A cloud service can be delivered from a set of datacenters in several locations. Responsibilities of the service provider include ensuring that legal and agreed constraints are respected also by its subcontractors, for example, those providing cloud computing resources. Several countries have data protection legislation that restrict sharing copies of sensitive data to locations that do not have compliant legislation. This paper presents ideas to dependably detect location specific information, like the legislation properties, of the current physical host server executing a service.
Downloads
References
Anonyms (2017). Government under Fire After Transport Agency Data Breach. Available at: http://sverigesradio.se/sida/artikel.aspx? programid=2054&artikel=6740394 [accessed July 28, 2017].
Anonyms (2017). Swedish Authority Handed Over ‘Keys to the Kingdom’ in IT Security Slip-up. Available at: https://www.thelocal.se/20170717/ swedish-authority-handed-over-keys-to-the-kingdom-in-it-security-slip-up [accessed July 26, 2017].
Palad, N., and Michalas, A. (2014). One of Our Hosts in another Country: Challenges of Data Geolocation in Cloud Storage. Sweden: Swedish Institute of Computer Science, 1–6.
Anonyms (2013). The OECD Privacy Framework. Available at: https://www.oecd.org/sti/ieconomy/oecd_privacy_framework.pdf
Hippeläinen, L., Oliver, I., and Shankar, L. (2016). Survey of Cloud Server Geolocating Techniques. Available at: http://fruct.org/publications/fruct 19/files/Hip.pdf
Ravidas, S., Lal, S., Oliver, I., and Hippeläinen, L. (2017). Incorporating Trust in NFV: Addressing the Challenges. Paris: IEEE Xplore Digital Library.
Anonyms (2017). Lawful Interception. Available at: http://www.etsi.org/ technologies-clusters/technologies/lawful-interception [accessed March 14, 2017].
Hippelainen, L., Oliver, I., and Lal, S. (2017). “Towards dependably detecting geolocation of cloud servers,” in Proceedings of the 11th International Conference on Network and System Security, NSS 2017, Helsinki, Finland, August 21–23, 2017 (Helsinki: Springer International Publishing), 643.
McKnight, D. H., and Chervany, N. L. (1996). The Meanings of Trust. Available at: http://www.misrc.umn.edu/workingpapers/fullpapers/1996/ 9604_040100.pdf [accessed March 2, 2017].
Kittleson, N. (2012). Trusted Computing Overview.Available at: https://scap.nist.gov/events/2012/itsac/presentations/day2/4oct_11am_ki ttleson.pdf [accessed March 15, 2017].
Wilkins, R., and Nixon, T. (2016). The Chain of Trust. Available at: http://www.uefi.org/sites/default/files/resources/UEFI%20Forum%20White%20Paper%20-%20Chain%20of%20Trust%20Introduction_Final.pdf [accessed March 14, 2017].
Trusted Computing Group (2016). Trusted Platform Module Library Specification, Family “2.0”, Level 00, Revision 01.38. Available at: https://trustedcomputinggroup.org/tpm-library-specification/ [accessed March 2, 2017].
Futral, W., and Greene, J. (2013). Intel Trusted Execution Technology for Server Platforms. New York City, NY: Apress.
Mell, P., and Grance, T. (2011). The NIST Definition of Cloud Computing. Gaithersburg, MD: National Institute of Standards and Technology.
Anonyms (2016). Jurisdiction. Available at: https://www.law.cornell. edu/wex/jurisdiction [accessed November 22, 2016].
Anonyms (2013). Definition: Data Sovereignty.Available at: http://whati s.techtarget.com/definition/data-sovereignty [accessed September 18, 2016].
Rouse, M. (2015). Definition: Data Residency.Available at: http:// searchcloudcomputing.techtarget.com/definition/data-residency
Anonyms (2016). Data Center. Available at: https://en.wikipedia.org/ wiki/Data_center [accessed September 26, 2016].
Determann, L., Bekeschenko, E., and Perevalov, V. (2015). Residency Requirements for Data in Clouds—What Now?Available at: http://www.globalequityequation.com/files/Uploads/Documents/Equity%20Equation/Residency%20Requirements%20for%20Data%20in%20Clouds%20–%20What%20Now.pdf [accessed September 2016].
Kuner, C. (2011). Regulation of Transborder Data Flows under Data Protection and Privacy Law: Past, Present and Future. Paris: OECD Publishing.
DLA Piper (2016). DLA Piper’s Data Protection Laws of the World Handbook. Available at: https://www.dlapiperdataprotection.com/ [accessed September 2016].
Anonyms (2016). Regulation on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of Such Data, and Repealing Directive 95/46/EC. Washington, DC: General Data Protection Regulation.
Anonyms (2013). The OECD Privacy Framework. Available at: https://www.oecd.org/sti/ieconomy/oecd_privacy_framework.pdf
Anonyms (2012). Privacy Amendment (Enhancing Privacy Protection) Act. Federal Register of Legislation.
Anonyms (2016). Final Cybersecurity Law Enacted in China. Available at: https://www.huntonprivacyblog.com/2016/11/08/final-cybersecurity-law-enacted-china/ [accessed November 14, 2016].
Gallia, A. L., McLoughlin, L. P., Khaskelis, A. S., and Voltchenko, M. A. (2015). Russian Federation: Russia’s Personal Data Localization Law Goes Into Effect. Available at: http://www.mondaq.com/russianfederatio n/x/435890/Data+Protection+Privacy/Russias+Personal+Data+Localization+Law+Goes+Into+Effect
Jolly, I. (2016). Data protection in United States: Overview. Available at: http://uk.practicallaw.com/6-502-0467 [accessed September 14, 2016].
Albeshri, A. A., Boyd, C., and Gonzalez Nieto, J. (2012). Geoproof: Proofs of Geographic Location for Cloud Computing Environment. Macau: IEEE, 506–514.
Hambling, D. (2017). Ships Fooled in GPS Spoofing Attack Suggest Russian Cyberweapon. Available at: https://www.newscientist.com/article/ 2143499-ships-fooled-in-gps-spoofing-attack-suggest-russian-cyberwea pon/ [accessed August 14, 2017].
ARM Limited (2017). ARM Security Technology Building a Secure System using TrustZone Technology. Available at: http://infocenter.arm.com/ help/ index.jsp?topic=/com.arm.doc.prd29-genc-009492c/CACGCHFE. html [accessed May 2017].
Intel (2014). Strengthening Security with Intel Platform Trust Technology. Available at: https://www.intel.com/content/dam/www/public/us/en/documents/white-papers/enterprise-security-platform-trust-technology-white-paper.pdf [accessed August 30, 2017].
Coupe, C., Hegenderfer, S., and Schmidt, S. (2016). Debunking the Myth: Bluetooth Range. Available at: https://www.bluetooth.com/∼/media/files/ marketing/range%20white %20paper.ashx?la=en
Anonyms (2011) How Many Active Bluetooth Devices Can I Reliably Detect in a Single Space? Available at: http://electronics.stackexchange. com/questions/21991/how-many-active-bluetooth-devices-can-i-reliably-detect-in-a-single-space [accessed September 14, 2016].
Brands, S., and Chaum, D. (1993). “Distance-bounding protocols,” in Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques, Berlin: Springer.
LAN/MAN Standards Committee (2009). Station and Media Access Control Connectivity Discovery, New York, NY: IEEE Computer Society.
Ochoa Aday, L., Cervelló Pastor, C., and Fernández Fernández, A. (2015). Current Trends of Topology Discovery in Open Flow-based Software Defined Networks. Available at: http://upcommons.upc.edu/handle/ 2117/ 77672 [accessed November 18, 2016].
Albeshri, A., Boyd, C., and Nieto, J. G. (2013). Enhanced GeoProof: improved geographic assurance for data in the cloud. Int. J. Inform. Sec. 13, 191–198.
