Abstract :
Despite the increasing adoption of cloud-based services, concerns regarding the proper future usage and storage of data given to such services remain: Once sensitive data has been released to a cloud service, users often do not know which other organizations or services get access and may store, use or redistribute their data. The research field of usage control tackles such problems by enforcing requirements on the usage of data after it has been given away and is thus particularly important in the cloud ecosystem. So far, research has mainly focused on enforcing such requirements within single systems. This PhD thesis investigates the distributed aspects of usage control, with the goal to enforce usage control requirements on data that flows between systems, services and applications that may be distributed logically, physically and organizationally. To this end, this thesis contributes by tackling four related sub problems: (1) tracking data flows across systems and propagating corresponding data usage policies, (2) taking distributed policy decisions, (3) investigating adaptivity of today´s systems and services, and (4) providing appropriate guarantees. The conceptual results of this PhD thesis will be implemented and instantiated to cloud services, thus contributing to their trustworthiness and acceptance by providing security guarantees for the future usage of sensitive data. The results will be evaluated w.r.t. provided security guarantees, practicability, usability, and performance.
Keywords :
cloud computing; data handling; decision making; organisational aspects; security of data; PhD thesis; cloud ecosystem; cloud-based services; data redistribution; data storage; data usage control; data usage policies; distributed policy decision; logical distribution; organizational distribution; physical distribution; sensitive data; trustworthiness; usage control requirements; Computational modeling; Data processing; Distributed databases; Insurance; Process control; Security; Software;
