Cloud Provider Transparency - A View from Cloud Customers

Daniela Cruzes, Martin Gilje Jaatun

2015

Abstract

A major feature of public cloud services is that data are processed remotely in unknown systems that the users do not own or operate. This context creates a number of challenges related to data privacy and security and may hinder the adoption of cloud technology. One of these challenges is how to maintain transparency of the processes and procedures while at the same time providing services that are secure and cost effective. This paper presents results from an empirical study in which the cloud customers identified a number of transparency requirements to the adoption of cloud providers. We have compared our results with previous studies, and have found that in general, customers are in synchrony with research criteria for cloud service provider transparency, but there are also some extra pieces of information that customers are looking for.

References

  1. AbuKhousa, E., Mohamed, N., and Al-Jaroodi, J., “e-health cloud: Opportunities and challenges,” Future Internet, vol. 4, no. 3, pp. 621-645, 2012.
  2. Ahuja, S. P., Mani, S. and Zambrano, J., “A Survey of the State of Cloud Computing in Healthcare,” Network and Communication Technologies, vol. 1, no. 2, p. 12, 2012.
  3. Alnemr, R., Pearson, S., Leenes, R., and Mhungu, R., “COAT: Cloud Offerings Advisory Tool”. Proc. of the 2014 IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2014) 95-100, 2014.
  4. Azraoui, M., Elkhiyaoui, K., Önen, M., Bernsmed, K., Sendor, J., and Santana de Oliveira, A., “A-PPL: An accountability policy language”, in DPM, 9th International Workshop on Data Privacy Management, 10 September 2014.
  5. Bernsmed, K., Tountopoulos, V., Brigden, P., Rübsamen, T., Felici, M., Wainwright, N., Santana De Oliveira, A., Sendor, J., Sellami, M., and Royer, J.-C., “Consolidated use case report”, A4Cloud Deliverable D23.2, October 2014 http://www.a4cloud.eu/sites/default/files/D23.2% 20Consolidated%20use%20case%20report.pdf.
  6. Cruzes, D. S. and Dybå, T., Recommended Steps for Thematic Synthesis in Software Engineering. ESEM 2011: 275-284, 2011.
  7. Durkee, D., Why cloud computing will never be free. Commun. ACM 53(5): 62-69 , 2010.
  8. Felici, M., Koulouris, T. and Pearson, S., “Accountability for Data Governance in Cloud Ecosystems”, Proc. of the 2013 IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2013), 2013.
  9. Fischer-Hübner, S., Angulo, J., and Pulls, T., “How can Cloud Users be Supported in Deciding on, Tracking and Controlling How their Data are Used?”, Privacy and Identity Management for Emerging Services and Technologies, IFIP Advances in Information and Communication Technology Vol. 421, 2014, pp 77-92.
  10. Gavrilov, G. and Trajkovik V., “Security and privacy issues and requirements for healthcare cloud computing,” in Proceedings of ICT Innovations, 2012.
  11. Hon, W.K., Millard, C. and Walden, I., “Negotiating Cloud Contracts - Looking at Clouds from Both Sides Now” (May 9, 2012). 16 STAN. TECH. L. REV. 81 (2012); Queen Mary School of Law Legal Studies Research Paper No. 117/2012.
  12. Jaatun, M.G., Bernsmed, K., and Undheim, A.: "Security SLAs - an idea whose time has come?", Proc. CDARES, Prague, LNCS Volume 7465, pp 123-130, 2012.
  13. Jaatun, M.G., Pearson, S., Gittler, F., and Leenes, R., “Towards Strong Accountability for Cloud Service Providers”, Proc. of the 2014 IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2014), 2014.
  14. Khorshed, M. T., Ali, A.S. and Wasimi, S.A.: A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing. Future Gener. Comput. Syst. 28(6), 833-851 (2012).
  15. Kuo, A. M.-H., “Opportunities and challenges of cloud computing to improve health care services,” J. Med. Internet Res., vol. 13, no. 3, p. e67, 2011.
  16. Onwubiko, C., (2010) "Security Issues to Cloud Computing", in Cloud Computing: Principles, Systems & Applications, (Eds) Nick Antonopoulos and Lee Gillam, Springer-Verlag, August, 2010.
  17. Paquette S., Jaegar, P. T. and Wilson, S. C. Identifying the security risks associated with governmental use of cloud computing, Journal of Government Information Quarterly 27, pages 245-253, April, 2010.
  18. Pauley, W.A., “Cloud Provider Transparency: An Empirical Evaluation,” IEEE Security & Privacy (8)6, pp. 32- 39, 2010.
  19. Rodrigues, J. J., Torre, I. de la, Fernandez, G., and LopezCoronado, M., “Analysis of the security and privacy requirements of cloud-based electronic health records systems,” J. Med. Internet Res., vol. 15, no. 8, p. e186, 2013.
  20. Yang, H. and Tate, M., "A Descriptive Literature Review and Classification of Cloud Computing Research," Communications of the Association for Information Systems: Vol. 31, Article 2, 2012.
Download


Paper Citation


in Harvard Style

Cruzes D. and Jaatun M. (2015). Cloud Provider Transparency - A View from Cloud Customers . In Proceedings of the 5th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-758-104-5, pages 30-39. DOI: 10.5220/0005439000300039


in Bibtex Style

@conference{closer15,
author={Daniela Cruzes and Martin Gilje Jaatun},
title={Cloud Provider Transparency - A View from Cloud Customers},
booktitle={Proceedings of the 5th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2015},
pages={30-39},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005439000300039},
isbn={978-989-758-104-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 5th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - Cloud Provider Transparency - A View from Cloud Customers
SN - 978-989-758-104-5
AU - Cruzes D.
AU - Jaatun M.
PY - 2015
SP - 30
EP - 39
DO - 10.5220/0005439000300039