An Analysis of Cloud Certifications’ Performance on Privacy Protections

Tian Wang; Masooda Bashir

doi:10.5220/0010783200003120

An Analysis of Cloud Certifications’ Performance on Privacy Protections

Tian Wang, Masooda Bashir

2022

Abstract

Cloud computing is an evolving paradigm that changes the way humans share, store, and access their information in digital form. Although cloud computing offers tremendous benefits, it also brings security and privacy challenges. Certifications have been developed by governments and authorized organizations as a new approach to protecting users’ information in the cloud. While the security controls in the certifications have been well established and widely applied, the privacy protections provided by certifications are still ambiguous and yet to be examined. In this study, we identified and selected four cloud certifications that are commonly used for certifying the security and privacy of cloud computing, and we evaluated their performance on privacy protections specifically to understand how privacy is treated in these certifications according to their existing controls. Our research reveals a lack of privacy controls in the current certifications and inadequate privacy-related content; even when present, such content is not clear or is difficult to distinguish from security controls. Results demonstrate that without having a set of baseline privacy protection criteria or standards, it is very challenging to determine cloud certifications’ performance and adequacy for privacy protections. It also points to the urgent need for the development of a consistent and comprehensive privacy framework that can be utilized for such evaluations.

Download

Paper Citation

in Harvard Style

Wang T. and Bashir M. (2022). An Analysis of Cloud Certifications’ Performance on Privacy Protections. In Proceedings of the 8th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-553-1, pages 299-306. DOI: 10.5220/0010783200003120

in Bibtex Style

@conference{icissp22,
author={Tian Wang and Masooda Bashir},
title={An Analysis of Cloud Certifications’ Performance on Privacy Protections},
booktitle={Proceedings of the 8th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2022},
pages={299-306},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010783200003120},
isbn={978-989-758-553-1},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 8th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - An Analysis of Cloud Certifications’ Performance on Privacy Protections
SN - 978-989-758-553-1
AU - Wang T.
AU - Bashir M.
PY - 2022
SP - 299
EP - 306
DO - 10.5220/0010783200003120