A toolkit for automating compliance in cloud computing services

2014 
We present an integrated approach for automating service providers’ compliance with data protection laws and regulations, business and technical requirements in cloud computing. The techniques we propose in particular include: natural language analysis (of legislative and regulatory texts, and corporate security rulebooks) and extraction of enforceable rules, use of sticky policies, automated policy enforcement and active monitoring of data, particularly in cloud environments. We currently work on developing a software tool for semantic annotation and natural language processing of cloud ToS and other related policy texts. We describe our implementations of two parts of the proposed toolkit, namely the semantic annotation editor and the EnCoRe policy enforcement framework. We also identify opportunities for future software development in the area of cloud computing compliance.
    • Correction
    • Source
    • Cite
    • Save
    • Machine Reading By IdeaReader
    29
    References
    12
    Citations
    NaN
    KQI
    []