Understanding the Security, Privacy and Trust Challenges
Download eBook for Free
|PDF file||0.7 MB|
|PDF file||0.2 MB|
The overall objective of The Cloud: Understanding the Security, Privacy and Trust Challenges study is to advise on policy and other interventions which should be considered in order to ensure that European users of cloud environments are offered appropriate protections, and to underpin a world-leading European cloud ecosystem. Cloud computing is increasingly subject to interest from policymakers and regulatory authorities. The European Commission's recent Digital Agenda highlighted a need to develop a pan-European 'cloud strategy' that will serve to support growth and jobs and build an innovation advantage for Europe. However, the concern is that currently a number of challenges and risks in respect of security, privacy and trust exist that may undermine the attainment of these broader policy objectives. Our approach has been to undertake an analysis of the technological, operational and legal intricacies of cloud computing, taking into consideration the European dimension and the interests and objectives of all stakeholders (citizens, individual users, companies, cloud service providers, regulatory bodies and relevant public authorities). We undertook literature and document review, interviews, case studies and held an expert workshop to identify, explore and validate these issues in more depth. The present paper represents the final consolidation of all inputs, suggestions and analyses and contains our recommendations for policy and other interventions.
Table of Contents
Definitions and drivers
Understanding the implications for security, privacy and trust
Security, privacy and trust challenges stemming from the technological underpinnings of cloud computing
Security, privacy and trust challenges inherent to the legal and regulatory aspects of cloud computing
Putting it all together: key risks and operational challenges
Solving the challenges: recommendations and actions
Research conducted by
The research described in this report was sponsored by the European Commission Directorate General Information Society and Media and conducted by RAND Europe.
This report is part of the RAND Corporation Technical report series. RAND technical reports may include research findings on a specific topic that is limited in scope or intended for a narrow audience; present discussions of the methodology employed in research; provide literature reviews, survey instruments, modeling exercises, guidelines for practitioners and research professionals, and supporting documentation; or deliver preliminary findings. All RAND reports undergo rigorous peer review to ensure that they meet high standards for research quality and objectivity.
This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit www.rand.org/pubs/permissions.
The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.