tunis, tunisia, 18-19 june 2012 privacy in cloud computing vijay mauree, programme coordinator, tsb,...
TRANSCRIPT
Tunis, Tunisia, 18-19 June 2012
Privacy in Cloud Computing
Vijay Mauree,Programme Coordinator, TSB,
ITU Workshop on “Cloud Computing”
(Tunis, Tunisia, 18-19 June 2012)
Agenda
Cloud Computing ChallengesWhat is privacy?What is the data lifecycle?Key privacy concernsPrivacy by design and PETsConclusions
Tunis, Tunisia, 18-19 June 2012 2
Privacy in Cloud Computing
ITU Technology Watch Report – March 2012
Jointly with Stéphane Guilloteau, France Telecom Orange
The reportSurveys privacy issues in cloud computing and best practices to meet legal and regulatory obligations.Standardization activities ongoing at international level
Tunis, Tunisia, 18-19 June 2012 3
Cloud Computing Challenges
The cloud is like a big black box, nothing inside the cloud is visible to the clientsData in the cloud are easier to manipulateThere could be malicious system admins who can violate confidentiality and integrityClouds are still subject to traditional data confidentiality, integrity, availability, and privacy issues, plus some additional attacks
4Tunis, Tunisia, 18-19 June 2012
Cloud Computing Challenges
Can cloud providers be trusted?Are cloud servers reliable?What happens if data get lost?What about privacy?Is it easy to switch to another cloud provider?
5Tunis, Tunisia, 18-19 June 2012
Impact of cloud computing on the governance structure of IT
organizations
6Tunis, Tunisia, 18-19 June 2012
What is Privacy?The concept of privacy varies widely among (and sometimes within) countries, cultures, and jurisdictions. It is shaped by public expectations and legal interpretations; as such, a concise definition is elusive if not impossible. No universally binding legislation covering all countriesEurope and United StatesPrivacy
Right to self determination, i.e right of individuals to ‘know what is known about them’Be aware what information is stored about them, control how information is communicated and prevent its abuse.It is more than just confidentiality of information
7
What is Privacy?Privacy rights or obligations are related to the collection, use, disclosure, storage, and destruction of personal data (or Personally Identifiable Information—PII). At the end of the day, privacy is about the accountability of organizations to data subjects, as well as the transparency to an organization’s practice around personal information.
8
What is the data life cycle?
9
• Personal information should be managed as part of the data used by the organization
• Protection of personal information should consider the impact of the cloud on each phase
What Are the Key Privacy Concerns?
Typically mix security and privacySome considerations to be aware of:
StorageRetentionDestructionAuditing, monitoring and risk managementPrivacy BreachesWho is responsible for protecting privacy?
10
What Are the Key Privacy Concerns?
Data integrity and availability are essential elements in the provision of cloud computing services. Article 17 EU Data Protection DirectiveThe controller and its processors must implement technical and organizational measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access; having regard to the state of the art and the cost of their implementation, such measures must ensure a level of security appropriate to the risks represented by the processing and the nature of the data to be protected
11
Example
Odense Municipality Caseuse Google Apps within the school system
Danish Data Protection Agency rejected the municipality plan to use Google Apps
The municipality does not know where the data are physically located. It is unclear how the following requirements of the Danish Data Protection Act will be met:
Deletion of data so that it cannot be recreated.Transmission and login: the municipality has not made clear whether encryption will be used when transferring data between the various data centres.No information has been provided about what data are logged or how long the log is stored.
Tunis, Tunisia, 18-19 June 2012 12
What Are the Key Privacy Concerns?Cloud Deployment Models
Service as a Service (SaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
SaaSCustomer has no influence over input data is processed
Customer can decide if personal data will be input
Customer can secure personal data before it is sent to the SaaS.
PaaSProvides tools supported by a cloud provider for developers to deploy applications
Responsibility lies with the developer to use best practices and privacy friendly tools
Developer relies on the trustworthiness of the PaaS
13
What Are the Key Privacy Concerns?
IaaSProvides customer with computing resources to run applicationsIaaS provider will secure data centres, network and also ensure employees and procedures comply with applicable laws and proceduresIaaS provider will not provide data-level compliance e.g geographic restriction of data transfers.Responsibility lies with the cloud user to maintain compliance controlsE.g if the IaaS is based on virtualization, it should be possible for the user to express that IaaS provider should migrate the virtual machines from EU based data centres to US based data centres.
14
The Madrid Resolution
Madrid Resolution (2009) approved by data protection authorities of 50 countriesFramework for international standards on privacy and data protectionDefines a set of principles and rights
for protecting privacy with regards to processing of personal data andFacilitate international flow of personal data
Encourages countries to implement proactive measures to promote better compliance with data protection laws and adapt information systems for processing of personal data
15
Privacy By Design
EU review of Data Protection Directive in 2011Principle of privacy by designImplement privacy enhancing technologies (PETs)Privacy by default settingsEU rules must apply if personal data is handled abroad by companies active in EU market
Privacy by design binding forData controllersDevelopersBusiness partners
Need for standardized privacy protection measures
Tunis, Tunisia, 18-19 June 2012 16
Privacy By Design
7 principlesData minimizationControllabilityTransparencyUser friendly systemsData confidentialityData qualityUse limitation
Tunis, Tunisia, 18-19 June 2012 17
Privacy By Design
Data Flow TableType of dataPersons entitled to process personal dataOperating platformProcessing applicationPurpose of data processingProtection modeStorage lifetime and disposal measureData recipientsIndicate destination country if data is transferred outside the country.
Tunis, Tunisia, 18-19 June 2012 18
PETs
No common definition for PETs. Main characteristics
Reduce the risk of breaching privacy principlesMinimize amount of data held about peopleAllow individuals to retain control of information about themselves
IncludesOpacity tools e.g encryption, anonymizationTransparency enhancing tools which provides users with information about privacy policies or granting them online access to their personal data.
Tunis, Tunisia, 18-19 June 2012 19
PETs
Tunis, Tunisia, 18-19 June 2012 20
Data life cycle Privacy principles Privacy protection measures
Examples of PETs and ICT standards
Collection/Generation Proportionality and purpose specification
Data minimization Anonymous communication
Anonymous credential
Group and blind signatures
ISO/IEC JTC1/SC27 WG2 and WG5
Storage Accountability, Security measures
Sensitive data
Confidentiality Encryption
AES NIST (FIPS 197)
Sharing and processing
Lawfulness and fairness, consent, right of access
Data access control Privacy dashboard
OASIS XACML, ITU-T X.1142
Deletion Openness, right to delete
Confidentiality Deletion
Anonymization protocol
Hash functions
Conclusions
Privacy concerns are increasingly importantPrivacy issues are different depending on cloud deployment model usedMadrid Resolution provides an international framework for privacy standardsA security risk assessment is essential before switching to cloud based environment.Embedding privacy by design and PETs for cloud services is strongly supported by Data Protection Authorities.Privacy by design and PETs will play an important role in cloud services
Tunis, Tunisia, 18-19 June 2012 21