Presentation - ITU by wangnianwu


									             ITU Workshop on “Cloud Computing”
                          (Tunis, Tunisia, 18-19 June 2012)

              Privacy in Cloud Computing

                             Vijay Mauree,
                     Programme Coordinator, TSB,

Tunis, Tunisia, 18-19 June 2012

        Cloud Computing Challenges
        What is privacy?
        What is the data lifecycle?
        Key privacy concerns
        Privacy by design and PETs

Tunis, Tunisia, 18-19 June 2012            2
                Privacy in Cloud Computing

        ITU Technology Watch
        Report – March 2012
              Jointly with Stéphane
              Guilloteau, France Telecom
        The report
              Surveys privacy issues in cloud
              computing and best practices
              to meet legal and regulatory
              Standardization activities
              ongoing at international level

Tunis, Tunisia, 18-19 June 2012                 3
            Cloud Computing Challenges

       The cloud is like a big black box, nothing inside
       the cloud is visible to the clients
       Data in the cloud are easier to manipulate
       There could be malicious system admins who can
       violate confidentiality and integrity
       Clouds are still subject to traditional data
       confidentiality, integrity, availability, and privacy
       issues, plus some additional attacks

Tunis, Tunisia, 18-19 June 2012
            Cloud Computing Challenges

       Can cloud providers be trusted?
       Are cloud servers reliable?
       What happens if data get lost?
       What about privacy?
       Is it easy to switch to another cloud provider?

Tunis, Tunisia, 18-19 June 2012
           Impact of cloud computing on the
              governance structure of IT

Tunis, Tunisia, 18-19 June 2012
              What is Privacy?
The concept of privacy varies widely among (and
sometimes within) countries, cultures, and
It is shaped by public expectations and legal
interpretations; as such, a concise definition is elusive
if not impossible.
No universally binding legislation covering all
Europe and United States
  Right to self determination, i.e right of individuals to ‘know
  what is known about them’
  Be aware what information is stored about them, control how
  information is communicated and prevent its abuse.
  It is more than just confidentiality of information

             What is Privacy?
Privacy rights or obligations are related to the
collection, use, disclosure, storage, and destruction of
personal data (or Personally Identifiable Information—
At the end of the day, privacy is about the
accountability of organizations to data subjects, as
well as the transparency to an organization’s practice
around personal information.

What is the data life cycle?

    • Personal information should be
      managed as part of the data used
      by the organization
    • Protection of personal
      information should consider the
      impact of the cloud on each phase
What Are the Key Privacy Concerns?

 Typically mix security and privacy
 Some considerations to be aware of:
   Auditing, monitoring and risk management
   Privacy Breaches
   Who is responsible for protecting privacy?

What Are the Key Privacy Concerns?
 Data integrity and availability are essential
 elements in the provision of cloud computing
 Article 17 EU Data Protection Directive
 The controller and its processors must implement
 technical and organizational measures to protect
 personal data against accidental or unlawful
 destruction or accidental loss, alteration,
 unauthorized disclosure or access; having regard
 to the state of the art and the cost of their
 implementation, such measures must ensure a
 level of security appropriate to the risks
 represented by the processing and the nature of
 the data to be protected
        Odense Municipality Case
              use Google Apps within the school system
        Danish Data Protection Agency rejected the
        municipality plan to use Google Apps
              The municipality does not know where the data are
              physically located.
              It is unclear how the following requirements of the
              Danish Data Protection Act will be met:
                  Deletion of data so that it cannot be recreated.
                  Transmission and login: the municipality has not
                  made clear whether encryption will be used when
                  transferring data between the various data centres.
                  No information has been provided about what data
                  are logged or how long the log is stored.

Tunis, Tunisia, 18-19 June 2012                                         12
What Are the Key Privacy Concerns?
 Cloud Deployment Models
   Service as a Service (SaaS)
   Platform as a Service (PaaS)
   Infrastructure as a Service (IaaS)
   Customer has no influence over input data is processed
   Customer can decide if personal data will be input
   Customer can secure personal data before it is sent to
   the SaaS.
   Provides tools supported by a cloud provider for
   developers to deploy applications
   Responsibility lies with the developer to use best
   practices and privacy friendly tools
   Developer relies on the trustworthiness of the PaaS
What Are the Key Privacy Concerns?
   Provides customer with computing resources to run
   IaaS provider will secure data centres, network and also
   ensure employees and procedures comply with
   applicable laws and procedures
   IaaS provider will not provide data-level compliance e.g
   geographic restriction of data transfers.
   Responsibility lies with the cloud user to maintain
   compliance controls
   E.g if the IaaS is based on virtualization, it should be
   possible for the user to express that IaaS provider
   should migrate the virtual machines from EU based data
   centres to US based data centres.

       The Madrid Resolution
Madrid Resolution (2009) approved by data
protection authorities of 50 countries
Framework for international standards on privacy
and data protection
Defines a set of principles and rights
  for protecting privacy with regards to processing of
  personal data and
  Facilitate international flow of personal data
Encourages countries to implement proactive
measures to promote better compliance with data
protection laws and adapt information systems
for processing of personal data

                                  Privacy By Design
        EU review of Data Protection Directive in 2011
              Principle of privacy by design
              Implement privacy enhancing technologies (PETs)
              Privacy by default settings
              EU rules must apply if personal data is handled abroad
              by companies active in EU market
        Privacy by design binding for
              Data controllers
              Business partners
        Need for standardized privacy protection

Tunis, Tunisia, 18-19 June 2012                                        16
                                  Privacy By Design

        7 principles
              Data minimization
              User friendly systems
              Data confidentiality
              Data quality
              Use limitation

Tunis, Tunisia, 18-19 June 2012                       17
                                  Privacy By Design

          Data Flow Table
               Type of data
               Persons entitled to process personal data
               Operating platform
               Processing application
               Purpose of data processing
               Protection mode
               Storage lifetime and disposal measure
               Data recipients
               Indicate destination country if data is
               transferred outside the country.
Tunis, Tunisia, 18-19 June 2012                            18

        No common definition for PETs.
        Main characteristics
              Reduce the risk of breaching privacy principles
              Minimize amount of data held about people
              Allow individuals to retain control of information about
              Opacity tools e.g encryption, anonymization
              Transparency enhancing tools which provides users with
              information about privacy policies or granting them
              online access to their personal data.

Tunis, Tunisia, 18-19 June 2012                                          19
     Data life cycle              Privacy principles   Privacy protection    Examples of PETs
                                                       measures              and ICT standards

     Collection/Generation Proportionality and         Data minimization     Anonymous
                           purpose specification                             communication
                                                                             Group and blind
                                                                             ISO/IEC JTC1/SC27
                                                                             WG2 and WG5

     Storage                      Accountability,      Confidentiality       Encryption
                                  Security measures                          AES NIST (FIPS 197)
                                  Sensitive data
     Sharing and                  Lawfulness and       Data access control   Privacy dashboard
     processing                   fairness, consent,                         OASIS XACML, ITU-T
                                  right of access                            X.1142
     Deletion                     Openness, right to   Confidentiality       Deletion
                                  delete                                     Anonymization
                                                                             Hash functions

Tunis, Tunisia, 18-19 June 2012                                                                    20

       Privacy concerns are increasingly important
       Privacy issues are different depending on cloud
       deployment model used
       Madrid Resolution provides an international
       framework for privacy standards
       A security risk assessment is essential before
       switching to cloud based environment.
       Embedding privacy by design and PETs for cloud
       services is strongly supported by Data Protection
       Privacy by design and PETs will play an important
       role in cloud services
Tunis, Tunisia, 18-19 June 2012                            21

To top