Over the past few old ages computing machine users have witnessed a paradigm displacement from the usage of personal computing machine to web-based solutions provided by big endeavors such as Amazon and Google. This new calculating paradigm is widely known as “cloud computing” . While this new calculating theoretical account already plays a important function in the IT industry, there is no comparative cosmopolitan definition. In general, cloud computer science can be considered as “A manner of Calculating where scalable and elastic IT capablenesss are provided as a service to multiple clients utilizing Internet technologies” ( Plummer 2009 ) .
The chief going from the personal computer science theoretical account is the loss of users ‘ physical control over their informations. Personal calculating evolved under the premises of personalized, situated control over the human-computer interaction. Users were able to utilize proprietary package related to assorted sorts of activities such as word processing, exposure redaction, media reproduction and logistics. Datas used to execute these applications were locally stored to the user ‘s personal computing machine. On the other manus, cloud calculating utilizes a web of remote waiters as the chief storage and information processing unit to supply advanced high-end online services.
Cloud computer science has been widely adopted by the bulk of cyberspace users. A recent research from Pew Research Center shows that 69 % of all cyberspace users in the U.S.A. have used cloud services, viz. data storage or web-based package ( John 2008 ) . However, as the research underlines most of these users are non cognizant of utilizing a engineering named “cloud computing” . Grosss on cloud computer science will make $ 42 billion in 2012 harmonizing to research house IDC while Merrill Lynch estimates grosss will make $ 160 billion in 2011 ( Fowler and Worthen 2009 ) .
However, traveling to “the cloud” raises important security and privateness issues for both users and suppliers of the service. In fact, this appears to be the biggest barrier to acceptance by both sides. The Pew Research Center research indicates high degrees of concern from users sing secondary usage of informations without their cognition, with targeted ads, informations change and informations selling being their chief concerns ( Pew 2008 ) . Furthermore, 68 % of European CIOs study security issues as a forestalling factor from following cloud computer science ( Portio Research 2010 )
In the present paper, the focal point is on privateness issues in the context of cloud computer science. Specifically, the purpose is to place the chief privateness challenges in a transnational sourcing environment, the cardinal institutional and non-institutional planetary participants in the cloud-computing market, and supply penetrations on the possible ways to make and prolong a planetary privateness model for cloud computer science.
The first subdivision of this article reviews the comparative literature up to day of the month. Cloud calculating ontology, privateness pacts and different positions on information privateness are presented. Yet, the article reviews the current proficient, legal and economic context sing privateness in the cloud.
The 2nd subdivision discusses the chief privateness challenges and identifies the cardinal planetary participants in the cloud calculating market. Furthermore, the articles efforts to supply penetrations on the creative activity of a consistent, cosmopolitan model for privateness in the cloud.
There is no individual, universally accepted cloud calculating definition. The impermanent use of the information processing substructure, provided as a service over the cyberspace is adopted in ( Youseff, Butrico et Al. 2008 ) . This useful position of calculating mediated by web engineerings is farther adopted in the literature ( Plummer 2009 ; Ucb/Eecs, Armbrust et Al. 2009 ; Cloud Security Alliance 2010 ) . Others adopt a somewhat user-oriented attack and concentrate on the cardinal distinction point from personal computer science ; the usage of resources that are remotely accessed through the Internet ( Cavoukian 2008 ; Microsoft 2009 ; Soghoian 2009 ) . Yet, there is no shared apprehension of the types of cloud systems.
A incorporate ontology suggests that cloud systems constitute a five-layer stack abstracted from a targeted-users position ; application bed, package environment bed, package substructure bed, package meats, hardware and microcode ( Youseff, Butrico et Al. 2008 ) . In fact, the huge bulk of users reside in the application bed, normally known every bit Software as a Service ( SaaS ) . This bed is accessed through web-browsers and assorted other smart devices. The package environment bed provides APIs and other programming environments to developers and is known every bit Platform as a Service ( PaaS ) , while package substructure is referred every bit Infrastructure as a Service ( IaaS ) , Data as a Service ( DaaS ) and Communications as s Service ( CaaS ) , depending on the nature of the service provided. Last, the hardware bed includes the physical resources that constitute “the cloud” and is more normally known every bit Hardware as a Service ( HaaS ) . In this paper the focal point is Software as a Service, as being the most seeable to the users.
This new calculating paradigm comes with many benefits for both end-users and suppliers. Cloud calculating brings lower capital costs for the users, higher flexibleness of service provisioning and the ability for endeavor users to concentrate on nucleus competences ( Cloud Security Alliance 2010 ) . Furthermore, place users enjoy the privileges of handiness, scalability and location-independent easiness of entree ( Leavitt 2009 ; Soghoian 2009 ) .Yet, service suppliers cut down application development costs ( Leavitt 2009 ) , while they can allow better protection of their rational belongings rights, manage client entree to their services easier and cut down care costs ( Soghoian 2009 ) .
However, both end-users and service suppliers remain concerned about several hazards refering to the usage of cloud computer science. The Cloud Security Alliance identifies the top menaces to overcast calculating as being “abuse and villainous usage of cloud computer science, insecure application programming interfaces, malicious insiders, shared engineering exposures, informations loss and history, service & A ; traffic hijacking” ( Cloud Security Alliance 2010 ) . On the user side, the most common job is that of individuality theft/fraud ( Cavoukian 2008 ; Soghoian 2009 ) . Users submit their personal information in field text when utilizing most of the cloud services. Hence, they are vulnerable to packet sniffing and other “man-in-the-middle” onslaughts. Apart from that, a important hazard for cloud users is secondary usage of their informations without their consent, chiefly for selling intents and governmental probes ( Cavoukian 2008 ; John 2008 ; Soghoian 2009 ) .
Privacy in the cloud
Possibly the most celebrated construct of privateness can be found in the statement made by Warren and Brandeis, as “the right to be let alone” ( Warren and Brandeis 1890 ) . Privacy is both a human and a legal right. Arbitrary intervention with an person ‘s privateness should be lawfully protected harmonizing to both the article 12 of the Universal Declaration of Human Rights ( UNCHR 1948 ) and article 17 of the International Covenant on Civil and Political Rights, while the latter besides suggests an duty to protect this right ( International Covenant on Civil and Political Rights 1966 ) . Yet, a legal standing of the right to privateness is more clearly provided in article 8 of the European Convention for the Protection of Human Rights and Fundamental Freedoms ; “Everyone has the right to esteem for his private and household life, his place and his correspondence” and no intervention with this right should be put into pattern by public governments ( CPHRFF 1950 ) . In the United States the right to privateness was foremost depicted from the constitutional amendments ; persons can freely and anonymously express themselves, have their belongingss and personalities protected and should non be forced to unwrap information under governmental force per unit area ( U.S. Constitution, Amendments IV and V ) .
Information privateness is normally regarded as an person ‘s right to “information self-determination” ; persons have the right to command the usage of personal information and the ways it is communicated to others ( Westin 1967 ) . Protection of privateness is besides considered as a manner to sign one ‘s self-respect ( Bloustein 1964 ) and set the boundaries for societal administration ( Post 1989 ) .
Over the last decennaries, the international community has attempted to turn to such issues with an indispensable set of rules sing the usage of personal informations. In the United States the U.S. Department of Health, Education and Welfare compiled a comprehensive set of just information patterns ( U.S. Dept of Health 1973 ) . This set addressed issues of transparence, entree and usage restrictions, rectification and security ( Reidenberg 2000 ) and was farther adopted by the Organization for Economic Cooperation and Development ( OECD ) . More late, the Council of Europe ( COE ) introduced a set of privateness criterions for its member provinces, the Data Protection Directive “on the Protection of Individuals with respect to the Processing of Personal Data and on the Free Movement of Such Data” ( 95/46/EC 1995 ) .
Scholars illustrate an international consensus on this set of rules, known as “principles of just information practice” ; this set of rules includes “openness” , “individual entree and correction” , “correction limitation” , “use limitation” , “disclosure limitation” and “security” ( Bennett 1992 ) . However, attachment to this consensus varies from state to state depending on execution and reading. For case, while in Europe informations privateness is considered as a political right and comprehensive Torahs serve its protection, the United States adopt a self-regulatory position where information privateness is chiefly a market issue with limited province engagement ( Reidenberg 2000 ) . An alternate proficient attack departs from the province and market ordinance ; in this attack policy is inscribed in proficient artefacts.
Then once more, these rules are interpreted in assorted ways depending on the idiosyncratic nature of each state ‘s administration. Interpretations of transparence, “personal information” and other related constructs differ within the European Union at national degree. In the United States the statutory jurisprudence is applicable within the context of peculiar activities. As such, several Torahs apply to the context of cloud computer science. Part of these Torahs has no immediate consequence in utilizing cloud services. For case, the Gramm-Leach-Bliley Act ( 15 U.S.C. Sec.6802 ) restricts revelation of fiscal information to third-parties ; yet this does non use to a service supplier. In the same vena, Video Privacy Protection Act ( 18 U.S.C. Sec. 2710 ) and Cable Communications Policy Act ( 47 U.S.C. Sec. 551 ) do non stipulate a form sing service suppliers.
However, peculiar statutory Torahs in the United States stipulate limitations related to the usage of cloud services. The Health Insurance Portability and Accountability Act ( HIPAA ) regulates the intervention of persons ‘ wellness information by wellness attention suppliers ( 45 C.F.R. Part 164 ) . The regulation identifies a concern associate understanding between the wellness attention supplier and the cloud supplier. Hence, wellness attention suppliers could transgress the HIPAA when hive awaying patient-related information to overcast suppliers whose Footings of Service do non curtail revelation of information to 3rd parties ( Gellman 2009 ) . Similar limitations apply to revenue enhancement return information ( 26 U.S.C. Sec 6713 ; 26 C.F.R. Sec. 301.7216 ) and domestic force as described in Violence Against Women Act ( Public Law 109-162 ) . The American Bar Association Model Rules of Professional Conduct restricts the revelation of lawfully privileged information to entities that have “professional duty to a client” ( ABA 1983 ) . Again, while this regulation does non curtail revelation to a cloud supplier, the cloud supplier ‘s Footings of service may for illustration allow revelation of legal records therefore transgressing the attorney ‘s professional duty ( Gellman 2009 ) .
Yet, third-party entree to information stored on a cloud supplier is a major legal issue. A landmark instance in this regard is United States vs. Miller ; this instance signaled the governmental ability to bespeak information revelation from service suppliers with a mere subpoena ( 425 U.S. 435, 1976 ) . Issues emerging from this legal case in point will be farther discussed in the undermentioned subdivision. In this sense, the Electronic Communications Privacy Act ( ECPA ) specifies limitations for third-party entree to electronic communications records ( 18 U.S.C. Sec. 2510-2522, 2701-2712 ) ; nevertheless, this regulation is outdated in footings of technological patterns and vagueness prevails as to its execution ( Gellman 2009 ) . However, governmental ability to hale revelation is extended by the U.S.A. PATRIOT Act ( Public Law 107-56 ) . Under this regulation, the authorities bureaus can entree information from a service supplier with a National Security Letter ; this papers is merely a subpoena issued by managerial entities. A service supplier that has been forced to unwrap information to governmental bureaus faces important restrictions in uncovering such a revelation to the users.
Although divergent in executing and reading, the aforesaid regulations modulate location-independent information flows. This practical propinquity is in direct contrast with the located reading and usage of privateness regulations and statutory Torahs. Hence, conflicts emerge ( Gellman 1997 ) . In footings of executing, the European government imposes strict limitations on the flow of information to parts without equal privateness safety, such as the United States. In add-on, conformity lacks and minor differences in statutory privateness Torahs create struggle to information flows in the context of online services ( Reidenberg 2000 ) .
Wide acceptance of cloud computer science services and its built-in information flow features raise important privateness challenges. How can privacy be successfully protected in cloud environments? How can a globally consistent privateness model for cloud computer science be created and sustained?
Guaranting privateness in an on-line environment ( such as the “cloud environment” ) seems a instead heavy undertaking. Particular features of the cloud environment raise certain challenges in this regard ; transnational sourcing of information, information repositing, secondary usage of information and chink watercourse informations addition chances and inducements for cross-boundary information privateness maltreatment ( Reidenberg 2000 ) .
Cloud architecture and the associated computational capablenesss rest on location-independency. Possibly the most outstanding characteristic of cloud services is the easiness of entree to informations stored in the cloud regardless of user location. User information flows right along from one cloud waiter to another and each procedure upon user informations can take topographic point in different locations. For case, a user can entree a societal networking page from Greece, upload a personal exposure which is collected in Greece, processed someplace in cardinal Europe and so stored in yet another state. This implies that multiple mediators may entree transferable user informations. Yet, easiness of aggregation of user informations in the cloud coupled with the ability to store enormous sums of information on cloud waiters ( besides known as informations warehousing ) affords the chance for assorted secondary utilizations, among which user profiling and targeted advertisement are the most widely used. Not to advert, the really nature of ‘click watercourse informations ‘ enables a robust aggregation of user-cloud interaction information ( Reidenberg 2000 ) . In this context, third-party entree becomes a critical issue for user privateness.
While the Fourth Amendment of the U.S. Constitution protects against “unreasonable hunt and seizure” , this relies on user ‘s sensible outlook of privateness ( ref here ) . However, under the 3rd party philosophy users have no sensible outlook of privateness when sharing papers with 3rd parties, such as cloud suppliers. In Smith vs. Maryland ( ref ) the United States Supreme Court held that the suspect had no sensible outlook of privateness when utilizing a pen registry and statutory Torahs should be put frontward to protect such outlooks of privateness.
Furthermore, in United States vs. Miller ( 425 US 435, 1976 ) , the suspect ‘s strong belief rested on grounds obtained from a third-party. The authorities compelled Miller ‘s Bankss to supply entree to his informations, without advising Miller about this petition. Miller supported that this constituted a misdemeanor of his Fourth Amendment rights but the Supreme Court found that such intervention of his informations had no deduction on his Fourth Amendment rights. In this sense, cloud suppliers can be forced to unwrap customer-related information with a field subpoena. For case, in Gonzales vs. Google ( 234 F.R.D. 674, N.D. Cal. 2006 ) , the U.S. Justice Department compelled Google to give up 50,000 random URLs in an effort to contend erotica on the cyberspace.
However, cloud users are non cognizant of such critical issues. The personal computing machine paradigm implies vicinity of resources used in human-computer interaction. Users are familiar with applications such as word processing, exposure redaction and media reproduction to take topographic point locally on their personal computing machine and this pattern is inscribed in the manner engineering is enacted. While traveling to “the cloud” paradigm implies that user informations can be stored virtually anyplace in the universe, such a passage appears vague to overcast users. Even when cloud users realize this passage per Se, their consciousness of possible menaces ( such as 3rd party entree and adult male in the in-between onslaughts ) remains unequal. Many cloud suppliers develop cloud-based applications to run on the user ‘s desktop, therefore making the semblance of vicinity to the end-user ( Soghoian 2009 ) . For case, Microsoft could develop an on-line version of the Office Suite that would run on the user ‘s desktop, with the design of a desktop application. Mozilla does that with Prism ( Beard 2007 ) . Cloud users would so possible have the feeling that their paperss are stored locally ; the reading of ‘reasonable outlook ‘ would so be problematic by tribunals. Last, user consciousness remains an issue in the instance of organisations traveling to the cloud without informing their employees about such a passage ( Petersen 2008 ) .
Still, cloud-users consciousness on privateness issues is lone portion of the job. Cloud service suppliers opt for a less-protective intervention of user informations. For case, all major societal networking web sites do non offer unafraid connexions to their users. Interaction with the cloud-provider remainders on unencrypted connexions which are vulnerable to unauthorised informations ictus. It could be argued that collaborative cloud services would hold important barriers in following an “encryption shield” . Consider Wave, a real-time collaborative platform provided by Google which lets users work together utilizing assorted media types. Using encoding to such a service seems impracticable since applications portion informations and encoding keys should be known to applications -hence Google as well- in order to use such characteristics.
However, the nature of cloud services is non prohibitory for the usage of encoding engineering on the whole. Many cloud services can do usage of encoding engineerings to guarantee informations privateness. The online banking paradigm may cast visible radiation on the true inducements behind such a behaviour from cloud suppliers. While users can entree their online banking history utilizing unafraid HTTP connexions by default, cloud suppliers opt to run utilizing unsecure methods exposing end-users to privateness hazards. The chief ground behind this distinction is care costs. Online banking service suppliers are obliged to supply such a quality of service since they ‘re managing sensitive information. This quality of service is reflected on the monetary value paid by end-users. Most cloud services are free to utilize and manage information that can non be considered a priori sensitive. Supplying unafraid connexions utilizing Secure Socket Layer ( SSL ) is 5-7 times more expensive than processing and memory demands for an unencrypted HTTP connexion ( Krishna, Ravishankar et Al. 2000 ) . Therefore, with the exclusion of Google that allows electronic mail services utilizing unafraid connexion ( although this is non the default option and users have to be cognizant of it to utilize it ) cloud users are exposed to several privateness menaces.
Privacy outlooks on the end-user ‘s side can be partially reflected by the cloud supplier ‘s published Footings of Service. As such, the importance of this papers is important for the protection of cloud users ‘ privateness. Cloud suppliers by and large do non supply single contracts to end-users ; alternatively, suppliers publish their Footings of Service using to all cloud users. This implies that cloud suppliers can derive rights over the end-users ‘ personal information comparatively easy, by merely qualifying such a demand in their Footings of Service. End-users can so be exposed to unwanted third-party entree every bit good as legal liabilities refering to inadequate protection of sensitive informations ( Gellman 2009 ) .
Furthermore, cloud suppliers can update their Footings of Service at will. This changeableness has profound deductions to end-user ‘s privateness outlooks. Legality of informations intervention by end-users today may give topographic point to liability tomorrow, with new Footings of Service put in topographic point. Not to advert users could barely understand such an update. Hence cloud users can non experience comfy when Footings of Service satisfy their privateness outlooks ; while this may be the instance for them today, tomorrow can ever be different.
Yet, issues emerging from the content of Footings of Service do non halt here. Ownership of cloud suppliers may non be apparent within the Footings of Service. Cloud users can happen their informations sold or transferred without notice while endeavors could hive away information on a cloud supplier that may be owned by a rival. Then once more, cloud suppliers can let in their Footings of Service the possibility for them to end their services at will and overcast users could so out of the blue lose their informations. Thus cloud users should be argus-eyed against the Footings of Servicess when traveling to “the cloud” .
However, users can non be allow entirely in this conflict for privateness. Monetary inducements should be provided to the market to follow efficient yet crystalline privateness policies to protect end-users from privateness hazards. At the minute, the concern theoretical account behind cloud services rests on secondary utilizations of information for targeted advertisement. Cloud suppliers offer cost-free services to overcast users choosing to monetise user information through targeted advertisement to do their net income. In order for this to go on, user information is scanned exhaustively to ease user profiling functioning targeted ads. Possibly cloud suppliers could heighten user privateness while at the same clip staying profitable through a mated alteration. Beginning of net income could switch for cloud suppliers from targeted ads to subscription fees for safe services ( utilizing for illustration encoding where possible ) and this safety should be demonstrated as Quality of Service. Coupled with user instruction about possible menaces, market competition for safety criterions could turn out a feasible theoretical account. Still, cloud suppliers could offer this service as a premium while keeping the current position of service for the users that opt for a free, unbarred service.
However it could be argued that set uping unafraid connexions and safe services for cloud users might turn out an semblance. While cloud suppliers could scratch such protection in their services and offer it at a certain monetary value as a quality of service, they may happen themselves in the hard place to short-circuit this protection if compelled by governmental governments. That is, put ining back doors to their applications to fulfill governmental demands for communicating surveillance. Exaggerative as it may look, peculiar instances in the past plead for such concerns. For case, the Motion Picture Association of America ( MPAA ) filed a gesture to oblige TorrentSpy to log user informations and gaining control IP addresses of its users ( ref ) . In yet another instance in China Skype reached an understanding with service supplier TOM Online to let go of TOM-Skype. The package prevented words such as “dalai lama” to be sent through SMS, through a word filtering engine ( BBC 2008 ) .
While put ining surveillance package to proprietary applications during the personal computing machine epoch was instead difficult, the nature of cloud services allows communicating surveillance in a comparatively easy manner. Installing a back door to desktop applications after the merchandise is released requires integrating with a version update, normally through the cyberspace. Converting users to download and put in updates might turn out difficult plenty. On the other manus, cloud suppliers can easy update their package with the integrated back door and nil else needs to be done. Cloud users will automatically utilize this new version of septic package and governmental eyes will descry upon them. Furthermore, package buccaneering poses barriers to traditional application sellers in pull offing a comprehensive client database that can so be used by governmental governments to descry on users. Again, cloud suppliers know their clients rather better since subscribing up for a free cloud service requires the proviso of personal information from end-users.
The demand for ordinance appears imperative, yet non a Panacea. Pressure should be exerted on cardinal institutional and non-institutional participants in “the cloud” environment to back up and perpetrate to transparent, safe patterns that assure privateness to overcast users. The divergency in execution and reading of Fair Information Practices on planetary graduated table implies that an adjustment amidst the idiosyncratic national administration attacks should be reflected in a co-regulative privateness model. A co-regulative planetary privateness model could for illustration compel cloud suppliers to supply encrypted safe connexions to end-users as a default criterion. Furthermore, jurisprudence could be updated to forbid governmental governments to put in back doors to overcast applications. Anti-spyware sellers province that their merchandises detect all spyware, including governmental back doors. However, McAfee was reported to be white-listing FBI ‘s spyware package in an article published by Associated ( McCullagh 2001 ) . Legislation could be amended to forestall white-listing of governmental back doors.
However, such prohibition may look far-reaching as forbiding governmental governments to put in back doors could be rejected on the evidences of offense probe. Apart from that, who will modulate the regulators? A feasible solution demands to emerge from the market. However, the current concern theoretical account for cloud calculating appears hindrance. Cost-free cloud services demand secondary utilizations of informations for advertisement intents. The beginning of net income demands to alter. Possibly cloud suppliers could be able to do net income from standardising privateness as a Quality of Service. Cloud user consciousness can leverage the market demand for privateness offered as a Quality of Service and an effectual solution might emerge from market competition for safe services proviso at a sensible monetary value.
95/46/EC, D. ( 1995 ) . Directing 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of persons with respect to the processing of personal informations and on the free motion of such informations.
ABA ( 1983 ) . ABA Model Rules of Professional Conduct. 1.6 ( B ) ( 1 ) – ( 6 ) .
BBC. ( 2008 ) . “China ‘spying on Skype messages’.” from hypertext transfer protocol: //news.bbc.co.uk/2/hi/7649761.stm.
Beard, C. ( 2007 ) . “Introducing Prism.” from hypertext transfer protocol: //mozillalabs.com/blog/2007/10/prism.
Bennett, C. ( 1992 ) . Regulating Privacy: Data Protection and Public Policy in Europe and the United States, Cornell Univ Pr.
Bloustein, E. ( 1964 ) . “Privacy as an Aspect of Human Dignity: An Answer to Dean Prosser.” New York University Law Review 39 ( 962 ) .
Cavoukian, A. ( 2008 ) . “Privacy in the clouds.” Identity in the Information Society 1 ( 1 ) : 89-108.
Cloud Security Alliance, C. ( 2010 ) . Top Threats to Cloud Computing v1.0. C. S. Alliance.
CPHRFF, C. ( 1950 ) . Convention for the Protection of Human Rights and Fundamental Freedoms. Council of Europe.
Fowler, G. and B. Worthen ( 2009 ) . The Internet Industry Is on a Cloud — Whatever That May Mean, Wall Street Journal.
Gellman, R. ( 1997 ) . “Borders in Cyberspace. Information Policy and the Global Information Infrastructure.”
Gellman, R. ( 2009 ) . Privacy in the Clouds: Hazards to Privacy and Confidentiality from Cloud Computing, World Privacy Forum.
International Covenant on Civil and Political Rights, U. ( 1966 ) . International Covenant on Civil and Political Rights. U. N. G. A. Resolution. Article 17.
John, H. ( 2008 ) . Use of cloud calculating applications and services, Pew Internet and American Life Project.
Krishna, K. , I. Ravishankar, et Al. ( 2000 ) . Architectural Impact of Secure Socket Layer on Internet Servers.
Leavitt, N. ( 2009 ) . “Is Cloud Computing Really Ready for Prime Time? ” Computer 42 ( 1 ) : 15-20.
McCullagh, D. ( 2001 ) . “‘Lantern’ Backdoor Flap Ragesw.” from hypertext transfer protocol: //www.wired.com/politics/law/news/2001/11/48648.
Microsoft ( 2009 ) . Privacy in the Cloud Computing Era, A Microsoft Perspective.
Petersen, M. ( 2008 ) . “Google Rewires Washington in Challenge to Microsoft.” from hypertext transfer protocol: //www.bloomberg.com/apps/news? pid=20601109 & A ; sid=a8q7UONag9nA.
Plummer, D. ( 2009 ) . Experts Define Cloud Computing: Can we acquire a Small Definition in our definitions? , Gartner Inc. 2009.
Portio Research, L. ( 2010 ) . European CIOs and Cloud Services. C. Telecom.
Post, R. ( 1989 ) . “Social Foundations of Privacy: Community and Self in the Common Law Tort.” California Law Review 77.
Reidenberg, J. R. ( 2000 ) . “Resolving Conflicting International Data Privacy Rules in Cyberspace.” Stanford Law Review 52 ( 5 ) : 1315-1371.
Soghoian, C. ( 2009 ) . “Caught in the Cloud: Privacy, Encryption, and Government Back Doors in the Web 2.0 Era ” Journal of Telecommunications and High Technology Law ( Forthcoming ) .
U.S. Dept of Health, E. a. W. ( 1973 ) . Report of the Secretary ‘s Advisory Committee on Automated Personal Data Systems.
Ucb/Eecs, M. Armbrust, et Al. ( 2009 ) . Above the Clouds: A Berkeley View of Cloud Computing.
UNCHR ( 1948 ) . Universal Declaration of Human Rights. Article 12.
Warren, S. D. and L. D. Brandeis ( 1890 ) . “The Right to Privacy.” Harvard Law Review 4 ( 5 ) : 193-220.
Westin, A. ( 1967 ) . Privacy and Freedom, New York Atheneum.
Youseff, L. , M. Butrico, et Al. ( 2008 ) . Toward a Unified Ontology of Cloud Computing. Grid Calculating Environments Workshop, 2008. GCE ’08.