Professional Documents
Culture Documents
Cloud Computing Legal and Security Issues
Cloud Computing Legal and Security Issues
Cloud Computing Legal and Security Issues
Mohammad Abdallah
Hussam Hourani
Faculty of Science and IT
Faculty of Science and IT
Al Zaytoonah University of Jordan
Al Zaytoonah University of Jordan
Amman, Jordan
Amman, Jordan
m.abdallah@zuj.edu.jo
hussam.hourani@gmail.com
Abstract— Cloud Computing is a new era that helps the services cloud providers. In this case, the licenses can be
organizations to move fast and adopts different services that adopted as per User or Entity.
accelerate building and hosting their services and reach
customers and third parties quickly. However, there are
challenges related to Cloud Computing that the Services
Providers must consider and implement. This paper highlights
the Cloud Computing Legal, Contractual and Security
challenges. In addition, it gives some suggested solutions for
some of the highlighted key challenges.
I. INTRODUCTION
Cloud Computing is defined as a large-scale distributed
computing paradigm. It is becoming an important topic for
businesses and organizations, where different types of
services are provided in a competitive time frame over the Figure 1. Cloud Services Model
internet, which accelerates operating the businesses to
deliver faster and to scale up in a competitive timeframe.
B. Cloud Deployment Models
Cloud Computing offers Cost Reduction (pay-per-use),
Maintenance, Enhance Productivity, Scalability, and There are three deployment models in Cloud Computing
Elasticity for Businesses.[1] as shown in Figure 2.
Few important topics are highlighted hereafter which
give an overview of cloud main concepts and architectures
and then address some legal, contractual and security and
data privacy issues related to Cloud Computing.
independent regulatory that govern the Cloud III. CLOUD COMPUTING SECURITY
Computing worldwide, however this need a lot of Security is the most complex challenge in a distributed and
efforts and international interference to establish this multi-tier architecture environment, and therefore is a key
governance body and to craft the rules and challenge in Cloud computing. Figure 5 shows the major
regulations related to Cloud Computing services. security concepts of Cloud Computing [3, 9, 10]:
In general, there are some related Cloud computing
regulations and law in regions like Europe which are
substantially more restrictive than regulations and laws in
other regions. More regulations and policies across counties
and regions need to take care of Cloud Computing to secure
and govern the relationship between all parties including
services providers, customers, and the engaged third parties.
Creating an independent regulatory body that govern the
Regulations and laws of Cloud Computing over countries is
crucial to protect both Services providers and the clients.
V. REFERENCES
[1] Moghe, U., Lakkadwala, P., & Mishra, D. K. (2012). Cloud
Figure 5. Proposed Solution
computing: Survey of different utilization techniques. 2012 CSI Sixth
International Conference on Software Engineering (CONSEG).
For homomorphic encryption, the main advantage doi:10.1109/conseg.2012.6349524.
identified was the viability to implement in any environment, [2] Bokhari, M. U., Makki, Q., & Tamandani, Y. K. (2017). A Survey on
although it is less efficient [4, 7]. Cloud Computing. Advances in Intelligent Systems and Computing
Big Data Analytics, 149-164. doi:10.1007/978-981-10-6620-7_16.
Intel SGX used for the first time in a cloud computing [3] Singh, S., Jeong, Y., & Park, J. H. (2016). A survey on cloud
orchestrator yields much lower response times and allows computing security: Issues, threats, and solutions. Journal of Network
performing various forms of computation on data, but it and Computer Applications, 75, 200-222.
demands a specific infrastructure from the service doi:10.1016/j.jnca.2016.09.002.
provider.[4] [4] Silva, L. V., Barbosa, P., Marinho, R., & Brito, A. (2018). Security
and privacy aware data aggregation on cloud computing. Journal of
This proposed architecture is applicable for both private Internet Services and Applications, 9(1). doi:10.1186/s13174-018-
and public deployment models 0078-3.
[5] Robinson, N., Valeri, L., Cave, J., Starkey, T., Graux, H., Creese, S.,
There are many other security techniques and & Hopkins, P. (2011). The Cloud: Understanding the Security, Privacy
architecture that are adopted nowadays that might sort out and Trust Challenges. Santa Monica: RAND Corporation..
the security issues and the data protection. However, this is [6] Kumar, M. M., & Vijayan, R. (2017). Privacy authentication using key
still un-mature topic that needs to be taken care in the short attribute-based encryption in mobile cloud computing. IOP
and long run. Conference Series: Materials Science and Engineering, 263, 042069.
doi:10.1088/1757-899x/263/4/042069
[7] Hayward, R., & Chiang, C. (2015). Parallelizing fully homomorphic
IV. CONCLUSION
encryption for a cloud environment. Journal of Applied Research and
In this paper, we highlighted the main issues of Cloud Technology, 13(2), 245-252. doi:10.1016/j.jart.2015.06.004
Computing and some key challenges related to Legal, [8] Chandramohan, D., Vengattaraman, T., & Dhavachelvan, P. (2017). A
secure data privacy preservation for on-demand cloud service. Journal
contractual and Security issues. Cloud Computing services
of King Saud University - Engineering Sciences, 29(2), 144-150.
providers must secure the key issues related to Data Privacy, doi:10.1016/j.jksues.2015.12.002
Security and align with Legal and Regulations aspects of the [9] Deshmukh, P. (2017). Design of cloud security in the EHR for Indian
Cloud Computing. A collaboration between services healthcare services. Journal of King Saud University - Computer and
provides, customers and Legal bodies in all regions and Information Sciences, 29(3), 281-287.
doi:10.1016/j.jksuci.2016.01.002
across countries are essential to succeed going forward for
[10] Sukumaran, S. C., & Mohammed, M. (2018). PCR and Bio-signature
businesses to adopt the Cloud Computing technology in for data confidentiality and integrity in mobile cloud computing.
organizations. Reform of the current rules, regulations, Journal of King Saud University - Computer and Information
policies, and law is critical as early as possible to avoid any Sciences. doi:10.1016/j.jksuci.2018.03.008
major failures for Cloud Computing implementations in the [11] Gordon, D. G. (2016). Legal Aspects of Cloud Computing.
Encyclopedia of Cloud Computing, 462-475.
short and long run. This is a key driver for Cloud
doi:10.1002/9781118821930.ch38
Computing expansion and continuity.