Understanding the Security, Privacy and Trust Challenges of Cloud Computing

Abstract

The overall objective of this paper is to understand the Security, Privacy and Trust Challenges and to advise on policy and other interventions which should be considered in order to ensure that Indian users of cloud environments are offered appropriate protections, and to underpin Indian cloud ecosystem. Cloud computing is increasingly subject to interest from policymakers and regulatory authorities. The Indian regulator needs to develop a pan-Indian ‘cloud strategy’ that will serve to support growth and jobs and build an innovation advantage for India. However, the concern is that currently a number of challenges and risks with respect to security, privacy and trust exist that may undermine the attainment of these policy objectives. Our approach has been to undertake an analysis of the technological, operational and legal intricacies of cloud computing, taking into consideration the Indian dimension and the interests and objectives of all stakeholders (citizens, individual users, companies, cloud service providers, regulatory bodies and relevant public authorities). This paper represents an evolutionary progression in understanding the implications of cloud computing for security, privacy and trust. Starting from an overview of the challenges identified in the area of cloud, the study builds upon real-life case study implementations of cloud computing for its analysis and subsequent policy considerations. As such, we intend to offer additional value for policymakers beyond a comprehensive understanding of the current theoretical or empirically derived evidence base, which will understand the cloud computing and the associated open questions surrounding some of the important security, privacy and trust issues.