Towards data privacy in heterogeneous cloud environments: An extension to the SANTA policy language

Abstract

This paper addresses the pressing concern of insufficient and inflexible support for data privacy in hybrid cloud environments, where potentially sensitive data is dynamically transferred between remote (i.e. public) and local (i.e. private) data centres, as well as personal computers and portable/mobile devices. As sensitive data is being transferred across various administrative domains with differing data protection levels, legislations, and security mechanisms in place, it is important to enable a differentiated approach to implement a flexible access control mechanism tailored to the current context and circumstances. Accordingly, this paper raises awareness on the issues of data privacy in such heterogeneous cloud ecosystems, and presents an on-going research work targeted at devising an access control policy language, which serves to support various types of policies, applicable across a wide range of hybrid cloud scenarios. The presented work is based on and extends the current capabilities of SANTA - a policy language, which, however, currently does not support data privacy concerns associated with clouds, including mobile and hybrid clouds.