Cloud computing refers to storing and accessing data and programs over the Internet instead of on a computer hard drive. It allows users to access files, applications, and resources from any device with an Internet connection. While convenient, cloud computing raises privacy issues as data is stored remotely and accessed by third-party providers. Organizations considering cloud services should carefully review privacy policies and security measures to ensure personal information is adequately protected.
Cloud computing: Legal and ethical issues in library and information servicese-Marefa
Provides an overview of what is cloud computing and its role in library networking and automation. It presents the legal and ethical issues facing library and information specialists when using cloud computing including confidentiality, privacy and licensing.
International Journal of Engineering Research and DevelopmentIJERD Editor
Electrical, Electronics and Computer Engineering,
Information Engineering and Technology,
Mechanical, Industrial and Manufacturing Engineering,
Automation and Mechatronics Engineering,
Material and Chemical Engineering,
Civil and Architecture Engineering,
Biotechnology and Bio Engineering,
Environmental Engineering,
Petroleum and Mining Engineering,
Marine and Agriculture engineering,
Aerospace Engineering.
یک راهنما و معرفی مختصر درباره پردازش ابری (Cloud Computing).
این متن که به زبان انگلیسی نوشته شده است، مفهوم Cloud Computing را به زبان ساده بیان کرده است.
Cloud computing: Legal and ethical issues in library and information servicese-Marefa
Provides an overview of what is cloud computing and its role in library networking and automation. It presents the legal and ethical issues facing library and information specialists when using cloud computing including confidentiality, privacy and licensing.
International Journal of Engineering Research and DevelopmentIJERD Editor
Electrical, Electronics and Computer Engineering,
Information Engineering and Technology,
Mechanical, Industrial and Manufacturing Engineering,
Automation and Mechatronics Engineering,
Material and Chemical Engineering,
Civil and Architecture Engineering,
Biotechnology and Bio Engineering,
Environmental Engineering,
Petroleum and Mining Engineering,
Marine and Agriculture engineering,
Aerospace Engineering.
یک راهنما و معرفی مختصر درباره پردازش ابری (Cloud Computing).
این متن که به زبان انگلیسی نوشته شده است، مفهوم Cloud Computing را به زبان ساده بیان کرده است.
Aes based secured framework for cloud databasesIJARIIT
A Cloud database management system is a distributed database that delivers computing as a service (Caas) instead of
a product. Improving confidentiality of information stored in a cloud database .It is a very important contribution to the cloud
database. Data encryption is the optimum solution for achieving confidentiality. In some normal methods, encrypt the whole
database through some standard encryption algorithm that does not allow in SQL database operations directly on the cloud. This
formal solution affected by workload and cost would make the cloud database service inconvenient. I propose a novel
architecture for adaptive encryption of public cloud database. Adaptive encryption allows any SQL operation over encrypted
data. The novel cloud database architecture that uses adaptive encryption technique with no intermediate servers. This scheme
provides cloud provider with the best level of confidentiality for any database workload. I can determine the encryption and
adaptive encryption cost of data confidentiality from the research point of view. Index Terms Adaptive encryption Technique, AES (Advanced encryption Standard), Metadata.
Challenges and Proposed Solutions for Cloud ForensicIJERA Editor
Cloud computing is a heavily evolving topic in information technology (IT). Rather than creating, deploying and managing a physical IT infrastructure to host their software applications, organizations are increasingly deploying their infrastructure into remote, virtualized environments, often hosted and managed by third parties. Due to this large scale, in case an attack over the network of cloud, it’s a great challenge to investigate to cloud. There is a very low research done to develop the theory and practice of cloud forensic. The investigator has huge challenge of getting the IP address of the culprit as there is dynamic IP in cloud computing. Also one among many problems is that the customer is only concerned of security and threat of unknown. The cloud service provider never lets customer see what is behind "virtual curtain" which leads customer more doubting for the security and threat issue. In cloud forensics, the lack of physical access leads to big challenge for investigator. In this paper we are presenting few common challenges which arise in cloud forensic and proposed solution to it. We will also discuss the in brief about cloud computing and cloud forensic.
Virtual & Remote Practice: Reach from the Beach & Manage from the MountainsGarrett P. Laborde
Virtual & Remote Practice: Reach from the Beach & Manage from the Mountains demonstrates key concepts of a “Virtual” and “Remote” law practice including an overview of many of the leading technologies currently enabling lawyers to remain virtually and remotely connected to clients, their firms and the vital information and knowledge of each, irrespective of his/her physical location; explores a few of the practice models employing these tools.
Trust Your Cloud Service Provider: User Based Crypto ModelIJERA Editor
In Data Storage as a Service (STaaS) cloud computing environment, the equipment used for business operations
can be leased from a single service provider along with the application, and the related business data can be
stored on equipment provided by the same service provider. This type of arrangement can help a company save
on hardware and software infrastructure costs, but storing the company’s data on the service provider’s
equipment raises the possibility that important business information may be improperly disclosed to others [1].
Some researchers have suggested that user data stored on a service-provider’s equipment must be encrypted [2].
Encrypting data prior to storage is a common method of data protection, and service providers may be able to
build firewalls to ensure that the decryption keys associated with encrypted user data are not disclosed to
outsiders. However, if the decryption key and the encrypted data are held by the same service provider, it raises
the possibility that high-level administrators within the service provider would have access to both the
decryption key and the encrypted data, thus presenting a risk for the unauthorized disclosure of the user data. we
in this paper provides an unique business model of cryptography where crypto keys are distributed across the
user and the trusted third party(TTP) with adoption of such a model mainly the CSP insider attack an form of
misuse of valuable user data can be treated secured.
"The transition of companies to cloud-based will be quicker for some and slower for others depending on their individual circumstances, But the change will happen."
Legal challenges of cloud based enterprise 20Kasia Szkuta
Presentation given at the "Enterprise 2.0 in Europe" workshop where the results of the interim report of the “Enterprise 2.0 study were presented and discussed with experts
Brussels, 14th of September 2010
Aes based secured framework for cloud databasesIJARIIT
A Cloud database management system is a distributed database that delivers computing as a service (Caas) instead of
a product. Improving confidentiality of information stored in a cloud database .It is a very important contribution to the cloud
database. Data encryption is the optimum solution for achieving confidentiality. In some normal methods, encrypt the whole
database through some standard encryption algorithm that does not allow in SQL database operations directly on the cloud. This
formal solution affected by workload and cost would make the cloud database service inconvenient. I propose a novel
architecture for adaptive encryption of public cloud database. Adaptive encryption allows any SQL operation over encrypted
data. The novel cloud database architecture that uses adaptive encryption technique with no intermediate servers. This scheme
provides cloud provider with the best level of confidentiality for any database workload. I can determine the encryption and
adaptive encryption cost of data confidentiality from the research point of view. Index Terms Adaptive encryption Technique, AES (Advanced encryption Standard), Metadata.
Challenges and Proposed Solutions for Cloud ForensicIJERA Editor
Cloud computing is a heavily evolving topic in information technology (IT). Rather than creating, deploying and managing a physical IT infrastructure to host their software applications, organizations are increasingly deploying their infrastructure into remote, virtualized environments, often hosted and managed by third parties. Due to this large scale, in case an attack over the network of cloud, it’s a great challenge to investigate to cloud. There is a very low research done to develop the theory and practice of cloud forensic. The investigator has huge challenge of getting the IP address of the culprit as there is dynamic IP in cloud computing. Also one among many problems is that the customer is only concerned of security and threat of unknown. The cloud service provider never lets customer see what is behind "virtual curtain" which leads customer more doubting for the security and threat issue. In cloud forensics, the lack of physical access leads to big challenge for investigator. In this paper we are presenting few common challenges which arise in cloud forensic and proposed solution to it. We will also discuss the in brief about cloud computing and cloud forensic.
Virtual & Remote Practice: Reach from the Beach & Manage from the MountainsGarrett P. Laborde
Virtual & Remote Practice: Reach from the Beach & Manage from the Mountains demonstrates key concepts of a “Virtual” and “Remote” law practice including an overview of many of the leading technologies currently enabling lawyers to remain virtually and remotely connected to clients, their firms and the vital information and knowledge of each, irrespective of his/her physical location; explores a few of the practice models employing these tools.
Trust Your Cloud Service Provider: User Based Crypto ModelIJERA Editor
In Data Storage as a Service (STaaS) cloud computing environment, the equipment used for business operations
can be leased from a single service provider along with the application, and the related business data can be
stored on equipment provided by the same service provider. This type of arrangement can help a company save
on hardware and software infrastructure costs, but storing the company’s data on the service provider’s
equipment raises the possibility that important business information may be improperly disclosed to others [1].
Some researchers have suggested that user data stored on a service-provider’s equipment must be encrypted [2].
Encrypting data prior to storage is a common method of data protection, and service providers may be able to
build firewalls to ensure that the decryption keys associated with encrypted user data are not disclosed to
outsiders. However, if the decryption key and the encrypted data are held by the same service provider, it raises
the possibility that high-level administrators within the service provider would have access to both the
decryption key and the encrypted data, thus presenting a risk for the unauthorized disclosure of the user data. we
in this paper provides an unique business model of cryptography where crypto keys are distributed across the
user and the trusted third party(TTP) with adoption of such a model mainly the CSP insider attack an form of
misuse of valuable user data can be treated secured.
"The transition of companies to cloud-based will be quicker for some and slower for others depending on their individual circumstances, But the change will happen."
Legal challenges of cloud based enterprise 20Kasia Szkuta
Presentation given at the "Enterprise 2.0 in Europe" workshop where the results of the interim report of the “Enterprise 2.0 study were presented and discussed with experts
Brussels, 14th of September 2010
Child safety PowerPoint templates designed by skilled, experienced and professional graphic designers that are intended to solve the big issue of time consumption. These are fully editable slides and organized in a way to simplify the most complex topics and present it in an attractive manner. You can easily incorporate charts, diagrams and animations along with the content to these layouts in order to explore new technologies and trends of businesses in a unique way. All editable slides are digitally created to pinpoint and clarify the message, and summarize information regarding topic.
Prostate cancer PowerPoint templates designed by skilled, experienced and professional graphic designers that are intended to solve the big issue of time consumption. These are fully editable slides and organized in a way to simplify the most complex topics and present it in an attractive manner. You can easily incorporate charts, diagrams and animations along with the content to these layouts in order to explore new technologies and trends of businesses in a unique way. All editable slides are digitally created to pinpoint and clarify the message, and summarize information regarding topic.
Operation PowerPoint templates designed by skilled, experienced and professional graphic designers that are intended to solve the big issue of time consumption. These are fully editable slides and organized in a way to simplify the most complex topics and present it in an attractive manner. You can easily incorporate charts, diagrams and animations along with the content to these layouts in order to explore new technologies and trends of businesses in a unique way. All editable slides are digitally created to pinpoint and clarify the message, and summarize information regarding topic.
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
International Journal of Engineering Research and Development (IJERD)IJERD Editor
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
Cloud computing is an information technology paradigm that enables ubiquitous access to shared pools of configurable system resources and higher-level services that can be rapidly provisioned with minimal management effort, often over the Internet.
Cloud computing has been a buzzword in the IT industry for quite some time now. Though it has been around for quite a while, its popularity has increased manifold in the last few years. The reason for this is simple – the benefits of cloud computing are simply too hard to ignore.
In a nutshell, cloud computing is the delivery of computing services—including servers, storage, databases, networking, software, analytics, and intelligence—over the Internet (“the cloud”) to offer faster innovation, flexible resources, and economies of scale.
https://dailytimeupdate.com/cloud-computing-definition/
Security of Data in Cloud Environment Using DPaaSIJMER
The rapid development of cloud computing is giving way to more cloud services, due to
which security of services of cloud especially data confidentiality protection, becomes more critical.
Cloud computing is an emerging computing style which provides dynamic services, scalable and payper-use.
Although cloud computing provides numerous advantages, a key challenge is how to ensure
and build confidence that the cloud can handle user data securely. This paper highlights some major
security issues that exist in current cloud computing environments. The status of the development of
cloud computing security, the data privacy analysis, security audit, information check and another
challenges that the cloud computing security faces have been explored. The recent researches on data
protection regarding security and privacy issues in cloud computing have partially addressed some
issues. The best option is to build data-protection solutions at the platform layer. The growing appeal
of data protection as a service is that it enables to access just the resources you need at minimal
upfront expense while providing the benefits of enterprise-class data protection capabilities. The
paper proposes a solution to make existing developed applications for simple cloud Systems
compatible with DPaaS. The various security challenges have been highlighted and the various
necessary metrics required for designing DPaaS have been investigated.
Cloud computing has revolutionized the way businesses operate by providing on-demand access to a wide range of computing resources such as servers, storage, applications, and services over the internet. This has eliminated the need for companies to maintain expensive hardware infrastructure and has enabled them to scale up or down their resources as per their requirements.
In the early days of cloud computing, most businesses were hesitant to move their operations to the cloud due to concerns around security, reliability, and control. However, over time, these concerns have been addressed, and cloud computing has become an integral part of modern businesses.
Abstract--The paper identifies the issues and the solution to overcome these problems. Cloud computing is a subscription based service where we can obtain networked storage space and computer resources. This technology has the capacity to admittance a common collection of resources on request. It is the application provided in the form of service over the internet and system hardware in the data centers that gives these services. But having many advantages for IT organizations cloud has some issues that must be consider during its deployment. The main concern is security privacy and trust. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario [4].
Keywords--Cloud, Issues, Security, Privacy, Resources, Technology.
In looking at the legitimate ramifications of protection and cloud registering, it is imperative to see a portion of the foundation. Right now, will look at a portion of the specialized foundation of the present innovations before examining distributed computing and its focal points and disservices in more detail. We will likewise present some lawful issues that emerge in the cloud setting and quickly audit different calls for activity that have sounded with regard to the cloud, for example, calls for revising enactment, proposing enactment, or calling for gauges or expanded straightforwardness.
What are the advantages of adopting public cloudNicole Khoo
Public cloud computing brought a fundamental change from the conventional norms of an organizational data center to a parameterized open environment to use by adversaries.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
The Art of the Pitch: WordPress Relationships and Sales
02 05 d_51_cc_efiles
1. Introduction to Cloud Computing
When you store your photos online instead of on your home computer, or use
webmail or a social networking site, you are using a “cloud computing” service. If
you are an organization, and you want to use, for example, an online invoicing
service instead of updating the in-house one you have been using for many years,
that online invoicing service is a “cloud computing” service.
Cloud computing refers to the
delivery of computing resources over
the Internet. Instead of keeping data
on your own hard drive or updating
applications for your needs, you use a
service over the Internet, at another
location, to store your information or
use its applications. Doing so may
give rise to certain privacy
implications.
For that reason the Office of the
Privacy Commissioner of Canada
(OPC) has prepared some responses
to Frequently Asked Questions
(FAQs). We have also developed a
Fact Sheet that provides detailed
information on cloud computing and
the privacy challenges it presents.
Cloud Computing
Cloud computing is the delivery of computing services over the Internet. Cloud
services allow individuals and businesses to use software and hardware that are
managed by third parties at remote locations. Examples of cloud services include
online file storage, social networking sites, webmail, and online business
applications. The cloud computing model allows access to information and computer
resources from anywhere that a network connection is available. Cloud computing
provides a shared pool of resources, including data storage space, networks,
computer processing power, and specialized corporate and user applications.
2. The following definition of cloud computing has been developed by the U.S. National
Institute of Standards and Technology (NIST):
Cloud computing is a model for enabling convenient, on-demand network
access to a shared pool of configurable computing resources (e.g., networks,
servers, storage, applications, and services) that can be rapidly provisioned
and released with minimal management effort or service provider interaction.
This cloud model promotes availability and is composed of five essential
characteristics, three service models, and four deployment models.1
Characteristics
The characteristics of cloud computing include on-demand self service, broad
network access, resource pooling, rapid elasticity and measured service. On-demand
self service means that customers (usually organizations) can request and manage
their own computing resources. Broad network access allows services to be offered
over the Internet or private networks. Pooled resources means that customers draw
from a pool of computing resources, usually in remote data centres. Services can be
scaled larger or smaller; and use of a service is measured and customers are billed
accordingly.
Service models
The cloud computing service models are Software as a Service (SaaS), Platform as a
Service (PaaS) and Infrastructure as a Service (IaaS). In a Software as a Service
model, a pre-made application, along with any required software, operating system,
hardware, and network are provided. In PaaS, an operating system, hardware, and
network are provided, and the customer installs or develops its own software and
applications. The IaaS model provides just the hardware and network; the customer
installs or develops its own operating systems, software and applications.
Deployment of cloud services:
Cloud services are typically made available via a private cloud, community cloud,
public cloud or hybrid cloud.
Generally speaking, services provided by a public cloud are offered over the
Internet and are owned and operated by a cloud provider. Some examples include
services aimed at the general public, such as online photo storage services, e-mail
services, or social networking sites. However, services for enterprises can also be
offered in a public cloud.
In a private cloud, the cloud infrastructure is operated solely for a specific
organization, and is managed by the organization or a third party.
In a community cloud, the service is shared by several organizations and made
available only to those groups. The infrastructure may be owned and operated by the
organizations or by a cloud service provider.
1
NIST cloud definition, version 15 http://csrc.nist.gov/groups/SNS/cloud-
computing/
3. A hybrid cloud is a combination of different methods of resource pooling (for
example, combining public and community clouds).
Why cloud services are popular
Cloud services are popular because they can reduce the cost and complexity of
owning and operating computers and networks. Since cloud users do not have to
invest in information technology infrastructure, purchase hardware, or buy software
licences, the benefits are low up-front costs, rapid return on investment, rapid
deployment, customization, flexible use, and solutions that can make use of new
innovations. In addition, cloud providers that have specialized in a particular area
(such as e-mail) can bring advanced services that a single company might not be
able to afford or develop.
Some other benefits to users include scalability, reliability, and efficiency. Scalability
means that cloud computing offers unlimited processing and storage capacity. The
cloud is reliable in that it enables access to applications and documents anywhere in
the world via the Internet. Cloud computing is often considered efficient because it
allows organizations to free up resources to focus on innovation and product
development.
Another potential benefit is that personal information may be better protected in the
cloud. Specifically, cloud computing may improve efforts to build privacy protection
into technology from the start and the use of better security mechanisms. Cloud
computing will enable more flexible IT acquisition and improvements, which may
permit adjustments to procedures based on the sensitivity of the data. Widespread
use of the cloud may also encourage
open standards for cloud computing that
will establish baseline data security
features common across different
services and providers. Cloud computing
may also allow for better audit trails. In
addition, information in the cloud is not
as easily lost (when compared to the
paper documents or hard drives, for
example).
Potential privacy risks
While there are benefits, there are
privacy and security concerns too. Data is
travelling over the Internet and is stored
in remote locations. In addition, cloud
providers often serve multiple customers
simultaneously. All of this may raise the
scale of exposure to possible breaches,
both accidental and deliberate.
Concerns have been raised by many that
cloud computing may lead to “function creep” — uses of data by cloud providers that
were not anticipated when the information was originally collected and for which
consent has typically not been obtained. Given how inexpensive it is to keep data,
there is little incentive to remove the information from the cloud and more reasons
to find other things to do with it.
4. Security issues, the need to segregate data when dealing with providers that serve
multiple customers, potential secondary uses of the data—these are areas that
organizations should keep in mind when considering a cloud provider and when
negotiating contracts or reviewing terms of service with a cloud provider. Given that
the organization transferring this information to the provider is ultimately
accountable for its protection, it needs to ensure that the personal information is
appropriate handled.
Privacy is not a barrier but it must be taken into consideration
The Personal Information Protection and Electronic Documents Act (PIPEDA) does not
prevent an organization from transferring personal information to an organization in
another jurisdiction for processing.
However, PIPEDA establishes rules governing those transfers — particularly with
respect to obtaining consent for the collection, use and disclosure of personal
information, securing the data, and ensuring accountability for the information and
transparency in terms of practices.
For more information on the views of the Office of the Privacy Commissioner of
Canada with respect to outsourcing of personal data processing across borders,
please see our Guidelines for Processing Personal Data Across Borders. These
considerations apply whether moving data in the cloud or otherwise.
It is important to note that many non-Canadian based cloud providers may also be
subject to PIPEDA. To the extent that a cloud provider has a real and substantial
connection to Canada, and collects, uses or discloses personal information in the
course of a commercial activity, the provider is expected to protect personal
information, in keeping with PIPEDA.
Conclusion
Cloud computing offers benefits for organizations and individuals. There are also
privacy and security concerns. If you are considering a cloud service, you should
think about how your personal information, and that of your customers, can best be
protected. Carefully review the terms of service or contracts, and challenge the
provider to meet your needs.
For more information on cloud computing, see:
Reaching for the Clouds
The Report on the 2010 Office of the Privacy Commissioner of Canada’s
Consultations on Online Tracking, Profiling and Targeting, and Cloud Computing
Guidelines for Processing Personal Data Across Borders
5. Frequently Asked Questions
What is cloud computing?
Simply put, cloud computing is the delivery of computing services over the Internet.
Whether they realize it or not, many people use cloud computing services for their
own personal needs. For example, many people use social networking sites or
webmail, and these are cloud services. Photographs that people once kept on their
own computers are now being stored on servers owned by third parties. These are
also examples of cloud services.
Cloud services are popular because people can access their e-mail, social networking
site or photo service from anywhere in the world, at any time, at minimal or no
charge. Some cloud providers may, however, use the personal information of users
for advertising purposes or to learn more about the users for other reasons. The
Office of the Privacy Commissioner of Canada (OPC) has been critical of some of
these practices, largely because they occur without individuals fully realizing how
their personal information is being used “in the cloud.” Individuals should pay careful
attention to whether and how the cloud company protects their personal information.
Users should also protect their own personal information by using any privacy
settings that the service may offer.
Can cloud computing affect privacy?
When it comes to cloud computing, the security and privacy of personal information
is extremely important. Given that personal information is being turned over to
another organization, often in another country, it is vital to ensure that the
information is safe and that only the people who need to access it are able to do so.
There is the risk that personal information sent to a cloud provider might be kept
indefinitely or used for other purposes. Such information could also be accessed by
government agencies, domestic or foreign (if the cloud provider retains the
information outside of Canada).
For businesses that are considering using a cloud service, it is important to
understand the security and privacy policies and practices of the provider. The terms
of service that govern the relationship with the provider sometimes allow for rather
liberal usage and retention practices.
Which party is accountable for personal information? The business that
collects it from individuals or the cloud provider?
The Personal Information Protection and Electronic Documents Act (PIPEDA) does not
prohibit cloud computing, even when the cloud provider is in another country. Under
PIPEDA, organizations must ensure that they collect personal information for
appropriate purposes and that these purposes be made clear to individuals; they
obtain consent; they limit collection of personal information to those purposes; they
protect the information; and that they be transparent about their privacy practices.
PIPEDA also requires that when an organization transfers personal information to a
third-party for processing, it remains accountable for that information. It must use
contractual or other means to ensure that the personal information transferred to the
third party is appropriately protected. Therefore, an organization that is considering
6. using a cloud service remains accountable for the personal information that it
transfers to the cloud service, and it must ensure that the personal information
remain protected in the hands of that cloud service provider. Organizations need to
carefully review the terms of service of the cloud provider and ensure that the
personal information it entrusts to it will be treated in a manner consistent with
PIPEDA. For more information on transferring of personal information to third
parties, please see our Guidelines for Processing Personal Data Across Borders.
Why are organizations interested in cloud computing?
Cloud computing can significantly reduce the cost and complexity of owning and
operating computers and networks. If an organization uses a cloud provider, it does
not need to spend money on information technology infrastructure, or buy hardware
or software licences. Cloud services can often be customized and flexible to use, and
providers can offer advanced services that an individual company might not have the
money or expertise to develop.
I’ve heard that cloud computing may improve privacy protection. Is this
true?
For businesses that are considering using a cloud service, cloud computing could
offer better protection of personal information compared with current security and
privacy practices. Through economies of scale, large cloud providers may be able to
use better security technologies than individuals or small companies can, and have
better backup and disaster-recovery capabilities. Cloud providers may also be
motivated to build privacy protections into new technology, and to support better
audit trails.
On the other hand, while cloud computing may not increase the risk that personal
information will be misused or improperly exposed, it could increase the scale of
exposure. The aggregation of data in a cloud provider can make that data very
attractive to cybercriminals, for example. Moreover, given how inexpensive it is to
keep data in the cloud, there may be a tendency to retain it indefinitely, thereby
increasing the risk of breaches.
For more information, please see Cloud Computing.