Cloud Security and Privacy Report: Data Security, Privacy and Identity
VerifiedAdded on 2019/10/31
|26
|7272
|353
Report
AI Summary
This report examines cloud security and privacy within the context of a fictional Department of Administrative Services (DAS). It addresses employee data security, privacy, and identity issues, proposing solutions aligned with a SaaS integration model. The report details privacy strategies for personal data, including compliance with Australian Privacy Principles (APP), and recommends privacy controls for data collection, use, and disclosure. It emphasizes the importance of secure digital identities, risk identification, and mitigation, with a focus on safeguarding personal information within a centralized database. The report also covers access to personal information, data quality, and correction, offering insights into protecting sensitive data from potential breaches and ensuring compliance across government agencies. It highlights the need for robust authorization procedures and continuous monitoring to maintain data integrity and prevent unauthorized access.
Running head: CLOUD SECURITY AND PRIVACY
CLOUD SECURITY AND PRIVACY
Name of the Student
Name of the University
Author Note
CLOUD SECURITY AND PRIVACY
Name of the Student
Name of the University
Author Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
2CLOUD SECURITY AND PRIVACY
Table of Contents
Introduction......................................................................................................................................3
Privacy strategy for Personal Data..................................................................................................3
Recommended Privacy control........................................................................................................9
Privacy issues:.................................................................................................................................9
Implementation of privacy issues:.................................................................................................11
Personal data protection strategy...................................................................................................11
Recommended personal data protection strategy..........................................................................17
Implementation of security issues:................................................................................................20
Conclusion.....................................................................................................................................22
References......................................................................................................................................24
Table of Contents
Introduction......................................................................................................................................3
Privacy strategy for Personal Data..................................................................................................3
Recommended Privacy control........................................................................................................9
Privacy issues:.................................................................................................................................9
Implementation of privacy issues:.................................................................................................11
Personal data protection strategy...................................................................................................11
Recommended personal data protection strategy..........................................................................17
Implementation of security issues:................................................................................................20
Conclusion.....................................................................................................................................22
References......................................................................................................................................24
3CLOUD SECURITY AND PRIVACY
Introduction
In this report there is a description of a fictional department named Department of
Administrative Services (DAS). The report as been prepared to include details about the topics
related to the security of data of the employees, privacy of the data and the subsequent
identification of the identity issues. The solutions provided has been discussed along with the
sensitivity of the data has been discussed and demonstrated (Pahl, Xiong & Walshe, 2013). The
case study provided has showed the migration planning with the help of a SaaS integration into
the business model. Separate discussion has been done based on the different identification
methods o the case study. The required risk identification and the mitigation of such risks has
been discussed in the following report based on the outcomes which has been asked to be
discussed. The employee privacy has been guaranteed based on the privacy of the data that has
been collected and then migrated into the new SaaS system of the solution (Chang, Walters &
Wills, 2013).
Privacy strategy for Personal Data
1. Management of personal information,
Cloud computing has both the inclusion of positive benefits as well as negative risk
factors in the use of the process. Under the association of the governments cloud computing
policy, all agencies have to adopt for the use of cloud computing when they are trying to acquire
the use of ICT services. These help in providing extra protection on the data security measures
and also delivers the value for money. Looking at the problem from a legal point of view the use
of an information technology services which are based on the cloud model the documents
Introduction
In this report there is a description of a fictional department named Department of
Administrative Services (DAS). The report as been prepared to include details about the topics
related to the security of data of the employees, privacy of the data and the subsequent
identification of the identity issues. The solutions provided has been discussed along with the
sensitivity of the data has been discussed and demonstrated (Pahl, Xiong & Walshe, 2013). The
case study provided has showed the migration planning with the help of a SaaS integration into
the business model. Separate discussion has been done based on the different identification
methods o the case study. The required risk identification and the mitigation of such risks has
been discussed in the following report based on the outcomes which has been asked to be
discussed. The employee privacy has been guaranteed based on the privacy of the data that has
been collected and then migrated into the new SaaS system of the solution (Chang, Walters &
Wills, 2013).
Privacy strategy for Personal Data
1. Management of personal information,
Cloud computing has both the inclusion of positive benefits as well as negative risk
factors in the use of the process. Under the association of the governments cloud computing
policy, all agencies have to adopt for the use of cloud computing when they are trying to acquire
the use of ICT services. These help in providing extra protection on the data security measures
and also delivers the value for money. Looking at the problem from a legal point of view the use
of an information technology services which are based on the cloud model the documents
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
4CLOUD SECURITY AND PRIVACY
comprising of confidential information are transferred for the use in the analysis procedure
involving the security management of the information and the protection of the personal
information.
From the point of view of the case study it can be said that the use of a centralized
database can help in better assessment of the data and the information that is being collected by
the organizations. The application which the government is providing for the organizations are
the use of the personnel management, contractor management, payroll controlling and a common
platform for the sharing of data across platforms. The authorization procedures has been made to
be simple and of high security so that no third person will be able to get access for the
information. Moreover keeping the company database on a single location would help in keeping
the data safe from one location. The risk assessment can be done easily on the data and can be
assessed by a single person form the remote location. Keeping the data in a single location would
help in tracking the changes which has been done on the files. The data once uploaded is checked
by the analyst at an intermediate level and then clears out the data.
2. Collection and management of solicited personal information,
Under the regulation set out by the Australian Privacy Principle (APP) outlines the use of
an entity for the collection of solicited personal information (Jamshidi, Ahmad & Pahl, 2013). It
can help in the solicitation of the personal information collection and the provision of sharing the
information with other persons. The APP also stops an organization rom collecting sensitive
information from individuals until and unless the individual gives the consent of collecting the
information or if the organization collecting the information is of high profile government
company (Chang, Walters & Wills, 2013). The information being collected is to be of correct
comprising of confidential information are transferred for the use in the analysis procedure
involving the security management of the information and the protection of the personal
information.
From the point of view of the case study it can be said that the use of a centralized
database can help in better assessment of the data and the information that is being collected by
the organizations. The application which the government is providing for the organizations are
the use of the personnel management, contractor management, payroll controlling and a common
platform for the sharing of data across platforms. The authorization procedures has been made to
be simple and of high security so that no third person will be able to get access for the
information. Moreover keeping the company database on a single location would help in keeping
the data safe from one location. The risk assessment can be done easily on the data and can be
assessed by a single person form the remote location. Keeping the data in a single location would
help in tracking the changes which has been done on the files. The data once uploaded is checked
by the analyst at an intermediate level and then clears out the data.
2. Collection and management of solicited personal information,
Under the regulation set out by the Australian Privacy Principle (APP) outlines the use of
an entity for the collection of solicited personal information (Jamshidi, Ahmad & Pahl, 2013). It
can help in the solicitation of the personal information collection and the provision of sharing the
information with other persons. The APP also stops an organization rom collecting sensitive
information from individuals until and unless the individual gives the consent of collecting the
information or if the organization collecting the information is of high profile government
company (Chang, Walters & Wills, 2013). The information being collected is to be of correct
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
5CLOUD SECURITY AND PRIVACY
authorization from the Australian la w or the court. There is a permit which allows thee
collection of information without any prior notice which has been approved by APP. Collection
of any type of solicited information has to be done in accordance with the laws and in a fair
manner. The collection of the information is to be done only after the consent of the individual,
for the course of an ongoing investigation or where it is unreasonable and impractical for the
collection of information to be done.
3. Use and disclosure of personal information,
Personal information is a group of information about an individual which comprises of
name, addresses, phone number, IP number, birth data, e-mail address, social insurance number
and everything about the employment. These information has to be protected and use din the
operation and purpose of the management issues. During the time of collection of the
information the applicants has to be informed about the reason the information is being collected,
the rights the information has exercise to and the correction of the information. The individuals
whose informations are being collected the has to be given the information that where the
information will be disclosed or shared to: reason for the sharing of the information, where it is
to be disclosed. The responsibility of the information collected from the individuals is to be taken
up by the organization that is collecting the information. There are officials who are trained to
keep track of the protection of the privacy (Jamshidi, Ahmad & Pahl, 2013). Though no
responsibility is to be taken by the organization when the information is to be shared by the
individual on a third party portal. That information is shared by the individual on his or her own
responsibility. The information collected is necessary for the performing of the administrative
functions like:
authorization from the Australian la w or the court. There is a permit which allows thee
collection of information without any prior notice which has been approved by APP. Collection
of any type of solicited information has to be done in accordance with the laws and in a fair
manner. The collection of the information is to be done only after the consent of the individual,
for the course of an ongoing investigation or where it is unreasonable and impractical for the
collection of information to be done.
3. Use and disclosure of personal information,
Personal information is a group of information about an individual which comprises of
name, addresses, phone number, IP number, birth data, e-mail address, social insurance number
and everything about the employment. These information has to be protected and use din the
operation and purpose of the management issues. During the time of collection of the
information the applicants has to be informed about the reason the information is being collected,
the rights the information has exercise to and the correction of the information. The individuals
whose informations are being collected the has to be given the information that where the
information will be disclosed or shared to: reason for the sharing of the information, where it is
to be disclosed. The responsibility of the information collected from the individuals is to be taken
up by the organization that is collecting the information. There are officials who are trained to
keep track of the protection of the privacy (Jamshidi, Ahmad & Pahl, 2013). Though no
responsibility is to be taken by the organization when the information is to be shared by the
individual on a third party portal. That information is shared by the individual on his or her own
responsibility. The information collected is necessary for the performing of the administrative
functions like:
6CLOUD SECURITY AND PRIVACY
Merit and administrative review of the applications
Awarding of the administration
Planning and evaluation of the established databases.
For the development of potential external assessors
In context to the case study for the disclosure of the personal information which are to be
collected by the organization are not only related to the employees of the organization but also
related to the users who are using the services of the organization. This information is important
to be kept in safeguard by the organization. In the hands of the hackers this information can be
used by them to extract money in the form of ransom or in the form of extortion. The cloud
services which the DAS use are located across the world and can help in keeping the information
safe. All the departments and the agencies under the government has to follow these rules to
keep in mind the privacy and the sharing of the data with other agencies.
4. Use and security of digital identities,
The identities which are to be created for the employees of the organization needs to be
authentic and in correct format that is being followed by the organization. There is a threat vision
in terms pf identity theft from the information that has been collected form the employees and
huge loss of resources can be done. This is the main reason due to which the use and the nominal
security of the identities be cleared and made in form of authentic. The attacks and the
vulnerabilities which can be caused due to the use of the digital identity theft can make the
company fall down. With respect to the case study the organization being a government body
should keep the data safe and make correct validation protocols for the users (Jamshidi, Ahmad
& Pahl, 2013).
Merit and administrative review of the applications
Awarding of the administration
Planning and evaluation of the established databases.
For the development of potential external assessors
In context to the case study for the disclosure of the personal information which are to be
collected by the organization are not only related to the employees of the organization but also
related to the users who are using the services of the organization. This information is important
to be kept in safeguard by the organization. In the hands of the hackers this information can be
used by them to extract money in the form of ransom or in the form of extortion. The cloud
services which the DAS use are located across the world and can help in keeping the information
safe. All the departments and the agencies under the government has to follow these rules to
keep in mind the privacy and the sharing of the data with other agencies.
4. Use and security of digital identities,
The identities which are to be created for the employees of the organization needs to be
authentic and in correct format that is being followed by the organization. There is a threat vision
in terms pf identity theft from the information that has been collected form the employees and
huge loss of resources can be done. This is the main reason due to which the use and the nominal
security of the identities be cleared and made in form of authentic. The attacks and the
vulnerabilities which can be caused due to the use of the digital identity theft can make the
company fall down. With respect to the case study the organization being a government body
should keep the data safe and make correct validation protocols for the users (Jamshidi, Ahmad
& Pahl, 2013).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
7CLOUD SECURITY AND PRIVACY
From the point of view of the case study it can be said that the use of a centralized
database can help in better assessment of the data and the information that is being collected by
the organizations. The application which the government is providing for the organizations are
the use of the personnel management, contractor management, payroll controlling and a common
platform for the sharing of data across platforms (Pahl & Xiong, 2013). The authorization
procedures has been made to be simple and of high security so that no third person will be able
to get access for the information. Moreover keeping the company database on a single location
would help in keeping the data safe from one location. The risk assessment can be done easily on
the data and can be assessed by a single person form the remote location. Keeping the data in a
single location would help in tracking the changes which has been done on the files
From the point of view of the case study it can be said that the use of a centralized
database can help in better assessment of the data and the information that is being collected by
the organizations. The application which the government is providing for the organizations are
the use of the personnel management, contractor management, payroll controlling and a common
platform for the sharing of data across platforms. The authorization procedures has been made to
be simple and of high security so that no third person will be able to get access for the
information. Moreover keeping the company database on a single location would help in keeping
the data safe from one location. The risk assessment can be done easily on the data and can be
assessed by a single person form the remote location. Keeping the data in a single location would
help in tracking the changes which has been done on the files. The data once uploaded is checked
by the analyst at an intermediate level and then clears out the data.
From the point of view of the case study it can be said that the use of a centralized
database can help in better assessment of the data and the information that is being collected by
the organizations. The application which the government is providing for the organizations are
the use of the personnel management, contractor management, payroll controlling and a common
platform for the sharing of data across platforms (Pahl & Xiong, 2013). The authorization
procedures has been made to be simple and of high security so that no third person will be able
to get access for the information. Moreover keeping the company database on a single location
would help in keeping the data safe from one location. The risk assessment can be done easily on
the data and can be assessed by a single person form the remote location. Keeping the data in a
single location would help in tracking the changes which has been done on the files
From the point of view of the case study it can be said that the use of a centralized
database can help in better assessment of the data and the information that is being collected by
the organizations. The application which the government is providing for the organizations are
the use of the personnel management, contractor management, payroll controlling and a common
platform for the sharing of data across platforms. The authorization procedures has been made to
be simple and of high security so that no third person will be able to get access for the
information. Moreover keeping the company database on a single location would help in keeping
the data safe from one location. The risk assessment can be done easily on the data and can be
assessed by a single person form the remote location. Keeping the data in a single location would
help in tracking the changes which has been done on the files. The data once uploaded is checked
by the analyst at an intermediate level and then clears out the data.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
8CLOUD SECURITY AND PRIVACY
5. Access to personal information,
The data protection act helps the individual to a safe guard their information form theft
from the hands of the hackers. The access of the informations has be made sensitive and made in
an hierarchical methods. This method if followed by the organization will help them to find out
the one who was able to steal from the database (Jamshidi et al., 2015). this would also help in
making the data to be correctly visual to the category of employees who really need the
information. For the lower hierarchical employees who need the access to the information has to
apply directly to the higher authorities to get the access for the data. This helps in keeping the
data safe from the hands of the hackers. For the access to the information related to himself the
company is bound to provide the information directly to him without any prior notice form the
individual. The organization can also reject the issue if it is found that the information is in a
highly inaccessible position or under the location of the law. In the respect of the case study
provided there needs to be safe guarding of the personal information. This is due to the fact that
many agencies are there who are using the system. Information leakage through the portal can
cause disastrous effect on the agencies.
6. Quality and correction of personal information
An APP (Australian privacy principle) entity takes the whole principle of delivering the
steps which is mainly to ensure that the personal information it has collected is accurate,
complete and up-to-date. An APP entity must take the steps which are responsible in order to
achieve the standards that are in context to the personal information it uses and mainly discloses,
having regard to the main purpose of the standard the users should use or disclosure, complete,
up-to-date and complete and relevant.
5. Access to personal information,
The data protection act helps the individual to a safe guard their information form theft
from the hands of the hackers. The access of the informations has be made sensitive and made in
an hierarchical methods. This method if followed by the organization will help them to find out
the one who was able to steal from the database (Jamshidi et al., 2015). this would also help in
making the data to be correctly visual to the category of employees who really need the
information. For the lower hierarchical employees who need the access to the information has to
apply directly to the higher authorities to get the access for the data. This helps in keeping the
data safe from the hands of the hackers. For the access to the information related to himself the
company is bound to provide the information directly to him without any prior notice form the
individual. The organization can also reject the issue if it is found that the information is in a
highly inaccessible position or under the location of the law. In the respect of the case study
provided there needs to be safe guarding of the personal information. This is due to the fact that
many agencies are there who are using the system. Information leakage through the portal can
cause disastrous effect on the agencies.
6. Quality and correction of personal information
An APP (Australian privacy principle) entity takes the whole principle of delivering the
steps which is mainly to ensure that the personal information it has collected is accurate,
complete and up-to-date. An APP entity must take the steps which are responsible in order to
achieve the standards that are in context to the personal information it uses and mainly discloses,
having regard to the main purpose of the standard the users should use or disclosure, complete,
up-to-date and complete and relevant.
9CLOUD SECURITY AND PRIVACY
From the point of view of the case study it can be said that the use of a centralized
database can help in better assessment of the data and the information that is being collected by
the organizations. The application which the government is providing for the organizations are
the use of the personnel management, contractor management, payroll controlling and a common
platform for the sharing of data across platforms. The authorization procedures has been made to
be simple and of high security so that no third person will be able to get access for the
information. Moreover keeping the company database on a single location would help in keeping
the data safe from one location. The risk assessment can be done easily on the data and can be
assessed by a single person form the remote location. Keeping the data in a single location would
help in tracking the changes which has been done on the files
Recommended Privacy control
Privacy issues:
The main privacy challenges faced by the cloud computing are as follows:
Risk assessments complexities: a number of unknown parameters are introduced by the
complexities of the cloud services. The service providers and the consumers are cautious
about providing guarantee about the compliance-ready services and adopting the services.
The real challenge occurs when a check is done on the data processing lifecycle and the
acquiescence with legal structures even when the service suppliers promote a modest way
for the movement of private data regardless of the national borders. To answer the issues
related to privacy of data the solution state that there must remain a transparent policy
among the individuals regarding the processing of private data. It needs to be specified by
From the point of view of the case study it can be said that the use of a centralized
database can help in better assessment of the data and the information that is being collected by
the organizations. The application which the government is providing for the organizations are
the use of the personnel management, contractor management, payroll controlling and a common
platform for the sharing of data across platforms. The authorization procedures has been made to
be simple and of high security so that no third person will be able to get access for the
information. Moreover keeping the company database on a single location would help in keeping
the data safe from one location. The risk assessment can be done easily on the data and can be
assessed by a single person form the remote location. Keeping the data in a single location would
help in tracking the changes which has been done on the files
Recommended Privacy control
Privacy issues:
The main privacy challenges faced by the cloud computing are as follows:
Risk assessments complexities: a number of unknown parameters are introduced by the
complexities of the cloud services. The service providers and the consumers are cautious
about providing guarantee about the compliance-ready services and adopting the services.
The real challenge occurs when a check is done on the data processing lifecycle and the
acquiescence with legal structures even when the service suppliers promote a modest way
for the movement of private data regardless of the national borders. To answer the issues
related to privacy of data the solution state that there must remain a transparent policy
among the individuals regarding the processing of private data. It needs to be specified by
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
10CLOUD SECURITY AND PRIVACY
the stakeholders about the necessities for cloud computing so to meet the level of security
and privacy.
Loss of control: the owners of the data are the cloud provider, when the user uses cloud
computing. If the user wishes to change the provider, then the risk of misuse or
manipulation of the data which exists in the data center of the current provider still
remains. Whenever there is a use of the SaaS environment, then the service provider
becomes accountable for the storage of the data in which the perceptibility and control is
limited. Processing of data of the customer is done in the clouds on machines which the
consumer does not own or control. There is a threat of misuse of data or theft of the data
or unauthorized sale of the data.
Individual storage: The data may be stored in space of the cloud which are in appropriate,
as the payment for storing is to be done by the provider, when the provider uses real
storage to store the data of the client. This causes a main concern about the privacy of the
user.
Access control: When the user does not use data kept in the cloud for a long time then
this type of issue occurs. An access which is not authorized will use the data unlawfully
due to deficiency of the authorization in controlling the access.
Data boundary: The cloud providers has made many copies so as to provide data to the
user at any location whenever required. Whenever a data has been hosted by the data
center and the data has not been used for a long time then there is a need of removing the
data from the data center. This making of copies can lead to leak of information or theft
of the data.
the stakeholders about the necessities for cloud computing so to meet the level of security
and privacy.
Loss of control: the owners of the data are the cloud provider, when the user uses cloud
computing. If the user wishes to change the provider, then the risk of misuse or
manipulation of the data which exists in the data center of the current provider still
remains. Whenever there is a use of the SaaS environment, then the service provider
becomes accountable for the storage of the data in which the perceptibility and control is
limited. Processing of data of the customer is done in the clouds on machines which the
consumer does not own or control. There is a threat of misuse of data or theft of the data
or unauthorized sale of the data.
Individual storage: The data may be stored in space of the cloud which are in appropriate,
as the payment for storing is to be done by the provider, when the provider uses real
storage to store the data of the client. This causes a main concern about the privacy of the
user.
Access control: When the user does not use data kept in the cloud for a long time then
this type of issue occurs. An access which is not authorized will use the data unlawfully
due to deficiency of the authorization in controlling the access.
Data boundary: The cloud providers has made many copies so as to provide data to the
user at any location whenever required. Whenever a data has been hosted by the data
center and the data has not been used for a long time then there is a need of removing the
data from the data center. This making of copies can lead to leak of information or theft
of the data.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
11CLOUD SECURITY AND PRIVACY
Personal data protection strategy
1. Protection of personal information
The concept of the loud computing can be considered very much globalized, and within
the concept of the cloud there are no such boundaries that exist. Computers which are mainly
used for the purpose of storing and processing of data and the information and communication
technology (ICT) infrastructure of the network can be identified and detected anywhere in the
globe. The concept just depends upon the requisite capacities which are available for execution
of the task related to the ICT which is in accordance to the optimization – oriented management
of the resources in the global concept which is mainly used for the cloud computing. Taking
emphasis on the current situation the user has to establish their own identity each time they use a
new prospective and majorly providing the personal information like the names, credit card
number and phone number. If taking into account, the number of users that have involved in the
access of the website and giving the personal information. The leftover of the information can be
gained access from anywhere. There can be situation which can be related to the left over which
can be stated over as a “digital bread crumbs” thought-out the cyber space. The users have no
idea how the data would be affected in the scenario and who can gain access of the data and the
overall features are very much liable to be detected by the intruders.
When relating to some of the basic approaches used by the service providers of the cloud
computing, they offer the customers with the option of choosing between certain availability
zones. With the selected process or the selected zone, the customer data remains secured in the
selected zone. Encryption is the main solution to secure the information. It is better to encrypt the
Personal data protection strategy
1. Protection of personal information
The concept of the loud computing can be considered very much globalized, and within
the concept of the cloud there are no such boundaries that exist. Computers which are mainly
used for the purpose of storing and processing of data and the information and communication
technology (ICT) infrastructure of the network can be identified and detected anywhere in the
globe. The concept just depends upon the requisite capacities which are available for execution
of the task related to the ICT which is in accordance to the optimization – oriented management
of the resources in the global concept which is mainly used for the cloud computing. Taking
emphasis on the current situation the user has to establish their own identity each time they use a
new prospective and majorly providing the personal information like the names, credit card
number and phone number. If taking into account, the number of users that have involved in the
access of the website and giving the personal information. The leftover of the information can be
gained access from anywhere. There can be situation which can be related to the left over which
can be stated over as a “digital bread crumbs” thought-out the cyber space. The users have no
idea how the data would be affected in the scenario and who can gain access of the data and the
overall features are very much liable to be detected by the intruders.
When relating to some of the basic approaches used by the service providers of the cloud
computing, they offer the customers with the option of choosing between certain availability
zones. With the selected process or the selected zone, the customer data remains secured in the
selected zone. Encryption is the main solution to secure the information. It is better to encrypt the
12CLOUD SECURITY AND PRIVACY
data before storing the data in the cloud. Owners of the data can give permission to certain
members of the company so as to provide access to the encrypted data. Heterogeneous data
centric security is to be provided so as to provide data access control. The data security model of
the company should contain authenticated, data encrypted data and data integrity, recovery of
data and protection of user data is to be designed so as to improve the security of the data in the
cloud. Data protection can be used as a service so as to ensure re privacy and security of the data
(Gholami et al., 2016). Normal encryption can cause complexities and made unusable to
unauthorized users. Before uploading the data into the cloud the company must verify whether
the data stored is stored in the backup folder and the keys of the file must not be changed.
Altering of data is not done for that the company must count the number of files before
uploading them. This calculation is very difficult to maintain and can be used for data integrity.
RSA based data integrity check can be provided by combining identity based cryptography and
RSA Signature. SaaS helps in segregating data and make clear boundaries between the physical
level and application level
Regarding the concept of personal information, the term may can interpreted in many
ways by different people. The concept which is related in this scenario is the privacy aspect of
sensitive information that can be included in the following manners:
Personal Identification information (PII): The information that can be used to locate or
identify an individual for example address, name or information that can be correlated with the
information in order to identify an individual.
Sensitive information: Information which can be related to religious ground of race,
sexual orientation, race or union membership or other information which can be considered as
private data. such information should always be having an additional safeguard.
data before storing the data in the cloud. Owners of the data can give permission to certain
members of the company so as to provide access to the encrypted data. Heterogeneous data
centric security is to be provided so as to provide data access control. The data security model of
the company should contain authenticated, data encrypted data and data integrity, recovery of
data and protection of user data is to be designed so as to improve the security of the data in the
cloud. Data protection can be used as a service so as to ensure re privacy and security of the data
(Gholami et al., 2016). Normal encryption can cause complexities and made unusable to
unauthorized users. Before uploading the data into the cloud the company must verify whether
the data stored is stored in the backup folder and the keys of the file must not be changed.
Altering of data is not done for that the company must count the number of files before
uploading them. This calculation is very difficult to maintain and can be used for data integrity.
RSA based data integrity check can be provided by combining identity based cryptography and
RSA Signature. SaaS helps in segregating data and make clear boundaries between the physical
level and application level
Regarding the concept of personal information, the term may can interpreted in many
ways by different people. The concept which is related in this scenario is the privacy aspect of
sensitive information that can be included in the following manners:
Personal Identification information (PII): The information that can be used to locate or
identify an individual for example address, name or information that can be correlated with the
information in order to identify an individual.
Sensitive information: Information which can be related to religious ground of race,
sexual orientation, race or union membership or other information which can be considered as
private data. such information should always be having an additional safeguard.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 26
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.