Cloud Security and Privacy Policy Report for Australian Government
VerifiedAdded on  2022/10/13
|25
|7029
|142
Report
AI Summary
This report focuses on the cloud security and privacy concerns within the Department of Administrative Services (DAS), an Australian government department transitioning to a shared services model with a cloud-first approach. The report analyzes the implications of this shift, particularly regarding the handling of sensitive data from various government services like HR, payroll, and procurement. It proposes a comprehensive privacy and security strategy, addressing data management, collection, use, disclosure, and the security of digital identities. The report emphasizes the importance of compliance with the Privacy Act 1988 and recommends specific controls, including data encryption, access control protocols, and the implementation of role-based access control. Furthermore, it addresses data protection threats and recommends mitigation strategies, such as incorporating effective surveillance detectors and cloud computing infrastructure for scalable storage. The report concludes by evaluating the effectiveness of the recommended security and privacy policies in ensuring data protection and compliance within the DAS framework.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: REPORT ON CLOUD PRIVACY AND SECURITY POLICY
REPORT
ON
CLOUD PRIVACY AND SECURITY POLICY
Name of the Student
Name of the University
Author Note:
REPORT
ON
CLOUD PRIVACY AND SECURITY POLICY
Name of the Student
Name of the University
Author Note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1Cloud Security and Privacy Policy
Table of Contents
Introduction:...............................................................................................................................1
Proposal of Privacy and Security Strategy for Department of Administrative Service (DAS): 2
Management of Personal Information-..................................................................................3
Collection and Management of solicited personal information:............................................3
Use and Disclosure of Personal Information:........................................................................4
Use and Security of Digital Identities:...................................................................................5
Security of personal Information:..........................................................................................5
Access to personal Information:.............................................................................................5
Quality and correction of personal information:....................................................................6
Recommended Controls:............................................................................................................6
Implementation of Privacy Strategy-.....................................................................................7
Personal Data Protection of DAS:..............................................................................................9
Personal Data Protect Strategy-...........................................................................................10
Authorised Access and Discloser of Personal Information-................................................10
Use of Personal Digital Identities........................................................................................11
Data Protection Control(s):......................................................................................................12
Mitigation of data protection threats-...................................................................................13
Implementation of Data Protection Strategy-......................................................................14
Conclusion:..............................................................................................................................15
Table of Contents
Introduction:...............................................................................................................................1
Proposal of Privacy and Security Strategy for Department of Administrative Service (DAS): 2
Management of Personal Information-..................................................................................3
Collection and Management of solicited personal information:............................................3
Use and Disclosure of Personal Information:........................................................................4
Use and Security of Digital Identities:...................................................................................5
Security of personal Information:..........................................................................................5
Access to personal Information:.............................................................................................5
Quality and correction of personal information:....................................................................6
Recommended Controls:............................................................................................................6
Implementation of Privacy Strategy-.....................................................................................7
Personal Data Protection of DAS:..............................................................................................9
Personal Data Protect Strategy-...........................................................................................10
Authorised Access and Discloser of Personal Information-................................................10
Use of Personal Digital Identities........................................................................................11
Data Protection Control(s):......................................................................................................12
Mitigation of data protection threats-...................................................................................13
Implementation of Data Protection Strategy-......................................................................14
Conclusion:..............................................................................................................................15
2Cloud Security and Privacy Policy
Introduction:
The primary objective of this report is to effectively elaborate the aspect of security
and privacy risk factors present in the Department of Administrative services, with the
purpose to provide effective solution to address the identified problems. After investigating
the case scenario it has been noticed that there is a significant impact of security concern in
the operations of the Department of Administrative Services. Followed by this aspect it has
been noticed that the higher authorities of DAS has expressed their interest towards
converting the traditional working procedure into an effective shared services which must
holds the features of a centralized database as it has intended to migrate the present data of
DAS into a single server from which can perform the desired operations. Considering the
above mentioned purpose the administrator has also mentioned that they have basically
focused on the incorporation of the cloud computing infrastructure into the organizational
infrastructure. Hence, this paper will be highly focused on the implementing cloud security
and privacy concern in the nominated organizational aspect. Followed by the purpose to
enhance the security services on the operations of the nominated organizational services it
has been noticed that currently the organization is based on the traditional working process
which offers several impactful services to the Australian state government with the purpose
to enhance their services (Alenezi et al., 2017). Those services includes the human resource
management process, personnel management process, payroll process, the management of
contractors, tendering process as well as the procurement process. Since, from the above
discussion it can be stated that all of the mentioned services holds several individual data set
which needs to be managed by the nominated organization. Hence, considering this
complexity in the working process it has mentioned that it needs to integrate database of each
service performed in the organization with the purpose to enhance the services of the
organization by making it more cost effective, accurate as well as less time consuming
Introduction:
The primary objective of this report is to effectively elaborate the aspect of security
and privacy risk factors present in the Department of Administrative services, with the
purpose to provide effective solution to address the identified problems. After investigating
the case scenario it has been noticed that there is a significant impact of security concern in
the operations of the Department of Administrative Services. Followed by this aspect it has
been noticed that the higher authorities of DAS has expressed their interest towards
converting the traditional working procedure into an effective shared services which must
holds the features of a centralized database as it has intended to migrate the present data of
DAS into a single server from which can perform the desired operations. Considering the
above mentioned purpose the administrator has also mentioned that they have basically
focused on the incorporation of the cloud computing infrastructure into the organizational
infrastructure. Hence, this paper will be highly focused on the implementing cloud security
and privacy concern in the nominated organizational aspect. Followed by the purpose to
enhance the security services on the operations of the nominated organizational services it
has been noticed that currently the organization is based on the traditional working process
which offers several impactful services to the Australian state government with the purpose
to enhance their services (Alenezi et al., 2017). Those services includes the human resource
management process, personnel management process, payroll process, the management of
contractors, tendering process as well as the procurement process. Since, from the above
discussion it can be stated that all of the mentioned services holds several individual data set
which needs to be managed by the nominated organization. Hence, considering this
complexity in the working process it has mentioned that it needs to integrate database of each
service performed in the organization with the purpose to enhance the services of the
organization by making it more cost effective, accurate as well as less time consuming
3Cloud Security and Privacy Policy
(Aljawarneh & Yassein 2016). However, while developing a centralized database there is
huge necessity of implementing the effective privacy and security strategies with the purpose
to protect the data as it has been noticed that the approached system will be based on internet
operation. Along with managing the database of the several services it has been also noticed
that the approached system will also consist the feature to gather as well as analyze the
employ data with the purpose to provide more customize experience to the employ related to
their identification, verification as well. Hence, considering the above mentioned aspect this
paper will focus on elaborating the cloud security and privacy concerns. In order to support
the discussion this paper will focus on the recommendation of privacy regulation which will
help to address the security issues of managing personal information, accessing those
information, correction of those information. Along with this, it will also provide the
suggestion of effective security controls which will help to reduce the risk which has been
identified in the case scenario of DAS (Almorsy, Grundy & Müller 2016). Followed by this it
will also consist a detail elaboration of eth discussion related to the personal data protection
policies and procedures, considering which it will then recommend the most effective
strategy to address the identified issues on personal data protection. Lastly, it will conclude
by stating the effectiveness of the recommended security and privacy policies of the
organization in order to analyze the appropriateness of the above discussion.
Proposal of Privacy and Security Strategy for Department of
Administrative Service (DAS):
After investigating the case scenario of the nominated organization DAS it has been
noticed that since, the authorities of the organization has expressed their interest towards
converting their operational services into an integrated data handling, they have mentioned
that they want to adopt the feature of cloud infrastructure into DAS’s operational
infrastructure. Followed by this aspect, after a thorough investigation of the application of
(Aljawarneh & Yassein 2016). However, while developing a centralized database there is
huge necessity of implementing the effective privacy and security strategies with the purpose
to protect the data as it has been noticed that the approached system will be based on internet
operation. Along with managing the database of the several services it has been also noticed
that the approached system will also consist the feature to gather as well as analyze the
employ data with the purpose to provide more customize experience to the employ related to
their identification, verification as well. Hence, considering the above mentioned aspect this
paper will focus on elaborating the cloud security and privacy concerns. In order to support
the discussion this paper will focus on the recommendation of privacy regulation which will
help to address the security issues of managing personal information, accessing those
information, correction of those information. Along with this, it will also provide the
suggestion of effective security controls which will help to reduce the risk which has been
identified in the case scenario of DAS (Almorsy, Grundy & Müller 2016). Followed by this it
will also consist a detail elaboration of eth discussion related to the personal data protection
policies and procedures, considering which it will then recommend the most effective
strategy to address the identified issues on personal data protection. Lastly, it will conclude
by stating the effectiveness of the recommended security and privacy policies of the
organization in order to analyze the appropriateness of the above discussion.
Proposal of Privacy and Security Strategy for Department of
Administrative Service (DAS):
After investigating the case scenario of the nominated organization DAS it has been
noticed that since, the authorities of the organization has expressed their interest towards
converting their operational services into an integrated data handling, they have mentioned
that they want to adopt the feature of cloud infrastructure into DAS’s operational
infrastructure. Followed by this aspect, after a thorough investigation of the application of
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4Cloud Security and Privacy Policy
cloud computing in the nominated organizational infrastructure, several security and privacy
issues has been raised which holds significant negative impact on the services of the
organization. Considering those identified security and privacy issues a detail elaboration
related to the regulation with the purpose to develop an effective privacy strategy in
mentioned below:-
Management of Personal Information-
In order to provide security and privacy to the personal information of the
organization Department of Administrative Service it has been noticed that there is a huge
necessity of incorporating effective information security control with the purpose to regulate
the security and privacy control for managing personal information into the organizational
infrastructure. Considering the above discussion it has been noticed that the nominated
organization offers the services to the Government of Australia which indicates that it is one
of the most sensitive field where, there is a huge necessity to maintain data privacy (Basu et
al., 2018). Followed by the above mentioned objectives, according to the Privacy Act 1988
the organization needs to manage their personal data in such way that each of the information
are well categorized as well as the collected information should be gather in a structured
manner. Followed by this aspect it has been also noticed that it is also essential to incorporate
effective information management system which will help to effectively manage and process
the information due to which it will offer the capability of maintaining, retrieving as well as
organizing the organization’s data (Bhushan & Gupta 2017).
Collection and Management of solicited personal information:
Followed by the above mentioned aspects it has been noticed that in the operational
field of any organization which works with the real time customer data, it is essential to
implement effective data collection and management policy which will help to enhance the
services of the organization and will help to reduce the risk factors as well. Those strategic
cloud computing in the nominated organizational infrastructure, several security and privacy
issues has been raised which holds significant negative impact on the services of the
organization. Considering those identified security and privacy issues a detail elaboration
related to the regulation with the purpose to develop an effective privacy strategy in
mentioned below:-
Management of Personal Information-
In order to provide security and privacy to the personal information of the
organization Department of Administrative Service it has been noticed that there is a huge
necessity of incorporating effective information security control with the purpose to regulate
the security and privacy control for managing personal information into the organizational
infrastructure. Considering the above discussion it has been noticed that the nominated
organization offers the services to the Government of Australia which indicates that it is one
of the most sensitive field where, there is a huge necessity to maintain data privacy (Basu et
al., 2018). Followed by the above mentioned objectives, according to the Privacy Act 1988
the organization needs to manage their personal data in such way that each of the information
are well categorized as well as the collected information should be gather in a structured
manner. Followed by this aspect it has been also noticed that it is also essential to incorporate
effective information management system which will help to effectively manage and process
the information due to which it will offer the capability of maintaining, retrieving as well as
organizing the organization’s data (Bhushan & Gupta 2017).
Collection and Management of solicited personal information:
Followed by the above mentioned aspects it has been noticed that in the operational
field of any organization which works with the real time customer data, it is essential to
implement effective data collection and management policy which will help to enhance the
services of the organization and will help to reduce the risk factors as well. Those strategic
5Cloud Security and Privacy Policy
policies includes the awareness while collecting data from the customers. While describing
this aspect it has been noticed that there is a huge necessity of collecting the data from the
users with the user consent as it is not ethically right to gather personal information without
the consent of the owner. Followed by this it needs to provide the detail about the information
management process in which it will perform the data analysis as well. Since, analysis of
personal data may significantly harm the privacy of the user thus, it is essential to inform the
user about the information management process.
Use and Disclosure of Personal Information:
Followed by the above discussion it has been noticed that the gather information will
be shared to the government of Australia for further processing which will then utilize those
information for enhancing their services which will impact on enhancing the quality of the
services. Considering these usage of the gathered information it has been noticed that the
personal information of the individual should not disclosed until and unless few specific
situation occurs which includes if any organization is sharing any personal information of any
individual it is highly essential for the organization to inform the individual about the
information sharing, along with this the mentioned concern should be protected in a
documentation in case of any further query (Elzamly et al., 2017). Followed by this the
disclosure of information needs to be as per the government law. Along with the above
specifications the disclosure must be agreed by the government regulation and in case of any
violation occurs there should be penalty as well.
Use and Security of Digital Identities:
Digital identity is nothing but an identity which is adopted by a cyberspace in order to
identify an individual, device or any organization. Followed by this aspect it has been noticed
the digital identities are used to identify authenticate devices, individuals as well as the
policies includes the awareness while collecting data from the customers. While describing
this aspect it has been noticed that there is a huge necessity of collecting the data from the
users with the user consent as it is not ethically right to gather personal information without
the consent of the owner. Followed by this it needs to provide the detail about the information
management process in which it will perform the data analysis as well. Since, analysis of
personal data may significantly harm the privacy of the user thus, it is essential to inform the
user about the information management process.
Use and Disclosure of Personal Information:
Followed by the above discussion it has been noticed that the gather information will
be shared to the government of Australia for further processing which will then utilize those
information for enhancing their services which will impact on enhancing the quality of the
services. Considering these usage of the gathered information it has been noticed that the
personal information of the individual should not disclosed until and unless few specific
situation occurs which includes if any organization is sharing any personal information of any
individual it is highly essential for the organization to inform the individual about the
information sharing, along with this the mentioned concern should be protected in a
documentation in case of any further query (Elzamly et al., 2017). Followed by this the
disclosure of information needs to be as per the government law. Along with the above
specifications the disclosure must be agreed by the government regulation and in case of any
violation occurs there should be penalty as well.
Use and Security of Digital Identities:
Digital identity is nothing but an identity which is adopted by a cyberspace in order to
identify an individual, device or any organization. Followed by this aspect it has been noticed
the digital identities are used to identify authenticate devices, individuals as well as the
6Cloud Security and Privacy Policy
organizations. However, along with this scenario there should be effective strategic policy to
utilize and provide security to the digital identities. In order to establish effective security
policies it is essential to have an authorized organization which will gather the digital
identities, along with that there should be effective improvement of the encryption
technology which will provide protection to the identities. Along with this effective
supervision is also necessary to protect the digital identities within the organization.
Security of personal Information:
Followed by the purpose to enable effective policy for ensuring security of the
personal data with is the organization it is essential to considering the aspects of data
confidentiality, integrity as well as the accessibility of the information that are present in the
organization. Hence, in order to protect the personal data effective safeguards needs to be
incorporated which will enable physical data protection measures, technical data protection
measures as well as the administrative measures (Gou, Yamaguchi & Gupta 2017). These
measures will protect the personal information from unauthorized access.
Access to personal Information:
Followed by the above mentioned strategies it is also essential for the organization to
enable effective access control protocols within the organizations infrastructure in order to
maintain efficient data accessibility for the users. Hence, with the purpose to enable the above
mentioned measures it should incorporate the Role based Access control policy within the
organization (Hussain et al., 2017).
Quality and correction of personal information:
Followed by the above mentioned aspect it is also essential to address issues
regarding the quality and the correction of the personal data with effective strategies in which
it will allow the authority to investigate the information and analyze the accuracy as well as
organizations. However, along with this scenario there should be effective strategic policy to
utilize and provide security to the digital identities. In order to establish effective security
policies it is essential to have an authorized organization which will gather the digital
identities, along with that there should be effective improvement of the encryption
technology which will provide protection to the identities. Along with this effective
supervision is also necessary to protect the digital identities within the organization.
Security of personal Information:
Followed by the purpose to enable effective policy for ensuring security of the
personal data with is the organization it is essential to considering the aspects of data
confidentiality, integrity as well as the accessibility of the information that are present in the
organization. Hence, in order to protect the personal data effective safeguards needs to be
incorporated which will enable physical data protection measures, technical data protection
measures as well as the administrative measures (Gou, Yamaguchi & Gupta 2017). These
measures will protect the personal information from unauthorized access.
Access to personal Information:
Followed by the above mentioned strategies it is also essential for the organization to
enable effective access control protocols within the organizations infrastructure in order to
maintain efficient data accessibility for the users. Hence, with the purpose to enable the above
mentioned measures it should incorporate the Role based Access control policy within the
organization (Hussain et al., 2017).
Quality and correction of personal information:
Followed by the above mentioned aspect it is also essential to address issues
regarding the quality and the correction of the personal data with effective strategies in which
it will allow the authority to investigate the information and analyze the accuracy as well as
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7Cloud Security and Privacy Policy
the relevance of the gathered data in order to make sure that the collected data is correct and
relevant (Hussein & Khalid 2016).
Recommended Controls:
In this discussion it will briefly elaborate how the application of effective information
control measures will enhance the security and privacy of nominated organization. Followed
by this discussion it will now provide a detail elaboration on the mitigation approaches which
will be helpful to address the identified limitations in the working services of the Automatic
Face Recognition Authentication (AFRA) System. Those mitigation approaches are listed
below:
ï‚· Since, in the first place it has been noticed that less effective communication process as
well as the complexity of the approached system is causing significant problem which is
causing huge impact on the services of the AFRA system. Hence, after analysing the
aspects of the mentioned limitations it is recommended to incorporate effective
surveillance detectors which will provide effective coverage to detect the issues related to
the complexity present in the current surveillance issues. Followed by this it also requires
to incorporate effective communication system within the AFRA system to communicate
with the users as well.
ï‚· Along with the above identified problem it has been also noticed that there is a significant
problem present related to the storage issues in which it is mentioned that in AFRA
storage issue is one of the most impactful as there is a huge necessity of large scale data
storage for the mentioned system. Thus, it is recommended to incorporate the cloud
computing infrastructure as cloud storage offers large scalability as well as it offers
effective data management features. Hence, it can be stated that it will be very effective to
mitigate the mentioned limitation.
the relevance of the gathered data in order to make sure that the collected data is correct and
relevant (Hussein & Khalid 2016).
Recommended Controls:
In this discussion it will briefly elaborate how the application of effective information
control measures will enhance the security and privacy of nominated organization. Followed
by this discussion it will now provide a detail elaboration on the mitigation approaches which
will be helpful to address the identified limitations in the working services of the Automatic
Face Recognition Authentication (AFRA) System. Those mitigation approaches are listed
below:
ï‚· Since, in the first place it has been noticed that less effective communication process as
well as the complexity of the approached system is causing significant problem which is
causing huge impact on the services of the AFRA system. Hence, after analysing the
aspects of the mentioned limitations it is recommended to incorporate effective
surveillance detectors which will provide effective coverage to detect the issues related to
the complexity present in the current surveillance issues. Followed by this it also requires
to incorporate effective communication system within the AFRA system to communicate
with the users as well.
ï‚· Along with the above identified problem it has been also noticed that there is a significant
problem present related to the storage issues in which it is mentioned that in AFRA
storage issue is one of the most impactful as there is a huge necessity of large scale data
storage for the mentioned system. Thus, it is recommended to incorporate the cloud
computing infrastructure as cloud storage offers large scalability as well as it offers
effective data management features. Hence, it can be stated that it will be very effective to
mitigate the mentioned limitation.
8Cloud Security and Privacy Policy
ï‚· Since, it has been also observed high implementation cost is also a significant problem
present it is recommended to utilize integrated surveillance systems as well as the cloud
computing infrastructure which will significantly reduce the cost of the implementation of
AFRA as cloud computing is on paid services thus, the organization will only pay the
prize what they are using. Along with that it will also impact the expenses of AFRA.
ï‚· Followed by the above mentioned aspects it has been also noticed that there is a huge
limitation related to the data privacy within the AFRA system. Since, it has been noticed
that AFRA database consist of several personal data thus, it is recommended to implement
effective encryption process due to which it will be able to restrict the data breach. Along
with that incorporation of VPN will also help to reduce the identified risk factors.
ï‚· Hence, followed by the above mentioned aspect it has been also noticed that in the
operations of AFRA there is a significant risk present related to the personal data analysis.
Hence, it is recommended to enable the strategy in which it will inform the users about the
data processing and only after the approval of the user the personal data will be collected.
Implementation of Privacy Strategy-
Followed by the above identified limitations in the nominated technology AFRA, it is
now essential to implement effective privacy strategies within the organizations operations in
order to protect the privacy data to the organization as well as to maintain the privacy of the
users. Hence, considering this aspect it is suggested to AFRA to incorporate below mentioned
strategies:-
ï‚· Since, it has been noticed that in the AFRA system there is significant impact of less
effective communication system which is effecting the privacy of the nominated IT
system due to which a concern has been raised. In order to mitigate the identified
problem it is highly essential to incorporate effective communicate medium in order to
ï‚· Since, it has been also observed high implementation cost is also a significant problem
present it is recommended to utilize integrated surveillance systems as well as the cloud
computing infrastructure which will significantly reduce the cost of the implementation of
AFRA as cloud computing is on paid services thus, the organization will only pay the
prize what they are using. Along with that it will also impact the expenses of AFRA.
ï‚· Followed by the above mentioned aspects it has been also noticed that there is a huge
limitation related to the data privacy within the AFRA system. Since, it has been noticed
that AFRA database consist of several personal data thus, it is recommended to implement
effective encryption process due to which it will be able to restrict the data breach. Along
with that incorporation of VPN will also help to reduce the identified risk factors.
ï‚· Hence, followed by the above mentioned aspect it has been also noticed that in the
operations of AFRA there is a significant risk present related to the personal data analysis.
Hence, it is recommended to enable the strategy in which it will inform the users about the
data processing and only after the approval of the user the personal data will be collected.
Implementation of Privacy Strategy-
Followed by the above identified limitations in the nominated technology AFRA, it is
now essential to implement effective privacy strategies within the organizations operations in
order to protect the privacy data to the organization as well as to maintain the privacy of the
users. Hence, considering this aspect it is suggested to AFRA to incorporate below mentioned
strategies:-
ï‚· Since, it has been noticed that in the AFRA system there is significant impact of less
effective communication system which is effecting the privacy of the nominated IT
system due to which a concern has been raised. In order to mitigate the identified
problem it is highly essential to incorporate effective communicate medium in order to
9Cloud Security and Privacy Policy
enhance the interaction between the systems with the administrator. Follow by this
aspect it is recommended to adopt effective communication system for AFRA.
ï‚· Followed by this aspect it has been also noticed that storage is one of the most impactful
issues present in the system AFRA thus, it is essential to implement effective information
storage system due to which it is recommended to implement the feature of cloud
computing in order to enable the features of cloud into the AFRA system which will help
to enhance the operation of data storage. As AFRA needs to work by analysing the facial
expression which are inbuilt in the system database. Followed by this aspect it can be
stated that since this system may be used for high number of users there is a huge
necessity to incorporate effective as well as expandable storage. Considering this aspect
the application of Cloud storage will be appropriate as cloud offers the ability to expand
data storage as per their need of the organization. Along with that incorporation of cloud
will be cost effective as well.
ï‚· Considering the above mentioned implantation the approached strategy will included
effective compliance and supervision support as it will surely help to reduce the risk
related to the data misuse.
ï‚· Followed by this AFRA should appoint an Information Protection Officer (IPO) who will
look after the all of the data by forming necessary team which will provide effective
protection to the information of AFRA system.
ï‚· Followed by the above mentioned strategies the organization should also conduct an
awareness meeting in which it will discuss about the how the employ should work and
how they should utilize the organizational resources in order to mitigate the possibilities
of data vulnerability (Ijaz et al., 2016).
ï‚· Along with this it has been also noticed that there is a huge necessity to revise the data
analysis policy in which it needs to implement several clause related to providing the
enhance the interaction between the systems with the administrator. Follow by this
aspect it is recommended to adopt effective communication system for AFRA.
ï‚· Followed by this aspect it has been also noticed that storage is one of the most impactful
issues present in the system AFRA thus, it is essential to implement effective information
storage system due to which it is recommended to implement the feature of cloud
computing in order to enable the features of cloud into the AFRA system which will help
to enhance the operation of data storage. As AFRA needs to work by analysing the facial
expression which are inbuilt in the system database. Followed by this aspect it can be
stated that since this system may be used for high number of users there is a huge
necessity to incorporate effective as well as expandable storage. Considering this aspect
the application of Cloud storage will be appropriate as cloud offers the ability to expand
data storage as per their need of the organization. Along with that incorporation of cloud
will be cost effective as well.
ï‚· Considering the above mentioned implantation the approached strategy will included
effective compliance and supervision support as it will surely help to reduce the risk
related to the data misuse.
ï‚· Followed by this AFRA should appoint an Information Protection Officer (IPO) who will
look after the all of the data by forming necessary team which will provide effective
protection to the information of AFRA system.
ï‚· Followed by the above mentioned strategies the organization should also conduct an
awareness meeting in which it will discuss about the how the employ should work and
how they should utilize the organizational resources in order to mitigate the possibilities
of data vulnerability (Ijaz et al., 2016).
ï‚· Along with this it has been also noticed that there is a huge necessity to revise the data
analysis policy in which it needs to implement several clause related to providing the
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10Cloud Security and Privacy Policy
awareness of about the aspect of the data which are being gathered as well as which are
being analysed. The primary objective behind this strategy is to make sure that
information are being gathered and analysed after concerning with the owner of the
information.
ï‚· Along with the above strategy it should also include a strategy on data protection in
which it will control the data access. As controlling the data access can significantly
reduce that chance of data leakage.
ï‚· Effective firewall protection needs to be implemented with the purpose to detect and
prevent suspicious activities of the data server of AFRA as it will help to protect the
information from external threats.
ï‚· Along with this AFRA needs to adopt more effective encryption process in order to
protect the data from external threats.
Personal Data Protection of DAS:
Followed by the above discussion it has been noticed that in the Department of
Administrative services, there is a huge necessity to incorporate effective data protection
services into their infrastructure. Since, DAS has expressed interest towards converting their
organizational infrastructure into an advance one hence in this scope it has been noticed that
in order to develop that approached infrastructure it is very essential to implement advance IT
system. However, while investigating the features and application of the identified IT system
it has been noticed that those IT system has significant vulnerabilities which holds a huge
impact on the privacy of the organizational data. Considering this aspect a thorough
investigation has been conducted, based on that result a data protection strategy is mentioned
below:-
awareness of about the aspect of the data which are being gathered as well as which are
being analysed. The primary objective behind this strategy is to make sure that
information are being gathered and analysed after concerning with the owner of the
information.
ï‚· Along with the above strategy it should also include a strategy on data protection in
which it will control the data access. As controlling the data access can significantly
reduce that chance of data leakage.
ï‚· Effective firewall protection needs to be implemented with the purpose to detect and
prevent suspicious activities of the data server of AFRA as it will help to protect the
information from external threats.
ï‚· Along with this AFRA needs to adopt more effective encryption process in order to
protect the data from external threats.
Personal Data Protection of DAS:
Followed by the above discussion it has been noticed that in the Department of
Administrative services, there is a huge necessity to incorporate effective data protection
services into their infrastructure. Since, DAS has expressed interest towards converting their
organizational infrastructure into an advance one hence in this scope it has been noticed that
in order to develop that approached infrastructure it is very essential to implement advance IT
system. However, while investigating the features and application of the identified IT system
it has been noticed that those IT system has significant vulnerabilities which holds a huge
impact on the privacy of the organizational data. Considering this aspect a thorough
investigation has been conducted, based on that result a data protection strategy is mentioned
below:-
11Cloud Security and Privacy Policy
Personal Data Protect Strategy-
After analysing the case scenario it has been noticed that there is a significant
importance of implanting an effective data protection strategy in order to protect the
information of DAS. As after investigating the organizational operations it has been
determined that DAS will work with the personal data of individual, which will consist
several essential as well as sensitive data of the people. Considering the industrial growth it
has been noticed that since, DAS will be expand its services by implementing IT system
hence the vulnerabilities of personal data security is very high. While investigating this it has
been also noticed that there is huge risk present in the data protection if there is no such
policy to differentiate important data from the large set of data. Along with that outsourcing
of information will be enhance the security vulnerability. Followed by this aspect it has been
noticed that in order to protect the organizational data it is first essential to implement an
effective security standard to protect the personal data (Jouini & Rabai 2019). However,
studies has proven that personal information protection strategies are no limited to by
implementing IT technologies, rather this will work by modifying the organizational services,
stakeholders interference as well as the utilization of human resources. Considering the above
discussed aspect it is recommended to implement effective compliance and standards which
must hold the capabilities to incorporate government legislation. In the personal data
protection strategy it must include an awareness programme in which it will discuss about the
data protection procedure. Followed by this in DAS should revise their data protection policy
in which it must include detail regulation about the data which will be gathered in by DAS as
well as it will include the policy to structure sensitive data from the large set of collected data
(Khan 2016).
Personal Data Protect Strategy-
After analysing the case scenario it has been noticed that there is a significant
importance of implanting an effective data protection strategy in order to protect the
information of DAS. As after investigating the organizational operations it has been
determined that DAS will work with the personal data of individual, which will consist
several essential as well as sensitive data of the people. Considering the industrial growth it
has been noticed that since, DAS will be expand its services by implementing IT system
hence the vulnerabilities of personal data security is very high. While investigating this it has
been also noticed that there is huge risk present in the data protection if there is no such
policy to differentiate important data from the large set of data. Along with that outsourcing
of information will be enhance the security vulnerability. Followed by this aspect it has been
noticed that in order to protect the organizational data it is first essential to implement an
effective security standard to protect the personal data (Jouini & Rabai 2019). However,
studies has proven that personal information protection strategies are no limited to by
implementing IT technologies, rather this will work by modifying the organizational services,
stakeholders interference as well as the utilization of human resources. Considering the above
discussed aspect it is recommended to implement effective compliance and standards which
must hold the capabilities to incorporate government legislation. In the personal data
protection strategy it must include an awareness programme in which it will discuss about the
data protection procedure. Followed by this in DAS should revise their data protection policy
in which it must include detail regulation about the data which will be gathered in by DAS as
well as it will include the policy to structure sensitive data from the large set of collected data
(Khan 2016).
12Cloud Security and Privacy Policy
Authorised Access and Discloser of Personal Information-
Along with the above mentioned policies it has been also noticed that in order to
protect the personal data from the external threats there is a huge essentiality to ensure
effective access control policies in to the organizational data as well as to develop effective
data discloser policy. In order to develop the policies to enable effective authorised data
access control in the organizational structure as well as to implement policies on personal
information discloser it has been noticed that since, the higher authorities of DAS has
expressed their interest towards expending their organization by implementing cloud
computing feature into the organizational structure. While analysing the necessity of access
control in the cloud infrastructure it has been noticed that since cloud infrastructure will
convert DAS into a distributed system it will attract several threats that may impact the
preserved information. Hence, in this field it is very essential to apply access control policy
into the infrastructure. While investigating the mechanism of the access control policies it has
been noticed that the access control policies provides protection to the personal data of
individual by differentiating the access limit of each user which will help to reduce the
impact of unauthorized access of data. Followed by this aspect it is determined that there are
basically four types of access control present in the cloud infrastructure which includes the
attribute based access control, Role based access control, discretionary access control as well
as the mandatory access control (Khan & Al-Yasiri 2016). Hence, it is required to implement
access control policies based on the collected data. Along with the above strategy DAS
should also adopt the strategy which will restrict the information discloser limit. Hence, in
order to protect the personal data the information discloser policy must include the strategy in
which it will restrict the data accessibility of third party thus, in order to access those data
there it will required valid authorization from DAS (Kumari & Verma 2016).
Use of Personal Digital Identities-
Authorised Access and Discloser of Personal Information-
Along with the above mentioned policies it has been also noticed that in order to
protect the personal data from the external threats there is a huge essentiality to ensure
effective access control policies in to the organizational data as well as to develop effective
data discloser policy. In order to develop the policies to enable effective authorised data
access control in the organizational structure as well as to implement policies on personal
information discloser it has been noticed that since, the higher authorities of DAS has
expressed their interest towards expending their organization by implementing cloud
computing feature into the organizational structure. While analysing the necessity of access
control in the cloud infrastructure it has been noticed that since cloud infrastructure will
convert DAS into a distributed system it will attract several threats that may impact the
preserved information. Hence, in this field it is very essential to apply access control policy
into the infrastructure. While investigating the mechanism of the access control policies it has
been noticed that the access control policies provides protection to the personal data of
individual by differentiating the access limit of each user which will help to reduce the
impact of unauthorized access of data. Followed by this aspect it is determined that there are
basically four types of access control present in the cloud infrastructure which includes the
attribute based access control, Role based access control, discretionary access control as well
as the mandatory access control (Khan & Al-Yasiri 2016). Hence, it is required to implement
access control policies based on the collected data. Along with the above strategy DAS
should also adopt the strategy which will restrict the information discloser limit. Hence, in
order to protect the personal data the information discloser policy must include the strategy in
which it will restrict the data accessibility of third party thus, in order to access those data
there it will required valid authorization from DAS (Kumari & Verma 2016).
Use of Personal Digital Identities-
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13Cloud Security and Privacy Policy
Followed by the above mentioned strategies it has been also noticed that there is a
huge necessity of developing an effective strategy for digital identities. Considering the
current growth of technology as well as the expansion of the DAS infrastructure it has been
noticed that there in the working procedure of DAS face several significant problem related
to data protection as DAS will convert its database into a distributed system thus, safety of
digital identities are highly required. Digital identities are nothing but the verified identity
proof of an individual in which is available online. Hence, in the strategy to use personal
digital identity utilization regulation it must include the policy by which it share the digital
identities based on its relevance, essentiality as based on the role of the third party to whom
the information to being shared. Followed by this it will also include a regulation where it
will mention the purpose behind the utilization of the digital identities and the identities will
be used if and only if the user agree to share those information (Li et al., 2018). Hence, it is
suggested to implement these policies in order to protect the data which will be gathered for
organizational purpose.
Data Protection Control(s):
Followed by the organizational aspect of AFRA as well as the application of IT
system it has been suggested to implement the approached feature into the AFRA
infrastructure. Considering this aspect it has been noticed that since, the effective IT systems
are highly trending however, it consist several limitations related to the data privacy and
security of the information transaction which are performed in the organizational server.
Hence, before implementing effective data protection controls it has been decided to
investigate the security threats which will help to imply effective mitigation approaches for
identified security threats.
Followed by the above mentioned strategies it has been also noticed that there is a
huge necessity of developing an effective strategy for digital identities. Considering the
current growth of technology as well as the expansion of the DAS infrastructure it has been
noticed that there in the working procedure of DAS face several significant problem related
to data protection as DAS will convert its database into a distributed system thus, safety of
digital identities are highly required. Digital identities are nothing but the verified identity
proof of an individual in which is available online. Hence, in the strategy to use personal
digital identity utilization regulation it must include the policy by which it share the digital
identities based on its relevance, essentiality as based on the role of the third party to whom
the information to being shared. Followed by this it will also include a regulation where it
will mention the purpose behind the utilization of the digital identities and the identities will
be used if and only if the user agree to share those information (Li et al., 2018). Hence, it is
suggested to implement these policies in order to protect the data which will be gathered for
organizational purpose.
Data Protection Control(s):
Followed by the organizational aspect of AFRA as well as the application of IT
system it has been suggested to implement the approached feature into the AFRA
infrastructure. Considering this aspect it has been noticed that since, the effective IT systems
are highly trending however, it consist several limitations related to the data privacy and
security of the information transaction which are performed in the organizational server.
Hence, before implementing effective data protection controls it has been decided to
investigate the security threats which will help to imply effective mitigation approaches for
identified security threats.
14Cloud Security and Privacy Policy
Mitigation of data protection threats-
Followed by this aspect the identified risk related to the data protection is mention below:
ï‚· Data Breach- is one of the most significant information security threats that holds huge
impact on the services of the organization and data privacy concerns of cloud AFRA. As
in AFRA database a large data set is present in, the sensitive information are also stored in
that place. In case of any data loss or criminal attack the sensitive data will get into danger.
ï‚· Along with the above limitation there is a major risk present related to the hacking as it
has been identified from several research that due to appearance of hacking the
organizational security protocol may get affected and it may cause a significant impact on
the data protection as due to this the AFRA’s data can be stolen or can be destroyed
permanently (Maroc & Zhang 2019).
ï‚· Along with the above risk the organizational data security threats increases by the insider
threats which happens due to the activities of the employees with the IT assets of the
organization. Hence, it can be stated that it may attack harmful malicious attack.
ï‚· Unauthorised access it also one of the most significant security risk present in the AFRA
system structure due to which the information of user can be accessed by the hacker, that
will majorly harm the services of the organization as well as the privacy concern of the
users as well (Narula & Jain 2015).
ï‚· Along with the above mentioned limitations, data loss is one of the most harmful threats
that is identified in the case scenario. As in the cloud computing infrastructure in case of
any malicious attack or other data wipe the organisational data can be permanently destroy
the organization data which damages the reputation of the organization and the privacy of
the users as well (Pasquier et al., 2018).
After investigating the above mentioned limitation several data protection strategies has
been approached to develop. Those strategies are listed below:
Mitigation of data protection threats-
Followed by this aspect the identified risk related to the data protection is mention below:
ï‚· Data Breach- is one of the most significant information security threats that holds huge
impact on the services of the organization and data privacy concerns of cloud AFRA. As
in AFRA database a large data set is present in, the sensitive information are also stored in
that place. In case of any data loss or criminal attack the sensitive data will get into danger.
ï‚· Along with the above limitation there is a major risk present related to the hacking as it
has been identified from several research that due to appearance of hacking the
organizational security protocol may get affected and it may cause a significant impact on
the data protection as due to this the AFRA’s data can be stolen or can be destroyed
permanently (Maroc & Zhang 2019).
ï‚· Along with the above risk the organizational data security threats increases by the insider
threats which happens due to the activities of the employees with the IT assets of the
organization. Hence, it can be stated that it may attack harmful malicious attack.
ï‚· Unauthorised access it also one of the most significant security risk present in the AFRA
system structure due to which the information of user can be accessed by the hacker, that
will majorly harm the services of the organization as well as the privacy concern of the
users as well (Narula & Jain 2015).
ï‚· Along with the above mentioned limitations, data loss is one of the most harmful threats
that is identified in the case scenario. As in the cloud computing infrastructure in case of
any malicious attack or other data wipe the organisational data can be permanently destroy
the organization data which damages the reputation of the organization and the privacy of
the users as well (Pasquier et al., 2018).
After investigating the above mentioned limitation several data protection strategies has
been approached to develop. Those strategies are listed below:
15Cloud Security and Privacy Policy
ï‚· Considering the above listed limitations with the purpose to protect the information
transaction and data it is very essential to implement encryption process which will
proved effective protection to the organizational IT assets.
ï‚· Access control policies are also highly essential to protect the organization data which
will provide the restriction on data access with the purpose to reduce the data misuse.
ï‚· In the cloud computing infrastructure, it is very essential to implement effective
password policy which will significantly protect the organizational data.
ï‚· Along with the above strategy the organization must include such policy which must
consist the ability to restrict the misuse of the IT assets inside organization (Pasupuleti
et al., 2016).
ï‚· Followed by the above strategies it is also essential to implement effective employ
awareness policy in which it will provide the awareness on how the assets needs to be
utilized as well as the awareness related to not using the unauthorized links as well.
Hence, it can be stated that it will surely increase the employ awareness on data
security which will help to reduce the chances of data threats.
Implementation of Data Protection Strategy-
Followed by the above mentioned aspects it has been noticed that there are several
control strategy present in the data protection field which holds significant impact to reduce
the threats related to the data security. Those identified strategies includes the following
controls:
ï‚· Incorporation of effective access control policy which will help to protect the data from
unauthorised access. Considering the above discussion it is suggested to AFRA to
implement Role based access control and attribute based access control policy which will
provide data access based on the designation of the user (Puthal et al., 2015).
ï‚· Considering the above listed limitations with the purpose to protect the information
transaction and data it is very essential to implement encryption process which will
proved effective protection to the organizational IT assets.
ï‚· Access control policies are also highly essential to protect the organization data which
will provide the restriction on data access with the purpose to reduce the data misuse.
ï‚· In the cloud computing infrastructure, it is very essential to implement effective
password policy which will significantly protect the organizational data.
ï‚· Along with the above strategy the organization must include such policy which must
consist the ability to restrict the misuse of the IT assets inside organization (Pasupuleti
et al., 2016).
ï‚· Followed by the above strategies it is also essential to implement effective employ
awareness policy in which it will provide the awareness on how the assets needs to be
utilized as well as the awareness related to not using the unauthorized links as well.
Hence, it can be stated that it will surely increase the employ awareness on data
security which will help to reduce the chances of data threats.
Implementation of Data Protection Strategy-
Followed by the above mentioned aspects it has been noticed that there are several
control strategy present in the data protection field which holds significant impact to reduce
the threats related to the data security. Those identified strategies includes the following
controls:
ï‚· Incorporation of effective access control policy which will help to protect the data from
unauthorised access. Considering the above discussion it is suggested to AFRA to
implement Role based access control and attribute based access control policy which will
provide data access based on the designation of the user (Puthal et al., 2015).
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
16Cloud Security and Privacy Policy
ï‚· Effective implementation of firewall protection will help to reduce the external attack
which will provide protection to the AFRA’s IT assets.
ï‚· Along with this incorporation of the effective password protection policy will help to
protect the information present in the AFRA system (Rao et al., 2015).
ï‚· Followed by this it is also required to develop an security policy for the employ of the
organization which will consists the regulation related to provide awareness on the
utilization of IT systems and how they should use the internet for the AFRA
infrastructure. Incorporation of this policy will surely reduce the chances of malicious
external threats via the internet server.
ï‚· Along with the above strategies the organization must enable effective IDS and IPS
technology in order to monitor the organizational network activities as well as the will
help to prevent the organizational server from the external threats.
ï‚· Along with this incorporation of encryption process for data transaction will also help to
reduce the chances of data breach. Hence, it is recommended to adopt the encryption
technology for information transaction in the organizational structure (Rittinghouse &
Ransome 2017).
Conclusion:
After the above discussion it is mentioned in the above discussion it can be
summarised that this report was primarily based on the implementation of cloud computing in
the government organization. As it is mentioned in the case scenario that the department of
administrative service provides the several beneficial services to the government of Australia.
However, the government of Australia has expressed their interest towards enhancing the
services of the organization with the purpose to speed up the process of information
processing, data analysis as well as other services. Followed by these identified services there
are several services such as the tendering process, business contract and many more. Along
ï‚· Effective implementation of firewall protection will help to reduce the external attack
which will provide protection to the AFRA’s IT assets.
ï‚· Along with this incorporation of the effective password protection policy will help to
protect the information present in the AFRA system (Rao et al., 2015).
ï‚· Followed by this it is also required to develop an security policy for the employ of the
organization which will consists the regulation related to provide awareness on the
utilization of IT systems and how they should use the internet for the AFRA
infrastructure. Incorporation of this policy will surely reduce the chances of malicious
external threats via the internet server.
ï‚· Along with the above strategies the organization must enable effective IDS and IPS
technology in order to monitor the organizational network activities as well as the will
help to prevent the organizational server from the external threats.
ï‚· Along with this incorporation of encryption process for data transaction will also help to
reduce the chances of data breach. Hence, it is recommended to adopt the encryption
technology for information transaction in the organizational structure (Rittinghouse &
Ransome 2017).
Conclusion:
After the above discussion it is mentioned in the above discussion it can be
summarised that this report was primarily based on the implementation of cloud computing in
the government organization. As it is mentioned in the case scenario that the department of
administrative service provides the several beneficial services to the government of Australia.
However, the government of Australia has expressed their interest towards enhancing the
services of the organization with the purpose to speed up the process of information
processing, data analysis as well as other services. Followed by these identified services there
are several services such as the tendering process, business contract and many more. Along
17Cloud Security and Privacy Policy
with this services the administrative services has expressed their interest towards developing
a centralized database due to which the services of the organization will enhanced. In order to
implement this service the application of cloud computing has been suggested to incorporate
in the organizational structure. Followed by this aspect this paper has focused on the
implementation of the cloud infrastructure into the organizational structure. While analysing
the effectiveness of cloud computing into the suggested organizational services several
limitations are also being identified which holds significant impact on the services of the
organization. These identified limitations includes the data security and the privacy of the
data which includes the information transaction due to which there should be a significant
loss of the reputation of the organization and the data security of the users. Followed by this
aspect in this paper it has effectively elaborated the aspects of data privacy strategy
considering which in this paper it has developed a privacy strategy proposal which included
the strategies to manage the personal information within the organization. Strategy to gather
the personal information and manage the personal information. Along with this it has also
consist a detail elaboration on the strategy of utilizing policy of the discloser of personal
information as well as the policy related to the security of the digital identities of the people
present in Australia. Along with this the approached policy also consists a strategy in order to
control the data access and the integrity of the personal information. Along with the above
approached strategy it also consists a detail elaboration of the approached mitigation
strategies which are identified in the services of AFRA which is an automatic face
recognition system. Along with explaining the mitigation strategy related to maintain the
privacy of the data it has then explained the necessity of data protect in the public sectors.
Followed by this it has also consists a proposal for addressing the risk of data privacy in
which it will address the aspect of digital identity, personal data access as well as the data
protection. Considering the above finding it has then described a mitigation strategies for the
with this services the administrative services has expressed their interest towards developing
a centralized database due to which the services of the organization will enhanced. In order to
implement this service the application of cloud computing has been suggested to incorporate
in the organizational structure. Followed by this aspect this paper has focused on the
implementation of the cloud infrastructure into the organizational structure. While analysing
the effectiveness of cloud computing into the suggested organizational services several
limitations are also being identified which holds significant impact on the services of the
organization. These identified limitations includes the data security and the privacy of the
data which includes the information transaction due to which there should be a significant
loss of the reputation of the organization and the data security of the users. Followed by this
aspect in this paper it has effectively elaborated the aspects of data privacy strategy
considering which in this paper it has developed a privacy strategy proposal which included
the strategies to manage the personal information within the organization. Strategy to gather
the personal information and manage the personal information. Along with this it has also
consist a detail elaboration on the strategy of utilizing policy of the discloser of personal
information as well as the policy related to the security of the digital identities of the people
present in Australia. Along with this the approached policy also consists a strategy in order to
control the data access and the integrity of the personal information. Along with the above
approached strategy it also consists a detail elaboration of the approached mitigation
strategies which are identified in the services of AFRA which is an automatic face
recognition system. Along with explaining the mitigation strategy related to maintain the
privacy of the data it has then explained the necessity of data protect in the public sectors.
Followed by this it has also consists a proposal for addressing the risk of data privacy in
which it will address the aspect of digital identity, personal data access as well as the data
protection. Considering the above finding it has then described a mitigation strategies for the
18Cloud Security and Privacy Policy
identified data security threats. Along with analysing this it has then also provided a detail
elaboration of the most appropriate strategy which needs to implement with the purpose to
protect the personal data. Hence, it can be concluded that this paper has addressed all the
desired requirements.
Reference:
Alenezi, A., Zulkipli, N. H. N., Atlam, H. F., Walters, R. J., & Wills, G. B. (2017, April). The
impact of cloud forensic readiness on security. In International Conference on Cloud
Computing and Services Science (Vol. 2, pp. 539-545). Scitepress.
Aljawarneh, S. A., & Yassein, M. O. B. (2016). A conceptual security framework for cloud
computing issues. International Journal of Intelligent Information Technologies
(IJIIT), 12(2), 12-24.
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107. .
Basu, S., Bardhan, A., Gupta, K., Saha, P., Pal, M., Bose, M., ... & Sarkar, P. (2018, January).
Cloud computing security challenges & solutions-a survey. In 2018 IEEE 8th Annual
Computing and Communication Workshop and Conference (CCWC) (pp. 347-356).
IEEE.
identified data security threats. Along with analysing this it has then also provided a detail
elaboration of the most appropriate strategy which needs to implement with the purpose to
protect the personal data. Hence, it can be concluded that this paper has addressed all the
desired requirements.
Reference:
Alenezi, A., Zulkipli, N. H. N., Atlam, H. F., Walters, R. J., & Wills, G. B. (2017, April). The
impact of cloud forensic readiness on security. In International Conference on Cloud
Computing and Services Science (Vol. 2, pp. 539-545). Scitepress.
Aljawarneh, S. A., & Yassein, M. O. B. (2016). A conceptual security framework for cloud
computing issues. International Journal of Intelligent Information Technologies
(IJIIT), 12(2), 12-24.
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107. .
Basu, S., Bardhan, A., Gupta, K., Saha, P., Pal, M., Bose, M., ... & Sarkar, P. (2018, January).
Cloud computing security challenges & solutions-a survey. In 2018 IEEE 8th Annual
Computing and Communication Workshop and Conference (CCWC) (pp. 347-356).
IEEE.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
19Cloud Security and Privacy Policy
Bhushan, K., & Gupta, B. B. (2017). Security challenges in cloud computing: state-of-
art. International Journal of Big Data Intelligence, 4(2), 81-107.
Elzamly, A., Hussin, B., Abu-Naser, S. S., Shibutani, T., & Doheir, M. (2017). Predicting
Critical Cloud Computing Security Issues using Artificial Neural Network (ANNs)
Algorithms in Banking Organizations.
Gou, Z., Yamaguchi, S., & Gupta, B. B. (2017). Analysis of various security issues and
challenges in cloud computing environment: a survey. In Identity Theft:
Breakthroughs in Research and Practice (pp. 221-247). IGI Global.
Hussain, S. A., Fatima, M., Saeed, A., Raza, I., & Shahzad, R. K. (2017). Multilevel
classification of security concerns in cloud computing. Applied Computing and
Informatics, 13(1), 57-65.
Hussein, N. H., & Khalid, A. (2016). A survey of cloud computing security challenges and
solutions. International Journal of Computer Science and Information Security, 14(1),
52.
Ijaz, S., Shah, M. A., Khan, A., & Ahmed, M. (2016). Smart cities: A survey on security
concerns. International Journal of Advanced Computer Science and
Applications, 7(2), 612-625.
Jouini, M., & Rabai, L. B. A. (2019). A security framework for secure cloud computing
environments. In Cloud security: Concepts, methodologies, tools, and
applications (pp. 249-263). IGI Global.
Khan, M. A. (2016). A survey of security issues for cloud computing. Journal of network and
computer applications, 71, 11-29.
Bhushan, K., & Gupta, B. B. (2017). Security challenges in cloud computing: state-of-
art. International Journal of Big Data Intelligence, 4(2), 81-107.
Elzamly, A., Hussin, B., Abu-Naser, S. S., Shibutani, T., & Doheir, M. (2017). Predicting
Critical Cloud Computing Security Issues using Artificial Neural Network (ANNs)
Algorithms in Banking Organizations.
Gou, Z., Yamaguchi, S., & Gupta, B. B. (2017). Analysis of various security issues and
challenges in cloud computing environment: a survey. In Identity Theft:
Breakthroughs in Research and Practice (pp. 221-247). IGI Global.
Hussain, S. A., Fatima, M., Saeed, A., Raza, I., & Shahzad, R. K. (2017). Multilevel
classification of security concerns in cloud computing. Applied Computing and
Informatics, 13(1), 57-65.
Hussein, N. H., & Khalid, A. (2016). A survey of cloud computing security challenges and
solutions. International Journal of Computer Science and Information Security, 14(1),
52.
Ijaz, S., Shah, M. A., Khan, A., & Ahmed, M. (2016). Smart cities: A survey on security
concerns. International Journal of Advanced Computer Science and
Applications, 7(2), 612-625.
Jouini, M., & Rabai, L. B. A. (2019). A security framework for secure cloud computing
environments. In Cloud security: Concepts, methodologies, tools, and
applications (pp. 249-263). IGI Global.
Khan, M. A. (2016). A survey of security issues for cloud computing. Journal of network and
computer applications, 71, 11-29.
20Cloud Security and Privacy Policy
Khan, N., & Al-Yasiri, A. (2016). Identifying cloud security threats to strengthen cloud
computing adoption framework. Procedia Computer Science, 94, 485-490.
Kumari, S., & Verma, A. (2016). A Novel Methodology for Security and Privacy Protection
Issues of Data in Cloud Computing. International Journal of Engineering and
Management Research (IJEMR), 6(1), 158-163.
Li, J., Zhang, Y., Chen, X., & Xiang, Y. (2018). Secure attribute-based data sharing for
resource-limited users in cloud computing. Computers & Security, 72, 1-12.
Maroc, S., & Zhang, J. (2019, July). Comparative Analysis of Cloud Security Classifications,
Taxonomies, and Ontologies. In Proceedings of the 2019 International Conference on
Artificial Intelligence and Computer Science (pp. 666-672). ACM.
Narula, S., & Jain, A. (2015, February). Cloud computing security: Amazon web service.
In 2015 Fifth International Conference on Advanced Computing & Communication
Technologies (pp. 501-505). IEEE.
Pasquier, T., Singh, J., Powles, J., Eyers, D., Seltzer, M., & Bacon, J. (2018). Data
provenance to audit compliance with privacy policy in the Internet of
Things. Personal and Ubiquitous Computing, 22(2), 333-344.
Pasupuleti, S. K., Ramalingam, S., & Buyya, R. (2016). An efficient and secure privacy-
preserving approach for outsourced data of resource constrained mobile devices in
cloud computing. Journal of Network and Computer Applications, 64, 12-22.
Puthal, D., Sahoo, B. P. S., Mishra, S., & Swain, S. (2015, January). Cloud computing
features, issues, and challenges: a big picture. In 2015 International Conference on
Computational Intelligence and Networks (pp. 116-123). IEEE.
Khan, N., & Al-Yasiri, A. (2016). Identifying cloud security threats to strengthen cloud
computing adoption framework. Procedia Computer Science, 94, 485-490.
Kumari, S., & Verma, A. (2016). A Novel Methodology for Security and Privacy Protection
Issues of Data in Cloud Computing. International Journal of Engineering and
Management Research (IJEMR), 6(1), 158-163.
Li, J., Zhang, Y., Chen, X., & Xiang, Y. (2018). Secure attribute-based data sharing for
resource-limited users in cloud computing. Computers & Security, 72, 1-12.
Maroc, S., & Zhang, J. (2019, July). Comparative Analysis of Cloud Security Classifications,
Taxonomies, and Ontologies. In Proceedings of the 2019 International Conference on
Artificial Intelligence and Computer Science (pp. 666-672). ACM.
Narula, S., & Jain, A. (2015, February). Cloud computing security: Amazon web service.
In 2015 Fifth International Conference on Advanced Computing & Communication
Technologies (pp. 501-505). IEEE.
Pasquier, T., Singh, J., Powles, J., Eyers, D., Seltzer, M., & Bacon, J. (2018). Data
provenance to audit compliance with privacy policy in the Internet of
Things. Personal and Ubiquitous Computing, 22(2), 333-344.
Pasupuleti, S. K., Ramalingam, S., & Buyya, R. (2016). An efficient and secure privacy-
preserving approach for outsourced data of resource constrained mobile devices in
cloud computing. Journal of Network and Computer Applications, 64, 12-22.
Puthal, D., Sahoo, B. P. S., Mishra, S., & Swain, S. (2015, January). Cloud computing
features, issues, and challenges: a big picture. In 2015 International Conference on
Computational Intelligence and Networks (pp. 116-123). IEEE.
21Cloud Security and Privacy Policy
Rao, R. V., & Selvamani, K. (2015). Data security challenges and its solutions in cloud
computing. Procedia Computer Science, 48, 204-209.
Rittinghouse, J. W., & Ransome, J. F. (2017). Cloud computing: implementation,
management, and security. CRC press.
Bibliography:
Sabir, S. (2018). Security Issues in Cloud Computing and their Solutions: A
Review. INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE
AND APPLICATIONS, 9(11), 343-346.
Satyanarayanan, M. (2017). The emergence of edge computing. Computer, 50(1), 30-39.
Shaikh, R., & Sasikumar, M. (2015). Trust model for measuring security strength of cloud
computing service. Procedia Computer Science, 45, 380-389.
Shila, D. M., Shen, W., Cheng, Y., Tian, X., & Shen, X. S. (2016). AMCloud: Toward a
secure autonomic mobile ad hoc cloud computing system. IEEE Wireless
Communications, 24(2), 74-81.
Singh, S., Jeong, Y. S., & Park, J. H. (2016). A survey on cloud computing security: Issues,
threats, and solutions. Journal of Network and Computer Applications, 75, 200-222.
Rao, R. V., & Selvamani, K. (2015). Data security challenges and its solutions in cloud
computing. Procedia Computer Science, 48, 204-209.
Rittinghouse, J. W., & Ransome, J. F. (2017). Cloud computing: implementation,
management, and security. CRC press.
Bibliography:
Sabir, S. (2018). Security Issues in Cloud Computing and their Solutions: A
Review. INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE
AND APPLICATIONS, 9(11), 343-346.
Satyanarayanan, M. (2017). The emergence of edge computing. Computer, 50(1), 30-39.
Shaikh, R., & Sasikumar, M. (2015). Trust model for measuring security strength of cloud
computing service. Procedia Computer Science, 45, 380-389.
Shila, D. M., Shen, W., Cheng, Y., Tian, X., & Shen, X. S. (2016). AMCloud: Toward a
secure autonomic mobile ad hoc cloud computing system. IEEE Wireless
Communications, 24(2), 74-81.
Singh, S., Jeong, Y. S., & Park, J. H. (2016). A survey on cloud computing security: Issues,
threats, and solutions. Journal of Network and Computer Applications, 75, 200-222.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
22Cloud Security and Privacy Policy
Sookhak, M., Yu, F. R., Khan, M. K., Xiang, Y., & Buyya, R. (2017). Attribute-based data
access control in mobile cloud computing: Taxonomy and open issues. Future
Generation Computer Systems, 72, 273-287.
Tari, Z., Yi, X., Premarathne, U. S., Bertok, P., & Khalil, I. (2015). Security and privacy in
cloud computing: vision, trends, and challenges. IEEE Cloud Computing, 2(2), 30-38.
Xia, Z., Wang, X., Zhang, L., Qin, Z., Sun, X., & Ren, K. (2016). A privacy-preserving and
copy-deterrence content-based image retrieval scheme in cloud computing. IEEE
Transactions on Information Forensics and Security, 11(11), 2594-2608.
Yi, S., Qin, Z., & Li, Q. (2015, August). Security and privacy issues of fog computing: A
survey. In International conference on wireless algorithms, systems, and
applications (pp. 685-695). Springer, Cham.
Yi, S., Qin, Z., & Li, Q. (2015, August). Security and privacy issues of fog computing: A
survey. In International conference on wireless algorithms, systems, and
applications (pp. 685-695). Springer, Cham.
Yu, C. M., Gochhayat, S. P., Conti, M., & Lu, C. S. (2018). Privacy aware data deduplication
for side channel in cloud storage. IEEE Transactions on Cloud Computing.
Zhuo, G., Jia, Q., Guo, L., Li, M., & Li, P. (2016, April). Privacy-preserving verifiable data
aggregation and analysis for cloud-assisted mobile crowdsourcing. In IEEE
INFOCOM 2016-The 35th Annual IEEE International Conference on Computer
Communications (pp. 1-9). IEEE.
Sookhak, M., Yu, F. R., Khan, M. K., Xiang, Y., & Buyya, R. (2017). Attribute-based data
access control in mobile cloud computing: Taxonomy and open issues. Future
Generation Computer Systems, 72, 273-287.
Tari, Z., Yi, X., Premarathne, U. S., Bertok, P., & Khalil, I. (2015). Security and privacy in
cloud computing: vision, trends, and challenges. IEEE Cloud Computing, 2(2), 30-38.
Xia, Z., Wang, X., Zhang, L., Qin, Z., Sun, X., & Ren, K. (2016). A privacy-preserving and
copy-deterrence content-based image retrieval scheme in cloud computing. IEEE
Transactions on Information Forensics and Security, 11(11), 2594-2608.
Yi, S., Qin, Z., & Li, Q. (2015, August). Security and privacy issues of fog computing: A
survey. In International conference on wireless algorithms, systems, and
applications (pp. 685-695). Springer, Cham.
Yi, S., Qin, Z., & Li, Q. (2015, August). Security and privacy issues of fog computing: A
survey. In International conference on wireless algorithms, systems, and
applications (pp. 685-695). Springer, Cham.
Yu, C. M., Gochhayat, S. P., Conti, M., & Lu, C. S. (2018). Privacy aware data deduplication
for side channel in cloud storage. IEEE Transactions on Cloud Computing.
Zhuo, G., Jia, Q., Guo, L., Li, M., & Li, P. (2016, April). Privacy-preserving verifiable data
aggregation and analysis for cloud-assisted mobile crowdsourcing. In IEEE
INFOCOM 2016-The 35th Annual IEEE International Conference on Computer
Communications (pp. 1-9). IEEE.
23Cloud Security and Privacy Policy
24Cloud Security and Privacy Policy
1 out of 25
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.