SlideShare une entreprise Scribd logo

Challenges of IP protection in era of cloud computing

Télécharger en tant que DOCX, PDF
Brandix India Apparel City Pvt Ltd.
Brandix India Apparel City Pvt Ltd.

Challenges of IP protection in era of cloud computing

Formation
1  sur  22
Assignment - 2 Challenges of IP protection in era of cloud computing Submitted by Mohammed Naseer Khan (1226114117) Submitted to Dr. Lakshmi Priya. A Faculty Gitam School of International Business
1. Introduction:- A new generation of technology is transforming the world of computing. Internet- based data storage and services—also known as “cloud computing”—are rapidly emerging to complement the traditional model of software running and data being stored on desktop PCs and servers. In simple terms, cloud computing is a way to enhance computing experiences by enabling users to access software applications and data that are stored at off-site datacenters rather than on the user’s own device or PC or at an organization’s on-site datacenter. E-mail, instant messaging, business software, and Web content management are among the many applications that may be offered via a cloud environment. Many of these applications have been offered remotely over the Internet for a number of years, which means that cloud computing might not feel markedly different from the current Web for most users. (Technical readers will rightly cite a number of distinct attributes—including scalability, flexibility, and resource pooling—as key differentiators of the cloud. These types of technical attributes will not be addressed here because they are outside the scope of this document.) Cloud computing does raise a number of important policy questions concerning how people, organizations, and governments handle information and interactions in this environment. However, with regard to most data privacy questions as well as the perspective of typical users, cloud computing reflects the evolution of the Internet computing experiences we have long enjoyed, rather than a revolution. Microsoft recognizes that privacy protections are essential to building the customer trust needed for cloud computing and the Internet to reach their full potential. Customers also expect their data and applications stored in the cloud to remain private and secure. While the challenges of providing security and privacy are evolving along with the cloud, the underlying principles haven’t changed—and Microsoft remains committed to those principles.
We work to build secure systems and datacenters that help us protect individuals’ privacy, and we adhere to clear, responsible privacy policies in our business practices—from software development through service delivery, operation, and support. Enterprise customers typically approach cloud computing with a predefined data management strategy, and they use that strategy as a foundation to assess whether a given service offering meets their specific needs. As a result, privacy protections might vary in different business contexts. This is not new or unique to the cloud environment. Ultimately, we expect the technology industry, consumers, and governments to agree on baseline privacy practices that span industries and countries. As that consensus view evolves, Microsoft will remain an active voice in the discussion—drawing on our extensive experience and our commitment to helping create a safer, more secure Internet that enables free expression and commerce.
Cloud computing:“Cloud computing” refers to Internet-based computing that allows organizations to access a pool or network of computing resources that are owned and maintained by a third party via the Internet. Cloud computer user: A customer or user may be an individual, a business, a government agency or any other entity. Cloud service provider: An organization that offers a cloud computing service. A cloud provider may be an individual, a corporation or a business, a non- government agency or any other entity. Third party: A cloud service provider is one type of third party, which maintains information about or on behalf of another entity. Personal data: Privacy rules define the term "personal information" as any information that relates to a natural person, who either directly or indirectly, in combination with other information that is available or likely to be available to a corporate entity, is capable of identifying such a person. Privacy: It means free from the interference from others. Privacy control allows the person to maintain varying degrees of intimacy. It helps in protecting love, friendship and trust. 2. Review of Literature:- As noted in the Seminar of "Cloud Computing and the Future of Copyright Law" conducted by the General Administration of Press and Publication and the National Copyright Administration, cloud computing is leading information industry to a new stage. However, copyright protection confronted by this new technology remains inadequate. "If you are enjoying such third-party information services as MySpace, Face book, Hotmail and Gmail, you have accessed cloud computing." Experts noted that a series of intellectual property issues will arise in cloud computing system. As for individuals, does it constitute copyright infringement when users do not purchase software but to download them? Will users get involved in the infringement of cloud service? As for companies, will it involve trade secrets as companies' information is stored in cloud terminals? Are users equal to companies upon the
security of cloud terminals? If cloud service is provided to related departments as required by the government, does it constitute disclosure of secrets? Cloud computing brings new opportunities to Internet industry, software industry and copyright industry, but also changes the licensing of software and digital works. Intellectual property issues, especially the problems on copyright, have thus become new challenges to the legal system, licensing, usage as well as the revision of copyright law. As a part of the 7th China (Shenzhen) International Cultural Industries Fair, the Seminar of Cloud Computing and the Future of Copyright Law as a communication platform for industrial circles and academic circles attracted a large number of domestic and foreign experts. They introduced the definition of cloud computing, discussed the copyright licensing and copyright protection under the current legal system and explored the implications for information network dissemination and cloud computing office. The rate of cyber crime / hacker attacks on cloud computing environment is on rise, and it consider to be the tempting play land for the hackers. A cloud is the combination of several heterogeneous entities and security of such an environment is very difficult. Numerous privacy issues like retention and destruction of data is also there. The cross border transition of data also presents another security issue as there is a difference in policies among different countries. IP Spoofing is another very serious security challenge for the cloud computing. The Virtual Machines (VM) are assigned an IP address and the hackers try to have these IP addresses of the VMs. In some cases it results in access to the confidential of the users. It is a fact that the user will be no more in control of its data once it is outsourced to the cloud environment. Apparently it is believed that no one is in a position to say anything about the data, where it will be stored, where it will be processed, and who has the right to access and who cannot. The customers of the cloud services have shown great concern on the security and the way to access the cloud computing environment. It is important for a Cloud Service Provider (CSP) to give surety to its user that the information stored on the cloud site is secure, safe and it cannot be accessible by unauthorized personnel. A cloud security framework which will trace the movement and processing of
information which are available for processing on the cloud, the system required that there should be a security capture device on the cloud. The functionality of the device will be to ensure the cloud user that their information is safe from any security threat or attack. Challenges and Best Practices for Cloud Computing:- Presently at all levels of the cloud computing platform, whether it is the network layer, web application layer or host layer there exist a corresponding security threat. Such types of security issues have been studies extensively by the professionals in the field of information security. Cloud computing security need to be focus on the analysis and providing solutions for cloud computing service computing model, dynamic virtualization management, and multi-tenant shared operational mode for data security and privacy protection [13]. The cloud customers (company) trust the Cloud Service Provider (CSP) when it outsource its sensitive data or run applications on a remote site of the CSP. The computer system will be vulnerable to inside threats, although by having the most sophisticated firewalls and computer security mechanism. Due to the dereliction in duty by internal staff, hacker attacks and system failures lead to a variety of risks to security mechanisms such as the data lose, cloud service providers assures users that their data is safe and protected. 3. Research methodology:- The following are the research questions addressed in this paper:  X how much is cloud computing adopted in IT sectors, government agencies, schools and colleges?  X How much is cloud computing emerging through the past few years in terms of new technological development?  X What are the applications and details regarding various services provided by companies based on cloud computing?  X Which cloud computing application has wide range of features and the best option for public use?  X How can hybrid cloud be utilized in large and medium scale industries?
This study is a qualitative and quantitative analysis of cloud computing and its adoption and application in various sectors of commercial firms. The research is a critical literature review based on secondary data. This paper emphasizes on summarizing the various facts including application of cloud computing in real- world model. Specifically, apart from reviewing studies that directly address cloud computing, this systematic review also covers general computing and IT journal papers, conference proceedings, books, industrial white papers, and technical reports. Adoption of cloud computing in various sectors and data analysis: - ™ Asian countries Cloud computing has proven to be a vast technological advancement in various industrial sectors [2]. But still there are various sectors which have left cloud computing untouched maybe due to the various technicalities associated with its usage. Given below is the statistics about the cloud computing and its usage in IT sectors. According to the data we can see that, there are various respondents who are gaining knowledge and exposure to cloud computing with their increasing experience in IT sectors. But the graph is abruptly decreasing at various places. This may be due to the extensive development in the cloud computing that the adoption took a bit of time along with its understanding.
The pie chart shows the variation between the IT professionals having wide knowledge and experience about cloud computing and those who are still new in this sector. The majority of respondents are located in western countries and the remaining 20% are from India. All respondents have international IT working experience of them had previously worked with clients in diverse manufacturing industries and service sectors. The bar chart indicates that the vast majority of the respondents have more than 4 years of IT industrial experience. A significant percentage of people have practical experience in cloud computing. Moreover, the pie chart indicates that the respondents, who do not have practical cloud experience, still have good knowledge about cloud computing or at least understand the basic concepts of this advanced IT model. Western counties:-Apart from the widespread technological developments in western countries, cloud computing has also risen up to a vast dimension including its broad usage in companies, schools and other government sectors.
This survey data represents the percentage of adoption of cloud computing in western countries. Among companies, small companies have adopted cloud computing the most. Among schools, elementary, middle and high schools have adopted cloud computing the most. Among government, federal government has adopted cloud computing the most. When the companies, schools, government and medical institutions are compared it is found that companies and other organizations have adopted cloud computing to a large extent. Cloud computing is adopted the least in medical institutions. This may be due to various reasons such as service reliability, data security, system users and other financial issues. Growing trend of cloud adoption: - Since the invention to the implementation, there has been a constant growth in cloud development and management. IT companies and other organizations are taking various steps to increase cloud computing techniques. Statistical data of cloud adoption in Indian organizations Most of the IT related organizations are situated in India, hence cloud computing was highly adopted in Indian organizations. There has been a significant increase in the percentage of companies using cloud computing in 2011 to those in 2012.
5. Principle of law:-
The above table demonstrates that India does not have an overarching privacy law. Nonetheless, the IT Amendment Act 2008 and the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules 2011 can protect personal data and regulate privacy issues of cloud computing or any other technology. Other legislation is also quite effective in providing solutions in related areas. However, India is still managing the protection of personal data with many pieces of legislation, which can lead to confusion for its citizens, corporate sectors, the government, as well as outsiders. Even Indian courts have not created any precedents relating to technology related privacy issues. The need for a privacy law in India At present India’s privacy-related jurisprudence is judicially derived from the fundamental rights set out in the Indian Constitution. All judgments have been delivered within the context of individuals’ rights to “physical privacy” against harassment by government authorities, although not against harassment by any private person. With increasing adoption of digitization in India, public and private sectors collect vast amount of personal data of an individual. Currently, there is no proper dedicated legal framework to protect personal data and privacy from misuse in either the public or the private sector. The Indian Unique Identification Number (UID)30 project, which deals with large amounts of biometric data and personal information and stores this information on a decentralized database, has no legal protection in India. On the other hand, India is an IT hub, managing Vibrant ITES, BPO and KPO projects
outsourced from abroad. Therefore, through these projects, India engages with personal information of foreign nationals and, in order to comply with international standards, India requires comprehensive legislation covering privacy and personal data protection, instead of the existing patchwork law structure. Personal data protection and privacy in the European Union The Organization for Economic Co-operation and Development (OECD) adopted Guidelines on the Protection of Privacy and Transborder Flows of Personal Data in 1980, but the fundamental principle of privacy in the European Union (EU) is set out in Article 8 of the European Convention on Human Rights, which states that “everyone has the right to respect for his private and family life, his home and his correspondence.” This right to privacy is not absolute, however, and can be restricted under certain circumstances.31 The original EU Data Protection Directive 95/46/EC (European Directive) was enacted in 1995.32 The European Directive and the e-privacy and electronic communications Directive 2002/58/EC, which covers data retention, are the main legal instruments covering privacy and the processing of personal data in Europe. 5. Land mark case laws in reference to the topic:- The Indian Information Technology Act, 2000 the development of electronic information systems in India enhanced awareness regarding the need to protect personal information. The Indian Information Technology Act (IT Act) came into force in 2000. The IT Act is based on Resolution A/RES/51/162 adopted by the General Assembly of the United Nations on 30 January 1997 and is related to the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce. This legislation deals primarily with electronic transactions and digital signatures. The primary scope of this Act is to regulate e- commerce and promote the IT sector. The IT Act does not deal with privacy. 7.2.2 Information Technology (Amendment) Act 2008 and Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, Information Technology (Intermediary Guidelines) 2011. The main laws regulating data privacy are the Information Technology (Amendment) Act 2008 (IT Act 2008) and Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules 2011 (IT Privacy Rules 2011). The concept of privacy was introduced in the IT Act 2008
through Section 43-A (compensation for failure to protect data) and Section 72-A (punishment for disclosure of information in breach of lawful contract). In 2011, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules Act was introduced. It extends the scope of section 43A of the IT Act and regulates the collection, disclosure and transfer of sensitive personal data. The IT Privacy Rules 2011 requires corporate entities, which collect, process and storing personal data, including sensitive personal information, to comply with certain procedures. It distinguishes “personal information” and “sensitive personal information” as defined below. According to IT Privacy Rules 2011, enacted under section 87(2) of the IT Act, which defines “sensitive personal data or information”, the following information is included:  Passwords  Financial information, such as bank account, credit or debit card, or other payment instrument details  Information regarding physical, physiological and mental health  Sexual orientation  Medical records and history  Biometric information (technologies that measure and analyze human body characteristics, such as “fingerprints”, “eye retinas and irises”, “voice patterns”, “facial patterns”, “hand measurements” and “DNA” for authentication purposes)  Any details relating to the above bullet points provided to the body corporate responsible for providing a service or for processing or storing data under a lawful contract, or otherwise. However, any information that is freely available in the public domain is not considered as sensitive personal data or information and is exempt from the above definitions, as set out by the 2005 Right to Information Act or any other law in force. The IT Privacy Rules 2011 distinguishes “personal information” and “sensitive personal information”, which were not previously included. The law requires that a corporate entity or the person on whose behalf it collects, stores and processes
personal data or information need to meet the “Reasonable Security Practices and Procedures”. Reasonable security practices: According to IT Privacy Rules 2011, “Reasonable Security Practices and Procedures” are considered satisfied if a body corporate has implemented security practices and standards and has comprehensively documented information security programmes and policies that are commensurate with the information assets being protected. The IT Privacy Rules 2011 also sets out that International standards (IS / ISO / IEC 27001) is one such standard (Standards) which could be implemented by a bodycorporate. If any industry association follows standards other than IS / ISO / IEC 27001 for data protection, they need to get their codes (Codes) approved by the Indian central government. Consent: The IT Privacy Rules 2011 states that any corporate entity or any person acting on its behalf, which collects sensitive personal information, must obtain written consent (through letter, email or fax) from the providers of that information. Collection and processing: Section 43-A of the IT Act defines “reasonable security practices and procedures” which states: “Where a body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, such a body corporate shall be liable to pay damages by way of compensation to the person so affected”. Data protection officer: IT Privacy Rules 2011 mandates that every corporate entity collecting sensitive personal information must appoint a grievance officer to address complaints relating to the processing of such information. The contact details of the grievance officer must be published on the corporate entity’s website. Data transfer: There are no specific rules regulating the transfer of data outside of India, but the data collector must obtain the consent of the provider of information to transfer the data to any other entity in India or to an entity abroad, providing the
other country ensures the same level of protection. However data can also be transferred by means of a data transfer agreement between two parties. This agreement should contain adequate indemnity provisions for third party breaches, clearly specify the end purpose of data processing (including a list of those with access to such data) and specify a mode of data transfer that is adequately secure and safe.26 Finally, it is the responsibility of the corporate entity to not transfer any sensitive personal information to another person or entity which does not maintain the same level of data protection as stipulated by the Act. Data breach notification law Data breach notification plays a very important role in the context of cloud computing services. Data may be processed or handled by third parties (subcontractors). In some instances, data may be misused by such third parties, causing the person providing the information harm, be it social harm, physical harm, significant humiliation or damage to reputation. 6. Analysis of the legalprinciple:- Government access to cloud computing data and implication for privacy One obstacle for the growth of cloud computing is government access to data in the cloud. Both cloud users and cloud service providers are struggling to understand when and how the government can access users’ data, which is processed and stored in the cloud. Governments need some degree of access to data for criminal (including cybercrime) investigations and for purposes of national security. But privacy and confidentiality are also important issues, so the burden to provide legal justification falls on the government. However, at present, the world’s Internet traffic is routed through the United States, and most online data is held there. In the USA, government access to online data was outlined in the Patriot Act 2001. The Electronic Communications Privacy Act (“ECPA”) regulates cloud data which is stored by cloud providers in most cases. However, data can be accessed by the government by means of a search warrant, an ECPA court order or a subpoena issued by the government to the cloud provider. In 2007, the US government enacted the “Protect America Act” which allows the government to access electronic data without a warrant. In 2008 the FISA amendment Act made the Prism Internet Surveillance Program (PRISM) technically legal by obliging private companies to enable the US intelligence agencies to access their data.35 Through NSA’s PRISM, the USA has accessed vast amounts of individuals’ private
communications, photographs, emails, voice traffic, file transfers, as well as social networking data from both domestic and foreign providers. This has raised major privacy and confidentiality concerns for customers of cloud-based services. Intellectual property (IP) rights issues arise in relation to copyright, trademark or patent law. A customer using a PaaS or SaaS cloud environment must be aware of a variety of IP rights questions that can occur in regard to data processing such as the required cloud software licenses or third party IP rights. Despite differing licensing and patent systems being employed around the world, the EU has clarified that "ideas and principles which underlie any element of a computer program, including those which underlie its interfaces, are not protected by copyright". This approach causes a conflict with patent laws in the US which allow for such a protection. So far the main cloud digital media providers (all US) have developed their own systems in order to protect them against infringement of their intellectual property. These so called Digital Rights Management (DRM) systems are imposed on all of their cloud users and essentially place the power to access a certain software or media in the cloud provider's hands. A good example for such a practice is the Amazon Kindle book reader. A customer only pays for the license to access a certain book electronically via a DRM system but does not own the book itself. When a cloud customer uses a cloud software solution which potentially is violating intellectual property rights the obligations and acts of each party must be closely analyzed. In doing so, pinpointing an exact location of an intellectual property breach is challenging as the processing can take place in one country, storage and transmission in another. Additionally, not only one infringing party may be involved but a variety of parties (cloud provider, server centers, software distributor), thus theoretically requiring an apportionment of the infringement. A possible solution would be to target the user of the cloud service being the infringer of the right and the cloud provider for inducing the infringement. However, proving a breach will be very hard to achieve, especially if the breach only involves components of software used in a cloud environment. Furthermore, the extent to which a cloud provider facilitates an IP infringement, either by supplying an on-demand self-service infrastructure to the customer or alternatively requiring human interaction before a service is rendered will be of significance in attributing liability. A similar approach is being taken by the European courts. In the L’Oreal/eBay case the court also emphasized that the platform provider's own
investigations into its customers usage must be taken into account but did not go so far as to impose a general monitoring obligation. Cloud software systems are closed off and generally cannot be traced backward, making a posterior assessment of an infringement impossible. Nevertheless, a cloud customer should ensure that it is granted a contractual indemnity for potential IP violations caused by the cloud provider's software. In addition to this fairly standard scenario where the cloud provider grants access to a standard software environment, customers often use open source software to meet their specific needs. This software is further refined (either by the customer or the provider) and adjusted precisely to the customer's specifications. A cloud provider could later use this "new" software and distribute it to its other customers whilst infringing the developing customer's IP rights. On the one side a customer should therefore carefully review its contracts to ascertain whether a right to use and further distribute the software is being granted to the cloud provider. On the other side a cloud customer might only want to gain short term access to specific individualized open source cloud software in order to acquire certain know how. Some cloud providers do not supply the licenses or software a customer requires to have implemented in its cloud environment. In such a situation the customer is responsible for obtaining the appropriate license or usage right. Acquiring such a right might not be as easy as it sounds. Most software providers have not yet fully developed their licensing systems for the cloud as the remuneration models and approaches differ widely. One can possibly calculate the license fee in a number of different ways such as through a fee per user, per utilized processor or per data set created. Asserting patent rights:- Let us consider an example where company A holds a patent that claims a method of adding two numbers and displaying a result (assuming such a thing would be patentable, of course!). In the traditional computing scenario, we would know exactly where the information is stored, and where the information is processed before displaying the result. Therefore, it would be easy to assert an infringement as it is possible to identify who is infringing by scanning hardware devices (because where the program is running is defined), and by reviewing the algorithms either manually or automatically (because where the data is stored is defined). Cloud computing services promise to provide on-demand resources, both processing and data storage. Cloud computing systems make this possible by
connecting multiple and distributed data centers on a need-basis. Sometimes the data centers that are connected need not be belonging to a single service provider, and therefore need not be even in a single country. To further compound the problem, cloud computing systems actually try to ensure that the location is not known in order to ensure secrecy of data. Therefore, it is possible that for an application hosted by a client, the data may be stored at one location, and execution may happen in another location depending on availability of resources. And, the two locations may be in two different countries. Now, coming back to the example, let us say that company B is infringing on the patent by way of executing the method claimed in the patent. If company B is hosting the infringing application in a traditional hosted service environment, it would be easy to prove that infringement actually happens by identifying the machine where the methods are executed, and by verifying the algorithm underlying the application. However, if the infringing application is operating in a cloud computing environment, it is extremely difficult for company A to investigate to check if infringement is happening indeed. For all we know, the storage of numbers in the aforementioned example could be on a cloud infrastructure with one service provider, and the execution of adding numbers could be happening on a cloud infrastructure with another service provider. And, the infrastructure controlled by the two service providers may be in different locations/countries. It will be interesting to see how technology and business models evolve in cloud computing space to accommodate these requirements. 7. Relatedcases:- Kharak Singh vs. the State of Uttar Pradesh (UP)22 In this case, the appellant was being harassed by the police under Regulation 236(b) of UP police regulations, which permit domiciliary visits at night. The Supreme Court found Regulation 236 unconstitutional and in violation of Article 21. It is true that the Indian constitution never expressly declares the “right to privacy” as part of fundamental rights, but the court concluded that Article 21 of the constitution includes the “right to privacy” as part of the right to “protection of life and personal liberty”. R. Rajagopal vs. the State of Tamil Nadu23 In this judgment, the court stated that “A citizen has a right to safeguard his privacy, the privacy of his family, marriage, procreation, motherhood, child
bearing and education among other matters. No one can publish anything concerning the above matters without his consent - whether truthful or otherwise and whether laudatory or critical. If he does so, he would be violating the right to privacy of the person concerned and would be liable in an action for damages”. People’s Union for Civil Liberties (PUCL) vs. Union of India 24 The Supreme Court ruled that the telephone tapping by the government under Statute 5(2) of the Telegraph Act (1885) amounts to the infraction of Article 21 of the Indian Constitution. The right to privacy is part of the right to “life” and “personal liberty” enshrined under Article 21 of the constitution. The said right cannot be curtailed “except according to procedure established by law”. The court wanted the right to privacy under Article 21 to be expounded consistently with Article 17 of the International Covenant on Civil and Political Rights. Naz Foundation vs. Govt. of NCT of Delhi25 The Delhi High Court judgment allows persons to develop human relations without the interference from the outside community or from the state. It states: “The right to privacy thus has been held to protect a ‘private space in which man may become and remain himself’”. However, all cases dealing with the right to privacy have been decided in the context of government actions that resulted in private citizens being denied their right to personal privacy. No privacy judgment has granted private citizens a right of action against the breach of privacy by another private citizen. To that extent, data protection and personal privacy jurisprudence in India is not yet developed. Nivedita Sharma vs. Bharti Tele Ventures, ICICI Bank Ltd, American Express Bank.
8. Conclusion:- In summary, the murkiness of the “cloud” has introduced interesting challenges to the IP system. While the technology evolves and the IP system makes necessary adjustments to counter challenges posed by the evolution, being aware of the associated risks and taking simple measures can help owners reduce risk exposure considerably. Client-plus-cloud computing offers enhanced choice, flexibility, operational efficiency and cost savings for businesses and consumers. To take full advantage of these benefits, users must be given reliable assurances regarding the privacy and security of their online data. In addition, a number of regulatory, jurisdictional, and public policy issues remain to be solved in order for online computing to thrive. Microsoft has been addressing many of these issues since 1994, when we delivered our first online services for consumers and enterprises. Our breadth of experience has shaped our company’s privacy principles, corporate privacy policy, product and service development, and overall business practices. These components anchor our commitment to maintaining the highest standards of privacy and security in our online services and to partnering with other industry leaders, governments, and consumer organizations to develop globally consistent privacy frameworks that enable the expansion of the economic and social value of cloud-based computing The status of data is gradually changing, and the Internet and cloud computing are making data the subject of “property, privacy and economic rights” for all individuals. There are many differences between traditional IT infrastructure and cloud computing. The benefits of cloud computing have led to many stakeholders moving their data and infrastructure into the virtual world, where one cannot find any rules and regulations to regulate their virtual assets. Technology has the same uniform implications for privacy and personal data protection, whereas the concept of privacy jurisprudence may differ from country to country. Privacy may be viewed from different angles: in the United States, data privacy is a matter of consumer law; in Europe, it is a fundamental right; in India there is no concept called “data privacy”, but the right to privacy is a part of the right to “life” and “personal liberty” enshrined in Article 21 of the Constitution. Technology, however, has the same implications for privacy around the world. Data moves around the globe within fractions of a second with the same security and privacy
risks, but countries around the world still create legal environments to regulate it. Most countries have attempted to patch available legislation, with India among them, while the rest of struggle in the absence of legal frameworks to protect personal data and privacy. This is the right time to set a “global standard” on data privacy. In the EU, data protection directives guide legislation relating to the protection of privacy and personal data, with the EU constantly trying to set a “global standard” law on data privacy. India does not have any guiding legislation, but it is moving toward a set of data protection and privacy laws. India requires a proper environment develop technology awareness, technology enablers, institutions to ensure standardization, expertise to set up cooperation between the government and corporate sectors, to establish a comprehensive legal system for future technologies.
9. References:- 1. http://blog.ipmetrix.com/2013/12/31/intellectual-property-in-the-clouded-era/ 2.http://ac.els-cdn.com/S1877050915005608/1-s2.0-S1877050915005608- main.pdf?_tid=066f40d2-886c-11e5-8d03- 00000aab0f26&acdnat=1447243505_feb87c298e834241e06f7777648aa9c9 3. Sultan Ullah, Zheng Xuefeng, “Cloud Computing: a Prologue”, International Journal of Advanced Research in Computer and Communication Engineering Vol – 1 No – 1, pp 01 – 04. 4.http://www.researchgate.net/publication/262049549_Implications_of_cloud_com puting_for_personal_data_protection_and_privacy_in_the_era_of_the_Cloud_An_ Indian_perspective 5. http://webjcli.org/article/view/303/418 6.http://www.rlpdp.com/wp-content/uploads/2014/10/Paper_Data- Protection_CC_IoT_BData_final-1.pdf 7. http://www.wanhuida.com/tabid/211/ArticleID/749/Default.aspx 8. Arun K Narasani, Founder/CEO. ipmetrix / December 31, 2013

Recommandé

B1802041217
B1802041217B1802041217
B1802041217
IOSR Journals
 
Security aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computingSecurity aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computing
SHREYASSRINATH94
 
Solutions of cloud computing security issues
Solutions of cloud computing security issuesSolutions of cloud computing security issues
Solutions of cloud computing security issues
Jahangeer Qadiree
 
Privacy Issues In Cloud Computing
Privacy Issues In Cloud ComputingPrivacy Issues In Cloud Computing
Privacy Issues In Cloud Computing
iosrjce
 
Introduction to cloud security
Introduction to cloud securityIntroduction to cloud security
Introduction to cloud security
IAEME Publication
 
INFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTINGINFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTING
ijitcs
 
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
csandit
 
Judicial Frameworks and Privacy Issues of Cloud Computing
Judicial Frameworks and Privacy Issues of Cloud ComputingJudicial Frameworks and Privacy Issues of Cloud Computing
Judicial Frameworks and Privacy Issues of Cloud Computing
International Journal of Science and Research (IJSR)
 

Recommandé

B1802041217
B1802041217B1802041217
B1802041217
IOSR Journals
 
Security aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computingSecurity aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computing
SHREYASSRINATH94
 
Solutions of cloud computing security issues
Solutions of cloud computing security issuesSolutions of cloud computing security issues
Solutions of cloud computing security issues
Jahangeer Qadiree
 
Privacy Issues In Cloud Computing
Privacy Issues In Cloud ComputingPrivacy Issues In Cloud Computing
Privacy Issues In Cloud Computing
iosrjce
 
Introduction to cloud security
Introduction to cloud securityIntroduction to cloud security
Introduction to cloud security
IAEME Publication
 
INFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTINGINFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTING
ijitcs
 
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
csandit
 
Judicial Frameworks and Privacy Issues of Cloud Computing
Judicial Frameworks and Privacy Issues of Cloud ComputingJudicial Frameworks and Privacy Issues of Cloud Computing
Judicial Frameworks and Privacy Issues of Cloud Computing
International Journal of Science and Research (IJSR)
 
B018211016
B018211016B018211016
B018211016
IOSR Journals
 
A survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniquesA survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniques
eSAT Publishing House
 
The Weakest Point of Security in IoT
The Weakest Point of Security in IoTThe Weakest Point of Security in IoT
The Weakest Point of Security in IoT
nsangary
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the Cloud
Kumar Goud
 
Eb31854857
Eb31854857Eb31854857
Eb31854857
IJERA Editor
 
Cloud computing technology security and trust challenges
Cloud computing technology security and trust challengesCloud computing technology security and trust challenges
Cloud computing technology security and trust challenges
ijsptm
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and Challenges
CSCJournals
 
Intro to cloud computing
Intro to cloud computingIntro to cloud computing
Intro to cloud computing
Kashif Bhatti
 
Project 3
Project 3Project 3
Project 3
Priyanka Goswami
 
Security and Privacy Issues of Fog Computing: A Survey
Security and Privacy Issues of Fog Computing: A SurveySecurity and Privacy Issues of Fog Computing: A Survey
Security and Privacy Issues of Fog Computing: A Survey
HarshitParkar6677
 
Secure One Time Password OTP Generation for user Authentication in Cloud Envi...
Secure One Time Password OTP Generation for user Authentication in Cloud Envi...Secure One Time Password OTP Generation for user Authentication in Cloud Envi...
Secure One Time Password OTP Generation for user Authentication in Cloud Envi...
ijtsrd
 
A Novel Framework to Improve Secure Digital Library at Cloud Environment
A Novel Framework to Improve Secure Digital Library at Cloud EnvironmentA Novel Framework to Improve Secure Digital Library at Cloud Environment
A Novel Framework to Improve Secure Digital Library at Cloud Environment
IJCSIS Research Publications
 
Reseach paper-mla-sample
Reseach paper-mla-sampleReseach paper-mla-sample
Reseach paper-mla-sample
Cheap Custom Writing
 
76 s201913
76 s20191376 s201913
76 s201913
IJRAT
 
SECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEY
SECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEYSECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEY
SECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEY
Editor Jacotech
 
A220113
A220113A220113
A220113
irjes
 
A Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust IssuesA Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust Issues
IJCSIS Research Publications
 
Cloud computing
Cloud computingCloud computing
Cloud computing
hundejibat
 
Winds of change from vendor lock in to the meta cloud
Winds of change from vendor lock in to the meta cloudWinds of change from vendor lock in to the meta cloud
Winds of change from vendor lock in to the meta cloud
Munisekhar Gunapati
 
2013 State of Cloud Survey SMB Results
2013 State of Cloud Survey SMB Results2013 State of Cloud Survey SMB Results
2013 State of Cloud Survey SMB Results
Symantec
 
Breaking through the Clouds
Breaking through the CloudsBreaking through the Clouds
Breaking through the Clouds
Andy Piper
 

Contenu connexe

Tendances

A survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniquesA survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniques
eSAT Publishing House
 
The Weakest Point of Security in IoT
The Weakest Point of Security in IoTThe Weakest Point of Security in IoT
The Weakest Point of Security in IoT
nsangary
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the Cloud
Kumar Goud
 
Cloud computing technology security and trust challenges
Cloud computing technology security and trust challengesCloud computing technology security and trust challenges
Cloud computing technology security and trust challenges
ijsptm
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and Challenges
CSCJournals
 
Secure One Time Password OTP Generation for user Authentication in Cloud Envi...
Secure One Time Password OTP Generation for user Authentication in Cloud Envi...Secure One Time Password OTP Generation for user Authentication in Cloud Envi...
Secure One Time Password OTP Generation for user Authentication in Cloud Envi...
ijtsrd
 
A Novel Framework to Improve Secure Digital Library at Cloud Environment
A Novel Framework to Improve Secure Digital Library at Cloud EnvironmentA Novel Framework to Improve Secure Digital Library at Cloud Environment
A Novel Framework to Improve Secure Digital Library at Cloud Environment
IJCSIS Research Publications
 
SECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEY
SECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEYSECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEY
SECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEY
Editor Jacotech
 
A220113
A220113A220113
A220113
irjes
 
A Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust IssuesA Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust Issues
IJCSIS Research Publications
 

Tendances (19)

B018211016
B018211016B018211016
B018211016
 
A survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniquesA survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniques
 
The Weakest Point of Security in IoT
The Weakest Point of Security in IoTThe Weakest Point of Security in IoT
The Weakest Point of Security in IoT
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the Cloud
 
Eb31854857
Eb31854857Eb31854857
Eb31854857
 
Cloud computing technology security and trust challenges
Cloud computing technology security and trust challengesCloud computing technology security and trust challenges
Cloud computing technology security and trust challenges
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and Challenges
 
Intro to cloud computing
Intro to cloud computingIntro to cloud computing
Intro to cloud computing
 
Project 3
Project 3Project 3
Project 3
 
Security and Privacy Issues of Fog Computing: A Survey
Security and Privacy Issues of Fog Computing: A SurveySecurity and Privacy Issues of Fog Computing: A Survey
Security and Privacy Issues of Fog Computing: A Survey
 
Secure One Time Password OTP Generation for user Authentication in Cloud Envi...
Secure One Time Password OTP Generation for user Authentication in Cloud Envi...Secure One Time Password OTP Generation for user Authentication in Cloud Envi...
Secure One Time Password OTP Generation for user Authentication in Cloud Envi...
 
A Novel Framework to Improve Secure Digital Library at Cloud Environment
A Novel Framework to Improve Secure Digital Library at Cloud EnvironmentA Novel Framework to Improve Secure Digital Library at Cloud Environment
A Novel Framework to Improve Secure Digital Library at Cloud Environment
 
Reseach paper-mla-sample
Reseach paper-mla-sampleReseach paper-mla-sample
Reseach paper-mla-sample
 
76 s201913
76 s20191376 s201913
76 s201913
 
SECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEY
SECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEYSECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEY
SECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEY
 
A220113
A220113A220113
A220113
 
A Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust IssuesA Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust Issues
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 

En vedette

Summer School Scale Cloud Across the Enterprise
Summer School Scale Cloud Across the EnterpriseSummer School Scale Cloud Across the Enterprise
Summer School Scale Cloud Across the Enterprise
WSO2
 
Simplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBsSimplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBs
Sun Digital, Inc.
 
Avoiding Cloud Outage
Avoiding Cloud OutageAvoiding Cloud Outage
Avoiding Cloud Outage
Nati Shalom
 
LinuxFest NW 2013: Hitchhiker's Guide to Open Source Cloud Computing
LinuxFest NW 2013: Hitchhiker's Guide to Open Source Cloud ComputingLinuxFest NW 2013: Hitchhiker's Guide to Open Source Cloud Computing
LinuxFest NW 2013: Hitchhiker's Guide to Open Source Cloud Computing
Mark Hinkle
 
Linthicum what is-the-true-future-of-cloud-computing
Linthicum what is-the-true-future-of-cloud-computingLinthicum what is-the-true-future-of-cloud-computing
Linthicum what is-the-true-future-of-cloud-computing
David Linthicum
 
Best Practices for Architecting in the Cloud - Jeff Barr
Best Practices for Architecting in the Cloud - Jeff BarrBest Practices for Architecting in the Cloud - Jeff Barr
Best Practices for Architecting in the Cloud - Jeff Barr
Amazon Web Services
 
The Total Cost of Ownership (TCO) of Web Applications in the AWS Cloud - Jine...
The Total Cost of Ownership (TCO) of Web Applications in the AWS Cloud - Jine...The Total Cost of Ownership (TCO) of Web Applications in the AWS Cloud - Jine...
The Total Cost of Ownership (TCO) of Web Applications in the AWS Cloud - Jine...
Amazon Web Services
 

En vedette (16)

Winds of change from vendor lock in to the meta cloud
Winds of change from vendor lock in to the meta cloudWinds of change from vendor lock in to the meta cloud
Winds of change from vendor lock in to the meta cloud
 
2013 State of Cloud Survey SMB Results
2013 State of Cloud Survey SMB Results2013 State of Cloud Survey SMB Results
2013 State of Cloud Survey SMB Results
 
Breaking through the Clouds
Breaking through the CloudsBreaking through the Clouds
Breaking through the Clouds
 
2013 Future of Cloud Computing - 3rd Annual Survey Results
2013 Future of Cloud Computing - 3rd Annual Survey Results2013 Future of Cloud Computing - 3rd Annual Survey Results
2013 Future of Cloud Computing - 3rd Annual Survey Results
 
Intro to cloud computing — MegaCOMM 2013, Jerusalem
Intro to cloud computing — MegaCOMM 2013, JerusalemIntro to cloud computing — MegaCOMM 2013, Jerusalem
Intro to cloud computing — MegaCOMM 2013, Jerusalem
 
Can we hack open source #cloud platforms to help reduce emissions?
Can we hack open source #cloud platforms to help reduce emissions?Can we hack open source #cloud platforms to help reduce emissions?
Can we hack open source #cloud platforms to help reduce emissions?
 
Summer School Scale Cloud Across the Enterprise
Summer School Scale Cloud Across the EnterpriseSummer School Scale Cloud Across the Enterprise
Summer School Scale Cloud Across the Enterprise
 
Simplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBsSimplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBs
 
Penetrating the Cloud: Opportunities & Challenges for Businesses
Penetrating the Cloud: Opportunities & Challenges for BusinessesPenetrating the Cloud: Opportunities & Challenges for Businesses
Penetrating the Cloud: Opportunities & Challenges for Businesses
 
The Inevitable Cloud Outage
The Inevitable Cloud OutageThe Inevitable Cloud Outage
The Inevitable Cloud Outage
 
Avoiding Cloud Outage
Avoiding Cloud OutageAvoiding Cloud Outage
Avoiding Cloud Outage
 
LinuxFest NW 2013: Hitchhiker's Guide to Open Source Cloud Computing
LinuxFest NW 2013: Hitchhiker's Guide to Open Source Cloud ComputingLinuxFest NW 2013: Hitchhiker's Guide to Open Source Cloud Computing
LinuxFest NW 2013: Hitchhiker's Guide to Open Source Cloud Computing
 
Delivering IaaS with Open Source Software
Delivering IaaS with Open Source SoftwareDelivering IaaS with Open Source Software
Delivering IaaS with Open Source Software
 
Linthicum what is-the-true-future-of-cloud-computing
Linthicum what is-the-true-future-of-cloud-computingLinthicum what is-the-true-future-of-cloud-computing
Linthicum what is-the-true-future-of-cloud-computing
 
Best Practices for Architecting in the Cloud - Jeff Barr
Best Practices for Architecting in the Cloud - Jeff BarrBest Practices for Architecting in the Cloud - Jeff Barr
Best Practices for Architecting in the Cloud - Jeff Barr
 
The Total Cost of Ownership (TCO) of Web Applications in the AWS Cloud - Jine...
The Total Cost of Ownership (TCO) of Web Applications in the AWS Cloud - Jine...The Total Cost of Ownership (TCO) of Web Applications in the AWS Cloud - Jine...
The Total Cost of Ownership (TCO) of Web Applications in the AWS Cloud - Jine...
 

Similaire à Challenges of IP protection in era of cloud computing

Discussion 1Cloud computing offers the ability to share informat
Discussion 1Cloud computing offers the ability to share informatDiscussion 1Cloud computing offers the ability to share informat
Discussion 1Cloud computing offers the ability to share informat
VinaOconner450
 
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A SurveyTrust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
inventionjournals
 
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
Zac Darcy
 
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Zac Darcy
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
Kresimir Popovic
 
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docxTrends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
willcoxjanay
 
Security threat issues and countermeasures in cloud computing
Security threat issues and countermeasures in cloud computingSecurity threat issues and countermeasures in cloud computing
Security threat issues and countermeasures in cloud computing
Jahangeer Qadiree
 
fog computing provide security to the data in cloud
fog computing provide security to the data in cloudfog computing provide security to the data in cloud
fog computing provide security to the data in cloud
priyanka reddy
 
Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...
csandit
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
cscpconf
 
SECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURESECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURE
acijjournal
 

Similaire à Challenges of IP protection in era of cloud computing (20)

Discussion 1Cloud computing offers the ability to share informat
Discussion 1Cloud computing offers the ability to share informatDiscussion 1Cloud computing offers the ability to share informat
Discussion 1Cloud computing offers the ability to share informat
 
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A SurveyTrust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
 
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
 
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
 
A study on_security_and_privacy_issues_o
A study on_security_and_privacy_issues_oA study on_security_and_privacy_issues_o
A study on_security_and_privacy_issues_o
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
 
G0314043
G0314043G0314043
G0314043
 
Ad4502189193
Ad4502189193Ad4502189193
Ad4502189193
 
SECURE DATA TRANSFER BASED ON CLOUD COMPUTING
SECURE DATA TRANSFER BASED ON CLOUD COMPUTINGSECURE DATA TRANSFER BASED ON CLOUD COMPUTING
SECURE DATA TRANSFER BASED ON CLOUD COMPUTING
 
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docxTrends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
 
Cloud Information Accountability Frameworks for Data Sharing in Cloud
Cloud Information Accountability Frameworks for Data Sharing in CloudCloud Information Accountability Frameworks for Data Sharing in Cloud
Cloud Information Accountability Frameworks for Data Sharing in Cloud
 
Security threat issues and countermeasures in cloud computing
Security threat issues and countermeasures in cloud computingSecurity threat issues and countermeasures in cloud computing
Security threat issues and countermeasures in cloud computing
 
Introduction to Cloud Computing and Cloud Infrastructure
Introduction to Cloud Computing and Cloud InfrastructureIntroduction to Cloud Computing and Cloud Infrastructure
Introduction to Cloud Computing and Cloud Infrastructure
 
htcia-5-2015
htcia-5-2015htcia-5-2015
htcia-5-2015
 
fog computing provide security to the data in cloud
fog computing provide security to the data in cloudfog computing provide security to the data in cloud
fog computing provide security to the data in cloud
 
Fog doc
Fog doc Fog doc
Fog doc
 
Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
 
B017660813
B017660813B017660813
B017660813
 
SECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURESECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURE
 

Plus de Brandix India Apparel City Pvt Ltd.

Plus de Brandix India Apparel City Pvt Ltd. (20)

Impact of gender and generational differences in Arab culture report
Impact of gender and generational differences in Arab culture report Impact of gender and generational differences in Arab culture report
Impact of gender and generational differences in Arab culture report
 
Disney in euro failure
Disney in euro failure Disney in euro failure
Disney in euro failure
 
Luxembourg caffe vergnano 1882 report
Luxembourg caffe vergnano 1882 reportLuxembourg caffe vergnano 1882 report
Luxembourg caffe vergnano 1882 report
 
caffe vergnano 1882 Luxembourg
caffe vergnano 1882 Luxembourg caffe vergnano 1882 Luxembourg
caffe vergnano 1882 Luxembourg
 
Impact of gender and generational differences in Arab culture
Impact of gender and generational differences in Arab culture Impact of gender and generational differences in Arab culture
Impact of gender and generational differences in Arab culture
 
Taxi service aggregation
Taxi service aggregationTaxi service aggregation
Taxi service aggregation
 
Role of 3rd party logistics in Haier warehouse Hyderabad
Role of 3rd party logistics in Haier warehouse Hyderabad Role of 3rd party logistics in Haier warehouse Hyderabad
Role of 3rd party logistics in Haier warehouse Hyderabad
 
GWE case study
GWE case study GWE case study
GWE case study
 
public vs private warehousing case study
public vs private warehousing case study public vs private warehousing case study
public vs private warehousing case study
 
Reckitt Benckiser (India) Ltd vs. Wyeth Limited Case study
Reckitt Benckiser (India) Ltd vs. Wyeth Limited Case studyReckitt Benckiser (India) Ltd vs. Wyeth Limited Case study
Reckitt Benckiser (India) Ltd vs. Wyeth Limited Case study
 
Porsche, Volkswagen and CSX Cars, Trains & Derivatives
Porsche, Volkswagen and CSX Cars, Trains & Derivatives Porsche, Volkswagen and CSX Cars, Trains & Derivatives
Porsche, Volkswagen and CSX Cars, Trains & Derivatives
 
Ben and jerry case study
Ben and jerry case study Ben and jerry case study
Ben and jerry case study
 
Rajarshi leadership and team work
Rajarshi leadership and team workRajarshi leadership and team work
Rajarshi leadership and team work
 
Enterprise risk management Hospitality
Enterprise risk management HospitalityEnterprise risk management Hospitality
Enterprise risk management Hospitality
 
New generation of warehousing systems operations
New generation of warehousing systems operationsNew generation of warehousing systems operations
New generation of warehousing systems operations
 
Measuring and evaluating port performance and productivity
Measuring and evaluating port performance and productivityMeasuring and evaluating port performance and productivity
Measuring and evaluating port performance and productivity
 
Fundamental and techincal analysis of crude oil
Fundamental and techincal analysis of crude oilFundamental and techincal analysis of crude oil
Fundamental and techincal analysis of crude oil
 
Supply chain and logistics issues of crude oil in india
Supply chain and logistics issues of crude oil in indiaSupply chain and logistics issues of crude oil in india
Supply chain and logistics issues of crude oil in india
 
Ikea human resources innovation practices case study
Ikea human resources innovation practices case study Ikea human resources innovation practices case study
Ikea human resources innovation practices case study
 
Pure helium Vs ONGC case study international law presentation
Pure helium Vs ONGC case study international law presentation Pure helium Vs ONGC case study international law presentation
Pure helium Vs ONGC case study international law presentation
 

Dernier

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 

Dernier (20)

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 

Challenges of IP protection in era of cloud computing

  • 1. Assignment - 2 Challenges of IP protection in era of cloud computing Submitted by Mohammed Naseer Khan (1226114117) Submitted to Dr. Lakshmi Priya. A Faculty Gitam School of International Business
  • 2. 1. Introduction:- A new generation of technology is transforming the world of computing. Internet- based data storage and services—also known as “cloud computing”—are rapidly emerging to complement the traditional model of software running and data being stored on desktop PCs and servers. In simple terms, cloud computing is a way to enhance computing experiences by enabling users to access software applications and data that are stored at off-site datacenters rather than on the user’s own device or PC or at an organization’s on-site datacenter. E-mail, instant messaging, business software, and Web content management are among the many applications that may be offered via a cloud environment. Many of these applications have been offered remotely over the Internet for a number of years, which means that cloud computing might not feel markedly different from the current Web for most users. (Technical readers will rightly cite a number of distinct attributes—including scalability, flexibility, and resource pooling—as key differentiators of the cloud. These types of technical attributes will not be addressed here because they are outside the scope of this document.) Cloud computing does raise a number of important policy questions concerning how people, organizations, and governments handle information and interactions in this environment. However, with regard to most data privacy questions as well as the perspective of typical users, cloud computing reflects the evolution of the Internet computing experiences we have long enjoyed, rather than a revolution. Microsoft recognizes that privacy protections are essential to building the customer trust needed for cloud computing and the Internet to reach their full potential. Customers also expect their data and applications stored in the cloud to remain private and secure. While the challenges of providing security and privacy are evolving along with the cloud, the underlying principles haven’t changed—and Microsoft remains committed to those principles.
  • 3. We work to build secure systems and datacenters that help us protect individuals’ privacy, and we adhere to clear, responsible privacy policies in our business practices—from software development through service delivery, operation, and support. Enterprise customers typically approach cloud computing with a predefined data management strategy, and they use that strategy as a foundation to assess whether a given service offering meets their specific needs. As a result, privacy protections might vary in different business contexts. This is not new or unique to the cloud environment. Ultimately, we expect the technology industry, consumers, and governments to agree on baseline privacy practices that span industries and countries. As that consensus view evolves, Microsoft will remain an active voice in the discussion—drawing on our extensive experience and our commitment to helping create a safer, more secure Internet that enables free expression and commerce.
  • 4. Cloud computing:“Cloud computing” refers to Internet-based computing that allows organizations to access a pool or network of computing resources that are owned and maintained by a third party via the Internet. Cloud computer user: A customer or user may be an individual, a business, a government agency or any other entity. Cloud service provider: An organization that offers a cloud computing service. A cloud provider may be an individual, a corporation or a business, a non- government agency or any other entity. Third party: A cloud service provider is one type of third party, which maintains information about or on behalf of another entity. Personal data: Privacy rules define the term "personal information" as any information that relates to a natural person, who either directly or indirectly, in combination with other information that is available or likely to be available to a corporate entity, is capable of identifying such a person. Privacy: It means free from the interference from others. Privacy control allows the person to maintain varying degrees of intimacy. It helps in protecting love, friendship and trust. 2. Review of Literature:- As noted in the Seminar of "Cloud Computing and the Future of Copyright Law" conducted by the General Administration of Press and Publication and the National Copyright Administration, cloud computing is leading information industry to a new stage. However, copyright protection confronted by this new technology remains inadequate. "If you are enjoying such third-party information services as MySpace, Face book, Hotmail and Gmail, you have accessed cloud computing." Experts noted that a series of intellectual property issues will arise in cloud computing system. As for individuals, does it constitute copyright infringement when users do not purchase software but to download them? Will users get involved in the infringement of cloud service? As for companies, will it involve trade secrets as companies' information is stored in cloud terminals? Are users equal to companies upon the
  • 5. security of cloud terminals? If cloud service is provided to related departments as required by the government, does it constitute disclosure of secrets? Cloud computing brings new opportunities to Internet industry, software industry and copyright industry, but also changes the licensing of software and digital works. Intellectual property issues, especially the problems on copyright, have thus become new challenges to the legal system, licensing, usage as well as the revision of copyright law. As a part of the 7th China (Shenzhen) International Cultural Industries Fair, the Seminar of Cloud Computing and the Future of Copyright Law as a communication platform for industrial circles and academic circles attracted a large number of domestic and foreign experts. They introduced the definition of cloud computing, discussed the copyright licensing and copyright protection under the current legal system and explored the implications for information network dissemination and cloud computing office. The rate of cyber crime / hacker attacks on cloud computing environment is on rise, and it consider to be the tempting play land for the hackers. A cloud is the combination of several heterogeneous entities and security of such an environment is very difficult. Numerous privacy issues like retention and destruction of data is also there. The cross border transition of data also presents another security issue as there is a difference in policies among different countries. IP Spoofing is another very serious security challenge for the cloud computing. The Virtual Machines (VM) are assigned an IP address and the hackers try to have these IP addresses of the VMs. In some cases it results in access to the confidential of the users. It is a fact that the user will be no more in control of its data once it is outsourced to the cloud environment. Apparently it is believed that no one is in a position to say anything about the data, where it will be stored, where it will be processed, and who has the right to access and who cannot. The customers of the cloud services have shown great concern on the security and the way to access the cloud computing environment. It is important for a Cloud Service Provider (CSP) to give surety to its user that the information stored on the cloud site is secure, safe and it cannot be accessible by unauthorized personnel. A cloud security framework which will trace the movement and processing of
  • 6. information which are available for processing on the cloud, the system required that there should be a security capture device on the cloud. The functionality of the device will be to ensure the cloud user that their information is safe from any security threat or attack. Challenges and Best Practices for Cloud Computing:- Presently at all levels of the cloud computing platform, whether it is the network layer, web application layer or host layer there exist a corresponding security threat. Such types of security issues have been studies extensively by the professionals in the field of information security. Cloud computing security need to be focus on the analysis and providing solutions for cloud computing service computing model, dynamic virtualization management, and multi-tenant shared operational mode for data security and privacy protection [13]. The cloud customers (company) trust the Cloud Service Provider (CSP) when it outsource its sensitive data or run applications on a remote site of the CSP. The computer system will be vulnerable to inside threats, although by having the most sophisticated firewalls and computer security mechanism. Due to the dereliction in duty by internal staff, hacker attacks and system failures lead to a variety of risks to security mechanisms such as the data lose, cloud service providers assures users that their data is safe and protected. 3. Research methodology:- The following are the research questions addressed in this paper:  X how much is cloud computing adopted in IT sectors, government agencies, schools and colleges?  X How much is cloud computing emerging through the past few years in terms of new technological development?  X What are the applications and details regarding various services provided by companies based on cloud computing?  X Which cloud computing application has wide range of features and the best option for public use?  X How can hybrid cloud be utilized in large and medium scale industries?
  • 7. This study is a qualitative and quantitative analysis of cloud computing and its adoption and application in various sectors of commercial firms. The research is a critical literature review based on secondary data. This paper emphasizes on summarizing the various facts including application of cloud computing in real- world model. Specifically, apart from reviewing studies that directly address cloud computing, this systematic review also covers general computing and IT journal papers, conference proceedings, books, industrial white papers, and technical reports. Adoption of cloud computing in various sectors and data analysis: - ™ Asian countries Cloud computing has proven to be a vast technological advancement in various industrial sectors [2]. But still there are various sectors which have left cloud computing untouched maybe due to the various technicalities associated with its usage. Given below is the statistics about the cloud computing and its usage in IT sectors. According to the data we can see that, there are various respondents who are gaining knowledge and exposure to cloud computing with their increasing experience in IT sectors. But the graph is abruptly decreasing at various places. This may be due to the extensive development in the cloud computing that the adoption took a bit of time along with its understanding.
  • 8. The pie chart shows the variation between the IT professionals having wide knowledge and experience about cloud computing and those who are still new in this sector. The majority of respondents are located in western countries and the remaining 20% are from India. All respondents have international IT working experience of them had previously worked with clients in diverse manufacturing industries and service sectors. The bar chart indicates that the vast majority of the respondents have more than 4 years of IT industrial experience. A significant percentage of people have practical experience in cloud computing. Moreover, the pie chart indicates that the respondents, who do not have practical cloud experience, still have good knowledge about cloud computing or at least understand the basic concepts of this advanced IT model. Western counties:-Apart from the widespread technological developments in western countries, cloud computing has also risen up to a vast dimension including its broad usage in companies, schools and other government sectors.
  • 9. This survey data represents the percentage of adoption of cloud computing in western countries. Among companies, small companies have adopted cloud computing the most. Among schools, elementary, middle and high schools have adopted cloud computing the most. Among government, federal government has adopted cloud computing the most. When the companies, schools, government and medical institutions are compared it is found that companies and other organizations have adopted cloud computing to a large extent. Cloud computing is adopted the least in medical institutions. This may be due to various reasons such as service reliability, data security, system users and other financial issues. Growing trend of cloud adoption: - Since the invention to the implementation, there has been a constant growth in cloud development and management. IT companies and other organizations are taking various steps to increase cloud computing techniques. Statistical data of cloud adoption in Indian organizations Most of the IT related organizations are situated in India, hence cloud computing was highly adopted in Indian organizations. There has been a significant increase in the percentage of companies using cloud computing in 2011 to those in 2012.
  • 11. The above table demonstrates that India does not have an overarching privacy law. Nonetheless, the IT Amendment Act 2008 and the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules 2011 can protect personal data and regulate privacy issues of cloud computing or any other technology. Other legislation is also quite effective in providing solutions in related areas. However, India is still managing the protection of personal data with many pieces of legislation, which can lead to confusion for its citizens, corporate sectors, the government, as well as outsiders. Even Indian courts have not created any precedents relating to technology related privacy issues. The need for a privacy law in India At present India’s privacy-related jurisprudence is judicially derived from the fundamental rights set out in the Indian Constitution. All judgments have been delivered within the context of individuals’ rights to “physical privacy” against harassment by government authorities, although not against harassment by any private person. With increasing adoption of digitization in India, public and private sectors collect vast amount of personal data of an individual. Currently, there is no proper dedicated legal framework to protect personal data and privacy from misuse in either the public or the private sector. The Indian Unique Identification Number (UID)30 project, which deals with large amounts of biometric data and personal information and stores this information on a decentralized database, has no legal protection in India. On the other hand, India is an IT hub, managing Vibrant ITES, BPO and KPO projects
  • 12. outsourced from abroad. Therefore, through these projects, India engages with personal information of foreign nationals and, in order to comply with international standards, India requires comprehensive legislation covering privacy and personal data protection, instead of the existing patchwork law structure. Personal data protection and privacy in the European Union The Organization for Economic Co-operation and Development (OECD) adopted Guidelines on the Protection of Privacy and Transborder Flows of Personal Data in 1980, but the fundamental principle of privacy in the European Union (EU) is set out in Article 8 of the European Convention on Human Rights, which states that “everyone has the right to respect for his private and family life, his home and his correspondence.” This right to privacy is not absolute, however, and can be restricted under certain circumstances.31 The original EU Data Protection Directive 95/46/EC (European Directive) was enacted in 1995.32 The European Directive and the e-privacy and electronic communications Directive 2002/58/EC, which covers data retention, are the main legal instruments covering privacy and the processing of personal data in Europe. 5. Land mark case laws in reference to the topic:- The Indian Information Technology Act, 2000 the development of electronic information systems in India enhanced awareness regarding the need to protect personal information. The Indian Information Technology Act (IT Act) came into force in 2000. The IT Act is based on Resolution A/RES/51/162 adopted by the General Assembly of the United Nations on 30 January 1997 and is related to the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce. This legislation deals primarily with electronic transactions and digital signatures. The primary scope of this Act is to regulate e- commerce and promote the IT sector. The IT Act does not deal with privacy. 7.2.2 Information Technology (Amendment) Act 2008 and Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, Information Technology (Intermediary Guidelines) 2011. The main laws regulating data privacy are the Information Technology (Amendment) Act 2008 (IT Act 2008) and Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules 2011 (IT Privacy Rules 2011). The concept of privacy was introduced in the IT Act 2008
  • 13. through Section 43-A (compensation for failure to protect data) and Section 72-A (punishment for disclosure of information in breach of lawful contract). In 2011, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules Act was introduced. It extends the scope of section 43A of the IT Act and regulates the collection, disclosure and transfer of sensitive personal data. The IT Privacy Rules 2011 requires corporate entities, which collect, process and storing personal data, including sensitive personal information, to comply with certain procedures. It distinguishes “personal information” and “sensitive personal information” as defined below. According to IT Privacy Rules 2011, enacted under section 87(2) of the IT Act, which defines “sensitive personal data or information”, the following information is included:  Passwords  Financial information, such as bank account, credit or debit card, or other payment instrument details  Information regarding physical, physiological and mental health  Sexual orientation  Medical records and history  Biometric information (technologies that measure and analyze human body characteristics, such as “fingerprints”, “eye retinas and irises”, “voice patterns”, “facial patterns”, “hand measurements” and “DNA” for authentication purposes)  Any details relating to the above bullet points provided to the body corporate responsible for providing a service or for processing or storing data under a lawful contract, or otherwise. However, any information that is freely available in the public domain is not considered as sensitive personal data or information and is exempt from the above definitions, as set out by the 2005 Right to Information Act or any other law in force. The IT Privacy Rules 2011 distinguishes “personal information” and “sensitive personal information”, which were not previously included. The law requires that a corporate entity or the person on whose behalf it collects, stores and processes
  • 14. personal data or information need to meet the “Reasonable Security Practices and Procedures”. Reasonable security practices: According to IT Privacy Rules 2011, “Reasonable Security Practices and Procedures” are considered satisfied if a body corporate has implemented security practices and standards and has comprehensively documented information security programmes and policies that are commensurate with the information assets being protected. The IT Privacy Rules 2011 also sets out that International standards (IS / ISO / IEC 27001) is one such standard (Standards) which could be implemented by a bodycorporate. If any industry association follows standards other than IS / ISO / IEC 27001 for data protection, they need to get their codes (Codes) approved by the Indian central government. Consent: The IT Privacy Rules 2011 states that any corporate entity or any person acting on its behalf, which collects sensitive personal information, must obtain written consent (through letter, email or fax) from the providers of that information. Collection and processing: Section 43-A of the IT Act defines “reasonable security practices and procedures” which states: “Where a body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, such a body corporate shall be liable to pay damages by way of compensation to the person so affected”. Data protection officer: IT Privacy Rules 2011 mandates that every corporate entity collecting sensitive personal information must appoint a grievance officer to address complaints relating to the processing of such information. The contact details of the grievance officer must be published on the corporate entity’s website. Data transfer: There are no specific rules regulating the transfer of data outside of India, but the data collector must obtain the consent of the provider of information to transfer the data to any other entity in India or to an entity abroad, providing the
  • 15. other country ensures the same level of protection. However data can also be transferred by means of a data transfer agreement between two parties. This agreement should contain adequate indemnity provisions for third party breaches, clearly specify the end purpose of data processing (including a list of those with access to such data) and specify a mode of data transfer that is adequately secure and safe.26 Finally, it is the responsibility of the corporate entity to not transfer any sensitive personal information to another person or entity which does not maintain the same level of data protection as stipulated by the Act. Data breach notification law Data breach notification plays a very important role in the context of cloud computing services. Data may be processed or handled by third parties (subcontractors). In some instances, data may be misused by such third parties, causing the person providing the information harm, be it social harm, physical harm, significant humiliation or damage to reputation. 6. Analysis of the legalprinciple:- Government access to cloud computing data and implication for privacy One obstacle for the growth of cloud computing is government access to data in the cloud. Both cloud users and cloud service providers are struggling to understand when and how the government can access users’ data, which is processed and stored in the cloud. Governments need some degree of access to data for criminal (including cybercrime) investigations and for purposes of national security. But privacy and confidentiality are also important issues, so the burden to provide legal justification falls on the government. However, at present, the world’s Internet traffic is routed through the United States, and most online data is held there. In the USA, government access to online data was outlined in the Patriot Act 2001. The Electronic Communications Privacy Act (“ECPA”) regulates cloud data which is stored by cloud providers in most cases. However, data can be accessed by the government by means of a search warrant, an ECPA court order or a subpoena issued by the government to the cloud provider. In 2007, the US government enacted the “Protect America Act” which allows the government to access electronic data without a warrant. In 2008 the FISA amendment Act made the Prism Internet Surveillance Program (PRISM) technically legal by obliging private companies to enable the US intelligence agencies to access their data.35 Through NSA’s PRISM, the USA has accessed vast amounts of individuals’ private
  • 16. communications, photographs, emails, voice traffic, file transfers, as well as social networking data from both domestic and foreign providers. This has raised major privacy and confidentiality concerns for customers of cloud-based services. Intellectual property (IP) rights issues arise in relation to copyright, trademark or patent law. A customer using a PaaS or SaaS cloud environment must be aware of a variety of IP rights questions that can occur in regard to data processing such as the required cloud software licenses or third party IP rights. Despite differing licensing and patent systems being employed around the world, the EU has clarified that "ideas and principles which underlie any element of a computer program, including those which underlie its interfaces, are not protected by copyright". This approach causes a conflict with patent laws in the US which allow for such a protection. So far the main cloud digital media providers (all US) have developed their own systems in order to protect them against infringement of their intellectual property. These so called Digital Rights Management (DRM) systems are imposed on all of their cloud users and essentially place the power to access a certain software or media in the cloud provider's hands. A good example for such a practice is the Amazon Kindle book reader. A customer only pays for the license to access a certain book electronically via a DRM system but does not own the book itself. When a cloud customer uses a cloud software solution which potentially is violating intellectual property rights the obligations and acts of each party must be closely analyzed. In doing so, pinpointing an exact location of an intellectual property breach is challenging as the processing can take place in one country, storage and transmission in another. Additionally, not only one infringing party may be involved but a variety of parties (cloud provider, server centers, software distributor), thus theoretically requiring an apportionment of the infringement. A possible solution would be to target the user of the cloud service being the infringer of the right and the cloud provider for inducing the infringement. However, proving a breach will be very hard to achieve, especially if the breach only involves components of software used in a cloud environment. Furthermore, the extent to which a cloud provider facilitates an IP infringement, either by supplying an on-demand self-service infrastructure to the customer or alternatively requiring human interaction before a service is rendered will be of significance in attributing liability. A similar approach is being taken by the European courts. In the L’Oreal/eBay case the court also emphasized that the platform provider's own
  • 17. investigations into its customers usage must be taken into account but did not go so far as to impose a general monitoring obligation. Cloud software systems are closed off and generally cannot be traced backward, making a posterior assessment of an infringement impossible. Nevertheless, a cloud customer should ensure that it is granted a contractual indemnity for potential IP violations caused by the cloud provider's software. In addition to this fairly standard scenario where the cloud provider grants access to a standard software environment, customers often use open source software to meet their specific needs. This software is further refined (either by the customer or the provider) and adjusted precisely to the customer's specifications. A cloud provider could later use this "new" software and distribute it to its other customers whilst infringing the developing customer's IP rights. On the one side a customer should therefore carefully review its contracts to ascertain whether a right to use and further distribute the software is being granted to the cloud provider. On the other side a cloud customer might only want to gain short term access to specific individualized open source cloud software in order to acquire certain know how. Some cloud providers do not supply the licenses or software a customer requires to have implemented in its cloud environment. In such a situation the customer is responsible for obtaining the appropriate license or usage right. Acquiring such a right might not be as easy as it sounds. Most software providers have not yet fully developed their licensing systems for the cloud as the remuneration models and approaches differ widely. One can possibly calculate the license fee in a number of different ways such as through a fee per user, per utilized processor or per data set created. Asserting patent rights:- Let us consider an example where company A holds a patent that claims a method of adding two numbers and displaying a result (assuming such a thing would be patentable, of course!). In the traditional computing scenario, we would know exactly where the information is stored, and where the information is processed before displaying the result. Therefore, it would be easy to assert an infringement as it is possible to identify who is infringing by scanning hardware devices (because where the program is running is defined), and by reviewing the algorithms either manually or automatically (because where the data is stored is defined). Cloud computing services promise to provide on-demand resources, both processing and data storage. Cloud computing systems make this possible by
  • 18. connecting multiple and distributed data centers on a need-basis. Sometimes the data centers that are connected need not be belonging to a single service provider, and therefore need not be even in a single country. To further compound the problem, cloud computing systems actually try to ensure that the location is not known in order to ensure secrecy of data. Therefore, it is possible that for an application hosted by a client, the data may be stored at one location, and execution may happen in another location depending on availability of resources. And, the two locations may be in two different countries. Now, coming back to the example, let us say that company B is infringing on the patent by way of executing the method claimed in the patent. If company B is hosting the infringing application in a traditional hosted service environment, it would be easy to prove that infringement actually happens by identifying the machine where the methods are executed, and by verifying the algorithm underlying the application. However, if the infringing application is operating in a cloud computing environment, it is extremely difficult for company A to investigate to check if infringement is happening indeed. For all we know, the storage of numbers in the aforementioned example could be on a cloud infrastructure with one service provider, and the execution of adding numbers could be happening on a cloud infrastructure with another service provider. And, the infrastructure controlled by the two service providers may be in different locations/countries. It will be interesting to see how technology and business models evolve in cloud computing space to accommodate these requirements. 7. Relatedcases:- Kharak Singh vs. the State of Uttar Pradesh (UP)22 In this case, the appellant was being harassed by the police under Regulation 236(b) of UP police regulations, which permit domiciliary visits at night. The Supreme Court found Regulation 236 unconstitutional and in violation of Article 21. It is true that the Indian constitution never expressly declares the “right to privacy” as part of fundamental rights, but the court concluded that Article 21 of the constitution includes the “right to privacy” as part of the right to “protection of life and personal liberty”. R. Rajagopal vs. the State of Tamil Nadu23 In this judgment, the court stated that “A citizen has a right to safeguard his privacy, the privacy of his family, marriage, procreation, motherhood, child
  • 19. bearing and education among other matters. No one can publish anything concerning the above matters without his consent - whether truthful or otherwise and whether laudatory or critical. If he does so, he would be violating the right to privacy of the person concerned and would be liable in an action for damages”. People’s Union for Civil Liberties (PUCL) vs. Union of India 24 The Supreme Court ruled that the telephone tapping by the government under Statute 5(2) of the Telegraph Act (1885) amounts to the infraction of Article 21 of the Indian Constitution. The right to privacy is part of the right to “life” and “personal liberty” enshrined under Article 21 of the constitution. The said right cannot be curtailed “except according to procedure established by law”. The court wanted the right to privacy under Article 21 to be expounded consistently with Article 17 of the International Covenant on Civil and Political Rights. Naz Foundation vs. Govt. of NCT of Delhi25 The Delhi High Court judgment allows persons to develop human relations without the interference from the outside community or from the state. It states: “The right to privacy thus has been held to protect a ‘private space in which man may become and remain himself’”. However, all cases dealing with the right to privacy have been decided in the context of government actions that resulted in private citizens being denied their right to personal privacy. No privacy judgment has granted private citizens a right of action against the breach of privacy by another private citizen. To that extent, data protection and personal privacy jurisprudence in India is not yet developed. Nivedita Sharma vs. Bharti Tele Ventures, ICICI Bank Ltd, American Express Bank.
  • 20. 8. Conclusion:- In summary, the murkiness of the “cloud” has introduced interesting challenges to the IP system. While the technology evolves and the IP system makes necessary adjustments to counter challenges posed by the evolution, being aware of the associated risks and taking simple measures can help owners reduce risk exposure considerably. Client-plus-cloud computing offers enhanced choice, flexibility, operational efficiency and cost savings for businesses and consumers. To take full advantage of these benefits, users must be given reliable assurances regarding the privacy and security of their online data. In addition, a number of regulatory, jurisdictional, and public policy issues remain to be solved in order for online computing to thrive. Microsoft has been addressing many of these issues since 1994, when we delivered our first online services for consumers and enterprises. Our breadth of experience has shaped our company’s privacy principles, corporate privacy policy, product and service development, and overall business practices. These components anchor our commitment to maintaining the highest standards of privacy and security in our online services and to partnering with other industry leaders, governments, and consumer organizations to develop globally consistent privacy frameworks that enable the expansion of the economic and social value of cloud-based computing The status of data is gradually changing, and the Internet and cloud computing are making data the subject of “property, privacy and economic rights” for all individuals. There are many differences between traditional IT infrastructure and cloud computing. The benefits of cloud computing have led to many stakeholders moving their data and infrastructure into the virtual world, where one cannot find any rules and regulations to regulate their virtual assets. Technology has the same uniform implications for privacy and personal data protection, whereas the concept of privacy jurisprudence may differ from country to country. Privacy may be viewed from different angles: in the United States, data privacy is a matter of consumer law; in Europe, it is a fundamental right; in India there is no concept called “data privacy”, but the right to privacy is a part of the right to “life” and “personal liberty” enshrined in Article 21 of the Constitution. Technology, however, has the same implications for privacy around the world. Data moves around the globe within fractions of a second with the same security and privacy
  • 21. risks, but countries around the world still create legal environments to regulate it. Most countries have attempted to patch available legislation, with India among them, while the rest of struggle in the absence of legal frameworks to protect personal data and privacy. This is the right time to set a “global standard” on data privacy. In the EU, data protection directives guide legislation relating to the protection of privacy and personal data, with the EU constantly trying to set a “global standard” law on data privacy. India does not have any guiding legislation, but it is moving toward a set of data protection and privacy laws. India requires a proper environment develop technology awareness, technology enablers, institutions to ensure standardization, expertise to set up cooperation between the government and corporate sectors, to establish a comprehensive legal system for future technologies.
  • 22. 9. References:- 1. http://blog.ipmetrix.com/2013/12/31/intellectual-property-in-the-clouded-era/ 2.http://ac.els-cdn.com/S1877050915005608/1-s2.0-S1877050915005608- main.pdf?_tid=066f40d2-886c-11e5-8d03- 00000aab0f26&acdnat=1447243505_feb87c298e834241e06f7777648aa9c9 3. Sultan Ullah, Zheng Xuefeng, “Cloud Computing: a Prologue”, International Journal of Advanced Research in Computer and Communication Engineering Vol – 1 No – 1, pp 01 – 04. 4.http://www.researchgate.net/publication/262049549_Implications_of_cloud_com puting_for_personal_data_protection_and_privacy_in_the_era_of_the_Cloud_An_ Indian_perspective 5. http://webjcli.org/article/view/303/418 6.http://www.rlpdp.com/wp-content/uploads/2014/10/Paper_Data- Protection_CC_IoT_BData_final-1.pdf 7. http://www.wanhuida.com/tabid/211/ArticleID/749/Default.aspx 8. Arun K Narasani, Founder/CEO. ipmetrix / December 31, 2013