Giving customers control over their data: Integrating a policy language into the cloud

Jens Hiller, Mael Kimmerlin, Max Plauth, Seppo Heikkila, Stefan Klauck, Ville Lindfors, Felix Eberhardt, Dariusz Bursztynowski, Jesus Llorente Santos, Oliver Hohlfeld, Klaus Wehrle

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

2 Citations (Scopus)


Cloud computing offers the potential to store, manage, and process data in highly available, scalable, and elastic environments. Yet, these environments still provide very limited and inflexible means for customers to control their data. For example, customers can neither specify security of inter-cloud communication bearing the risk of information leakage, nor comply with laws requiring data to be kept in the originating jurisdiction, nor control sharing of data with third parties on a fine-granular basis. This lack of control can hinder cloud adoption for data that falls under regulations. In this paper, we show in six use cases how cloud environments can be enriched with policy language support to give customers control over cloud data. Our use cases are based on realizing policy language support in all three cloud environment layers, i.e., IaaS, PaaS, and SaaS. Specifically, we present policy-aware resource management (with OpenStack) and dynamic network configuration. With CERN's big data storage and the in-memory database Hyrise, we show realization for storage and further exemplify policy-aware cloud processing by network function virtualization which enables Orange to offload customer home gateways to the cloud. Finally, we discuss benefits of policy support in F-Secure's Security Cloud. These use cases show the feasibility of realizing customer control with policy support in the cloud. Thus, our work enables customers with regulated data to tap cloud benefits and significantly broadens the market for cloud providers.

Original languageEnglish
Title of host publicationProceedings - 2018 IEEE International Conference on Cloud Engineering, IC2E 2018
Number of pages9
ISBN (Electronic)9781538650080
Publication statusPublished - 16 May 2018
MoE publication typeA4 Article in a conference publication
EventIEEE International Conference on Cloud Engineering - Orlando, United States
Duration: 17 Apr 201820 Apr 2018


ConferenceIEEE International Conference on Cloud Engineering
Abbreviated titleIC2E
Country/TerritoryUnited States


  • Cloud computing
  • CPPL
  • NFV
  • OpenStack
  • Policy


Dive into the research topics of 'Giving customers control over their data: Integrating a policy language into the cloud'. Together they form a unique fingerprint.

Cite this