Publication Date: 2014-Jan-23
The IP.com Prior Art Database
IT data are often subject to storage restrictions based on the data content which can affect where and how information may be stored. For example, legal, business, or medical data may require certain storage locations or policies. Alternatively, storage providers need the flexibility to provide various storage options, particularly in cloud environments, but some of these options may be unsuitable for specific data. The Expose-O-Meter presents a user interface design that allows a data owner and a storage provider to determine acceptable storage options without revealing details of the storage or the data, thus simplifying the process of reducing exposures.
Page 01 of 5
In IT environments, various storage locations and conditions are used to store data based on the storage providers' facilities and policies. As data are moved into cloud-based systems, there is even less focus on the physical aspect of storage; most owners think of their data as being stored "in the cloud." However, the type of data stored can affect storage requirements. For example, the EU's Data Protection Directive regulates the transfer of personal information to countries with less strict data protection laws; i.e., in some cases, moving personal data across international borders for storage in another country is illegal. But, there are not always clear ways for an owner to specify the conditions under which their data may be stored.
The Expose-O-Meter presents a user interface design that allows a data owner and a storage provider to determine acceptable storage options without revealing details of the storage or the data, thus simplifying the process of reducing exposures.
The idea of the Expose-O-Meter (EOM) is that data owners want to be confident that their data are being stored in a manner that minimizes any potential exposures from location or policy violations. The EOM presents a method for providing data owners with the capability to make choices about how their data are stored while still allowing the cloud provider the ability to control storage.
Data owners can identify the types of data for which they are responsible.
Cloud providers provide owners with a profile of storage for their environments. This includes location and security.
For some sensitive data, there is criteria that must be met or there is a violation, such as a legal requirement. In other cases, the criteria may be along levels of risk, where the owner and cloud provider can select the level of risk they find acceptable. For example, the storage of some business confidential data may provide no legal exposure, but there are company regulations that control how these data are stored. This can be used for determining where new data need to be stored or for viable options as data are moved or backed up by the storage provider.
The Expose-O-Meter compares policy sensitivities with storage options to determine areas where potential problems -- exposures -- may arise. Some examples of these sensitivities are:
- Eurozone regulations
- Personal information sharing - etc
The EOM allows the data own...