Artikel in Tagungsband INPROC-2011-29

Schleicher, Daniel; Fehling, Christoph; Grohe, Stefan; Leymann, Frank; Nowak, Alexander; Schneider, Patrick; Schumm, David: Compliance Domains: A Means to Model Data-Restrictions in Cloud Environments.
In: Enterprise Distributed Object Computing Conference (EDOC).
Universität Stuttgart, Fakultät Informatik, Elektrotechnik und Informationstechnik.
S. 257-266, englisch.
IEEE Xplore, 29. August 2011.
DOI: 10.1109/EDOC.2011.22.
Artikel in Tagungsband (Konferenz-Beitrag).
CR-Klassif.H.4.1 (Office Automation)

It is crucial for enterprises to execute business operations in a compliant way. This is especially true for ITdriven business processes as enterprises may face considerable fines when violating laws and regulation in their business processes. Through the advent of cloud computing, a new dimension of compliance requirements within the research area of compliant business process design has emerged. Datasovereignty is one of the major compliance concerns enterprises have to deal with when moving applications and data to the cloud. Enterprises are fully responsible for their data, also when the data is not present within their IT premises anymore. This lead to the policy that specific data must not leave the IT premises of the enterprise. In this paper we present an approach to support the human process designer in modelling compliant business processes. We are focusing on compliance requirements which have to be considered in the field of cloud computing. These requirements have been created to meet laws and regulations. These laws and regulations are considering data which is sent around between countries, for example. Considering the characteristics of these requirements, we deal with data-centric compliance rules here.

Abteilung(en)Universität Stuttgart, Institut für Architektur von Anwendungssystemen
Eingabedatum5. Mai 2011
   Publ. Institut   Publ. Informatik