Jump to Navigation


4.3.2 Account of Correct Data Storage

Obligation 8 in D23.2 states that "The controller must (..) ensure that appropriate security and privacy preservation measures have been implemented throughout the service delivery chain". Since the main service supplied by a cloud provider is data outsourcing, the cloud provider should ensure data availability and integrity. In order to prove the correct storage of data, the cloud provider can provide the following evidence:

  • information about data handling practices;
  • log traces with respect to the handling of the particular data;
  • cryptographic proofs about the storage and integrity of the data.