1. Cloud OPS
A Danish perspective on Cloud
Søren Peter Nielsen
spn@itst.dk
Chief Architect
Danish National IT and Telecom Agency
Frankfurt, March 17th 2011
2. Read more:
”Cloud Calculator”
digitaliser.dk/resource/601236
Highlighting the potential
A 60% total cost reduction
over a 5 year period!
3. Hands on experience - NITA in the
cloud
Digitalisér.dk, EasyTrade and
Citizen portal statistics module in
the cloud.
EasyTrade in the cloud
=> more than 50% cost reduction
Read more:
”Migration of Nemhandel to a commercial
Cloud Computing Infrastructure”
digitaliser.dk/resource/567373
4. Eliminate the barriers -
Municipality of Odense
• Preliminary project: Pupils in primary school had
Google Apps accounts
• Project expansion: The teachers' evaluations of the
pupils also on Google Apps => Involves sensitive
personal data of the pupils
• Long dialog between the Danish Data Protection
Agency and Municipality of Odense
• Latest decision from the DPA: Odense can't use the
Google Apps solution for sensitive personal data
o DPA is willing to reconsider the decision if adequate
data is provided
5. Read more:
”Processing of sensitive personal data in a
cloud solution”
Eliminate the barriers -
Municipality of Odense digitaliser.dk/resource/935026
Latest opinion from the Danish Data Protection Agency:
1. Is data located within the EU or in a European non-EU country?
2. The provided risk analysis is inadequate. A technical risk-
assessment is necessary.
3. A processor agreement between Google and Odense is
necessary.
4. Knowledge of the concrete geographical location of data is
necessary
5. It needs to be specified how the Danish Executive Order on
Security's and the Act on Processing of Personal Data's
requirements will be met in a number of areas (e.g. permanent
deletion of data)
6. Read more:
”Cloud Audit and Assurance Initiatives”
digitaliser.dk/resource/1029260
Two roads to address
”New Digital Security Models”
security considerations digitaliser.dk/resource/896495
1. Assurance Based Security
2. Security-by-Design: "New Digital Security Models"
o Provide security for all parties in a transaction (including users).
o De-couple user data from users' physical identity.
o Utilize attribute-based credentials and transaction isolation.
o Move from an identification-oriented paradigm towards a
validation-orientated paradigm.