Cloud computing is coming to the INSPIRE community. "For those organisations with additional requirements about who should access data, there are also solutions in place or being developed, e.g. by the CLARUS project, which develops a Cloud Encryption Gateway and a Cloud Access Security Broker", a key takeaway cited in the wetransform Retrospective of the INSPIRE conference 2017.
Cloud Encryption Gateway and Cloud Access Security Broker
Thierry Chevalier, AKKA, took to the stage to present the CLARUS privacy-by-design approach for no-compromise security in the cloud. The Cloud Encryption Gateway acts as a cloud security proxy performing encryption or tokenisation on an item-by-item basis as data flows through the proxy.
The Cloud Access Security Broker provides policy enforcement points placed between cloud service customers and cloud service providers.
Protecting geospatial data in the cloud
CLARUS innovations come at a critical time as the General Data Protection Regulation (GDPR) approaches with stricter rules and heavier fines if data is not adequately protected. Thierry Chevalier outlined the implications for geospatial data in the cloud. New technologies should be able to protect geo-referenced data because the notion of personal data also encompasses location data, and personal data could be revealed when accessing or downloading information or videos, as well as when using an environmental service.
Most importantly, INSPIRE actors often deal with confidential data, e.g. for national security or commercial reasons. Technology advances like CLARUS can be used in these cases, ensuring confidential data is properly protected and for semantic enhancements.