{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,9]],"date-time":"2026-04-09T09:40:52Z","timestamp":1775727652667,"version":"3.50.1"},"reference-count":42,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2017,3,22]],"date-time":"2017-03-22T00:00:00Z","timestamp":1490140800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100000781","name":"European Research Council","doi-asserted-by":"publisher","award":["644814"],"award-info":[{"award-number":["644814"]}],"id":[{"id":"10.13039\/501100000781","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001319","name":"University of Westminster","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100001319","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Grid Computing"],"published-print":{"date-parts":[[2017,6]]},"DOI":"10.1007\/s10723-017-9394-2","type":"journal-article","created":{"date-parts":[[2017,3,23]],"date-time":"2017-03-23T05:44:36Z","timestamp":1490247876000},"page":"219-234","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":33,"title":["PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services"],"prefix":"10.1007","volume":"15","author":[{"given":"Yiannis","family":"Verginadis","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Antonis","family":"Michalas","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Panagiotis","family":"Gouvas","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gunther","family":"Schiefer","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gerald","family":"H\u00fcbsch","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Iraklis","family":"Paraskakis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2017,3,22]]},"reference":[{"key":"9394_CR1","unstructured":"Alliance, C.S.: The notorious nine \u2013 cloud computing top threats in 2013 (2013)"},{"issue":"2","key":"9394_CR2","doi-asserted-by":"crossref","first-page":"18:1","DOI":"10.1145\/2636328","volume":"47","author":"C B\u00f6sch","year":"2014","unstructured":"B\u00f6sch, C., Hartel, P., Jonker, W., Peter, A.: A survey of provably secure searchable encryption. ACM Comput. Surv. 47(2), 18:1\u201318:51 (2014). doi: http:\/\/doi.acm.org\/10.1145\/2636328","journal-title":"ACM Comput. Surv."},{"key":"9394_CR3","doi-asserted-by":"publisher","unstructured":"Boustia, N., Mokhtari, A.: Representation and reasoning on orbac: Description logic with defaults and exceptions approach. In: Third International Conference on Availability, Reliability and Security.ARES 08, pp. 1008\u20131012. doi: 10.1109\/ARES.2008.144 (2008)","DOI":"10.1109\/ARES.2008.144"},{"key":"9394_CR4","doi-asserted-by":"publisher","unstructured":"Chandran, S.M., Joshi, J.B.D.: Lot-rbac: a location and time-based rbac model. In: Proceedings of the 6th International Conference on Web Information Systems Engineering, pp. 361\u2013375. Springer, Berlin, WISE\u201905. doi: 10.1007\/11581062_27 (2005)","DOI":"10.1007\/11581062_27"},{"key":"9394_CR5","doi-asserted-by":"publisher","unstructured":"Cleeff, A.V., Pieters, W., Wieringa, R.: Benefits of location-based access control: A literature study. In: Proceedings of the 2010 IEEE\/ACM Int\u2019L Conference on Green Computing and Communications & Int\u2019L Conference on Cyber, Physical and Social Computing, pp 739\u2013746. IEEE Computer Society, Washington, DC, GREENCOM-CPSCOM \u201910. doi: 10.1109\/GreenCom-CPSCom.2010.148 (2010)","DOI":"10.1109\/GreenCom-CPSCom.2010.148"},{"key":"9394_CR6","doi-asserted-by":"crossref","unstructured":"Costabello, L., Villata, S., Gandon, F.: Context-aware access control for rdf graph stores. In: Raedt, L.D., Bessi\u00e8re, C., Dubois, D., Doherty, P., Frasconi, P., Heintz, F., Lucas, P.J.F. (eds.) ECAI, IOS Press, Frontiers in Artificial Intelligence and Applications, vol 242, pp 282\u2013287. http:\/\/dblp.uni-trier.de\/db\/conf\/ecai\/ecai2012.html (2012)","DOI":"10.3233\/978-1-61499-098-7-282"},{"key":"9394_CR7","doi-asserted-by":"crossref","unstructured":"Covington M.J., Long W., Srinivasan S., Dev A.K., Ahamad M., Abowd G.D.: Securing context-aware applications using environment roles. In: Proceedings of the Sixth ACM Symposium on Access Control Models and Technologies, ACM, New York, NY, USA, SACMAT \u201901, pp 10\u201320. doi: http:\/\/doi.acm.org\/10.1145\/373256.373258 (2001)","DOI":"10.1145\/373256.373258"},{"key":"9394_CR8","doi-asserted-by":"publisher","unstructured":"Decker, M.: Modelling of location-aware access control rules. In: Handbook of Research on Mobility and Computing: Evolving Technologies and Ubiquitous Impacts, pp. 912\u2013929. IGI Global. doi: 10.4018\/978-1-60960-042-6.ch057 (2011)","DOI":"10.4018\/978-1-60960-042-6.ch057"},{"issue":"1","key":"9394_CR9","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1007\/s007790170019","volume":"5","author":"AK Dey","year":"2001","unstructured":"Dey, A.K.: Understanding and using context. Pers. Ubiquit. Comput. 5(1), 4\u20137 (2001). doi: 10.1007\/s007790170019","journal-title":"Pers. Ubiquit. Comput."},{"issue":"2","key":"9394_CR10","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","volume":"29","author":"D Dolev","year":"1983","unstructured":"Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198\u2013208 (1983)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"9394_CR11","doi-asserted-by":"crossref","unstructured":"Dowsley, R., Michalas, A., Nagel, M.: A report on design and implementation of protected searchable data in iaas. Tech. rep. Swedish Institute of Computer Science (SICS) (2016)","DOI":"10.1016\/j.cosrev.2017.08.001"},{"key":"9394_CR12","doi-asserted-by":"crossref","unstructured":"Ferrari, E.: Access Control in Data Management Systems. Morgan and Claypool Publishers (2010)","DOI":"10.2200\/S00281ED1V01Y201005DTM004"},{"key":"9394_CR13","doi-asserted-by":"publisher","unstructured":"Gabel, M., H\u00fcbsch, G.: Secure database outsourcing to the cloud using the mimosecco middleware. In: Krcmar, H., Reussner, R., Rumpe, B. (eds.) Trusted Cloud Computing, pp 187\u2013202. Springer International Publishing, Berlin (2014), 10.1007\/978-3-319-12718-7_12","DOI":"10.1007\/978-3-319-12718-7_12"},{"key":"9394_CR14","doi-asserted-by":"crossref","unstructured":"Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: a virtual machine-based platform for trusted computing. In: ACM SIGOPS Operating Systems Review, vol. 37, pp. 193\u2013206 (2003)","DOI":"10.1145\/945445.945464"},{"key":"9394_CR15","doi-asserted-by":"crossref","unstructured":"Gentry C.: A fully homomorphic encryption scheme. PhD thesis, Stanford, CA, USA, aAI3382729 (2009)","DOI":"10.1145\/1536414.1536440"},{"issue":"5\u20136","key":"9394_CR16","doi-asserted-by":"publisher","first-page":"907","DOI":"10.1006\/ijhc.1995.1081","volume":"43","author":"TR Gruber","year":"1995","unstructured":"Gruber, T.R.: Toward principles for the design of ontologies used for knowledge sharing. Int. J. Hum.-Comput. Stud. 43(5\u20136), 907\u2013928 (1995). doi: 10.1006\/ijhc.1995.1081","journal-title":"Int. J. Hum.-Comput. Stud."},{"key":"9394_CR17","doi-asserted-by":"crossref","unstructured":"Hu, H., Ahn, G.J., Kulkarni, K.: Ontology-based policy anomaly management for autonomic computing. In: 2011 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), pp. 487\u2013494 (2011)","DOI":"10.4108\/icst.collaboratecom.2011.247119"},{"key":"9394_CR18","unstructured":"Huber, M., Gabel, M., Schulze, M., Bieber, A.: Cumulus4j: a provably secure database abstraction layer. In: Cuzzocrea, A., Kittl, C., Simos, D.E., Weippl, E., Xu, L., Cuzzocrea, A., Kittl, C., Simos, D.E., Weippl, E., Xu, L. (eds.) CD-ARES Workshops, Springer, Lecture Notes in Computer Science, vol. 8128, pp. 180\u2013193. http:\/\/dblp.uni-trier.de\/db\/conf\/ares\/cd-ares2013w.html (2013)"},{"key":"9394_CR19","unstructured":"IBM: Security and high availability in cloud computing environments. Tech. rep. IBM SmartCloud Enterprise, East Lansing. http:\/\/www-935.ibm.com\/services\/za\/gts\/cloud\/Security_and_high_availability_in_cloud_computing_environments.pdf (2011)"},{"key":"9394_CR20","doi-asserted-by":"publisher","first-page":"136","DOI":"10.1007\/978-3-642-14992-4_13","volume-title":"Financial Cryptography and Data Security, Lecture Notes in Computer Science, vol 6054","author":"S Kamara","year":"2010","unstructured":"Kamara, S., Lauter, K.: Cryptographic cloud storage. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J., Sako, K., Seb\u00e9, F. (eds.) Financial Cryptography and Data Security, Lecture Notes in Computer Science, vol 6054. doi: 10.1007\/978-3-642-14992-4_13 10.1007\/978-3-642-14992-4_13 , pp 136\u2013149. Springer, Berlin (2010)"},{"key":"9394_CR21","doi-asserted-by":"crossref","unstructured":"Kayes, A.S.M., Han, J., Colman, A.: An ontology-based approach to context-aware access control for software services. In: Lin, X., Manolopoulos, Y., Srivastava, D., Huang, G. (eds.) WISE (1), Springer, Lecture Notes in Computer Science, vol. 8180, pp. 410\u2013420. http:\/\/dblp.uni-trier.de\/db\/conf\/wise\/wise2013-1.html (2013)","DOI":"10.1007\/978-3-642-41230-1_34"},{"issue":"5","key":"9394_CR22","first-page":"613","volume":"7","author":"AR Khan","year":"2012","unstructured":"Khan, A.R.: Access control in cloud computing environment. ARPN J. Eng. Appl. Sci. 7(5), 613\u2013615 (2012)","journal-title":"ARPN J. Eng. Appl. Sci."},{"key":"9394_CR23","doi-asserted-by":"publisher","unstructured":"Kourtesis D., Paraskakis I.: A registry and repository system supporting cloud application platform governance. In: Proceedings of the 2011 International Conference on Service-Oriented Computing, pp. 255\u2013256. Springer, Berlin, ICSOC\u201911. doi: 10.1007\/978-3-642-31875-7_36 (2012)","DOI":"10.1007\/978-3-642-31875-7_36"},{"issue":"3","key":"9394_CR24","first-page":"26","volume":"1","author":"GE Krasner","year":"1988","unstructured":"Krasner, G.E., Pope, S.T.: A cookbook for using the model-view controller user interface paradigm in smalltalk-80. J Object Oriented Program 1(3), 26\u201349 (1988) [ http:\/\/dl.acm.org\/citation.cfm?id=50757.50759 ]","journal-title":"J Object Oriented Program"},{"key":"9394_CR25","doi-asserted-by":"crossref","unstructured":"Kulkarni, D., Tripathi, A.: Context-aware role-based access control in pervasive computing systems. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, ACM, New York, NY, USA, SACMAT \u201908, pp 113\u2013122. doi: http:\/\/doi.acm.org\/10.1145\/1377836.1377854 (2008)","DOI":"10.1145\/1377836.1377854"},{"key":"9394_CR26","doi-asserted-by":"crossref","unstructured":"Lodderstedt T., Basin D.A., Doser J.: Secureuml: a uml-based modeling language for model-driven security. In: Proceedings of the 5th International Conference on The Unified Modeling Language, UML \u201902, pp 426\u2013441. Springer, London. http:\/\/dl.acm.org\/citation.cfm?id=647246.719477 (2002)","DOI":"10.1007\/3-540-45800-X_33"},{"key":"9394_CR27","doi-asserted-by":"crossref","unstructured":"Michalas, A., Dowsley, R.: Towards trusted ehealth services in the cloud. In: 1st International Workshop on Cloud Security and Data Privacy by Design (CloudSPD\u201915), co-located with the 8th IEEE\/ACM International Conference on Utility and Cloud Computing (UCC), IEEE\/ACM (2015)","DOI":"10.1109\/UCC.2015.108"},{"key":"9394_CR28","doi-asserted-by":"crossref","unstructured":"Michalas, A., Komninos, N.: The lord of the sense: A privacy preserving reputation system for participatory sensing applications. In: Computers and Communication (ISCC), 2014 IEEE Symposium, pp 1\u20136. IEEE (2014)","DOI":"10.1109\/ISCC.2014.6912480"},{"key":"9394_CR29","doi-asserted-by":"crossref","unstructured":"Michalas, A., Komninos, N., Prasad, N.R., Oleshchuk, V.A.: New client puzzle approach for dos resistance in ad hoc networks. In: 2010 IEEE International Conference Information Theory and Information Security (ICITIS), pp. 568\u2013573. IEEE (2010)","DOI":"10.1109\/ICITIS.2010.5689528"},{"key":"9394_CR30","doi-asserted-by":"crossref","unstructured":"Michalas, A., Paladi, N., Gehrmann, C.: Security aspects of e-health systems migration to the cloud. In: 2014 IEEE 16th International Conference on e-Health Networking, Applications and Services (Healthcom), pp 212\u2013218. IEEE (2014)","DOI":"10.1109\/HealthCom.2014.7001843"},{"key":"9394_CR31","unstructured":"Micro, T.: The need for cloud computing security. In: A Trend Micro White Paper (2010)"},{"key":"9394_CR32","doi-asserted-by":"publisher","unstructured":"Nejdl, W., Olmedilla, D., Winslett, M., Zhang, C.C.: Ontology-based policy specification and management. In: Proceedings of the Second European Conference on the Semantic Web: Research and Applications, ESWC\u201905, pp 290\u2013302. Springer, Berlin. doi: 10.1007\/11431053_20 (2005)","DOI":"10.1007\/11431053_20"},{"key":"9394_CR33","doi-asserted-by":"publisher","unstructured":"Paladi, N., Michalas, A.: One of our hosts in another country: challenges of data geolocation in cloud storage. In: 2014 4th International Conference on Wireless Communications, Vehicular Technology, Information Theory and Aerospace Electronic Systems (VITAE), pp. 1\u20136. doi: 10.1109\/VITAE.2014.6934507 (2014)","DOI":"10.1109\/VITAE.2014.6934507"},{"key":"9394_CR34","doi-asserted-by":"publisher","unstructured":"Paladi, N., Michalas, A., Gehrmann, C.: Domain based storage protection with secure access control for the cloud. In: Proceedings of the 2014 International Workshop on Security in Cloud Computing, ASIACCS \u201914. ACM, New York. doi: 10.1145\/2600075.2600082 (2014)","DOI":"10.1145\/2600075.2600082"},{"issue":"99","key":"9394_CR35","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1109\/TCC.2016.2525991","volume":"PP","author":"N Paladi","year":"2016","unstructured":"Paladi, N., Gehrmann, C., Michalas, A.: Providing user security guarantees in public infrastructure clouds. IEEE Trans. on Cloud Comput. PP(99), 1\u20131 (2016). doi: 10.1109\/TCC.2016.2525991","journal-title":"IEEE Trans. on Cloud Comput."},{"key":"9394_CR36","doi-asserted-by":"crossref","unstructured":"Popa, R.A., Redfield, C.M.S., Zeldovich, N., Balakrishnan, H.: Cryptdb: Protecting confidentiality with encrypted query processing. In: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, SOSP \u201911, pp 85\u2013100. ACM, New York. doi: http:\/\/doi.acm.org\/10.1145\/2043556.2043566 (2011)","DOI":"10.1145\/2043556.2043566"},{"key":"9394_CR37","unstructured":"Santos, N., Gummadi, K.P., Rodrigues, R.: Towards trusted cloud computing. In: Proceedings of the 2009 Conference on Hot Topics in Cloud Computing, USENIX, Berkeley, CA, HotCloud\u201909. http:\/\/dl.acm.org\/citation.cfm?id=1855533.1855536 (2009)"},{"key":"9394_CR38","doi-asserted-by":"publisher","first-page":"132","DOI":"10.1007\/978-3-642-21411-0_21","volume-title":"Advanced Research on Computer Science and Information Engineering, Communications in Computer and Information Science, vol 153","author":"H Shen","year":"2011","unstructured":"Shen, H., Cheng, Y.: A context-aware semantic-based access control model for mobile web services. In: Shen, G., Huang, X. (eds.) Advanced Research on Computer Science and Information Engineering, Communications in Computer and Information Science, vol 153. doi: 10.1007\/978-3-642-21411-0_21 , pp 132\u2013139. Springer, Berlin (2011)"},{"key":"9394_CR39","doi-asserted-by":"publisher","unstructured":"Toninelli, A., Montanari, R., Kagal, L., Lassila, O.: A semantic context-aware access control framework for secure collaborations in pervasive computing environments. In: Proceedings of the 5th International Conference on The Semantic Web, ISWC\u201906, pp 473\u2013486. Springer, Berlin. doi: 10.1007\/11926078_34 (2006)","DOI":"10.1007\/11926078_34"},{"issue":"4","key":"9394_CR40","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1109\/MIS.2004.31","volume":"19","author":"A Uszok","year":"2004","unstructured":"Uszok, A., Bradshaw, J.M., Johnson, M., Jeffers, R., Tate, A., Dalton, J., Aitken, S.: Kaos policy management for semantic web services. IEEE Intell. Syst. 19(4), 32\u201341 (2004). doi: 10.1109\/MIS.2004.31","journal-title":"IEEE Intell. Syst."},{"key":"9394_CR41","doi-asserted-by":"crossref","unstructured":"Verginadis, Y., Mentzas, G., Veloudis, S., Paraskakis, I.: A survey on context security policies. In: 1st International Workshop on Cloud Security and Data Privacy by Design (CloudSPD\u201915), co-located with the 8th IEEE\/ACM International Conference on Utility and Cloud Computing (UCC), IEEE\/ACM (2015)","DOI":"10.1109\/UCC.2015.103"},{"key":"9394_CR42","doi-asserted-by":"crossref","unstructured":"Zhang, F., Chen, J., Chen, H., Zang, B.: Cloudvisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization. In: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, pp 203\u2013216. ACM (2011)","DOI":"10.1145\/2043556.2043576"}],"container-title":["Journal of Grid Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10723-017-9394-2\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10723-017-9394-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10723-017-9394-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:18:11Z","timestamp":1750177091000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10723-017-9394-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,3,22]]},"references-count":42,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2017,6]]}},"alternative-id":["9394"],"URL":"https:\/\/doi.org\/10.1007\/s10723-017-9394-2","relation":{},"ISSN":["1570-7873","1572-9184"],"issn-type":[{"value":"1570-7873","type":"print"},{"value":"1572-9184","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,3,22]]}}}