INTRODUCTION TO CLOUD COMPUTING & IP
Cloud computing in simple terms can be defined as storing and accessing data and programs over the Internet instead of your computer's hard drive. It doesn't just end there. Cloud in the term of Cloud Computing refers to set of hardware, networks, storage, services, and interfaces that combine to deliver aspects of computing as a service. So, it is not just that you are going to share information but in cloud computing even the infrastructure can be shared on real time basis on the internet. The definition of cloud computing as given by then US National Institute of Standards and Technology (NIST) which has been widely adopted and also relied upon by the Government of India; it states:
As implied by the term "cloud," one aspect of cloud computing is the lack of a clear locality of hardware and data. Services may be sold to a client in a particular jurisdiction, and that client's data may be stored and processed at one or more locations in the same or other jurisdictions. The client may not have any knowledge of where the data is stored or processed. Data may be stored redundantly in multiple locations and in multiple jurisdictions, and may be split up and fragmented in storage. For example, data may be stored in different countries at different times making it difficult to determine where data is stored at a given time. Various parts or steps of data processing may also occur in different jurisdictions.
TYPES OF CLOUD COMPUTING –
SOFTWARE-AS-A-SERVICE (SaaS):
SaaS is a method of remotely delivering access to software and its functions to end users, usually as a Web-based service. Also known as "hosted applications," SaaS allows organizations to access the software typically at a cost less than paying for licensed applications because SaaS pricing is subscriptionbased or pay-per-use. A particular feature of SaaS is that it hosts software remotely, thereby eliminating the need for end users to invest in additional hardware. Additionally, because the service is remotely maintained and delivered, SaaS also removes the need for organizations to handle the installation, set-up and routine upkeep and maintenance. A few examples are: Google Apps, Salesforce, Workday, Concur, Citrix GoToMeeting, Cisco WebEx., etc.
INFRASTRUCTURE-AS-A-SERVICE (IaaS):
IaaS is typically an offering of on demand computing capacity. This type of service replaces the need for customers to buy and maintain servers and other hardware and equipment within its own data center. By accessing the requisite servers from a service provider through the Internet or a private network as IaaS, the customer benefits from a scalable and elastic infrastructure, accessed through the cloud. A few examples are: Amazon Web Services (AWS), Cisco Metapod, Microsoft Azure, Google Compute Engine (GCE), Joyent, etc.
PLATFORM-AS-A-SERVICE (PaaS):
PaaS will offer platforms (programming languages and tools for development and testing of applications that are independent of infrastructure) on-demand. Production environment will also be provided for hosting of applications on the cloud. . A few examples are: Increases developer productivity and utilization rates while also decreasing an application's time-tomarket.
MEATHODS OF CLOUD COMPUTING:
PRIVATE CLOUD:
The cloud infrastructure is provisioned for exclusive use by a single organisation comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by the organisation, a third party, or some combination of them, and it may exist on or off premises.
COMMUNITY CLOUD:
The cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organisations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be owned, managed, and operated by one or more of the organisations in the community, a third party, or some combination of them, and it may exist on or off premises.
PUBLIC CLOUD:
The cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organisation, or some combination of them. It exists on the premises of the cloud provider.
HYBRID CLOUD:
The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds).
THREATS FACED BY USING CLOUD COMPUTING
Despite being futuristic and efficient, Cloud Computing still has a few problems which are to be addressed for gaining further acceptability amongst the consumers. Cloud computing has been designed with an architecture to let the customer access data from almost anywhere on a real-time basis, however the following challenges still persist; which makes way for hindrances:
SECURITY AND PRIVACY:
Information housed on the cloud servers mostly compromises of confidential information and intellectual property (IP). Risk of inappropriate access to personal and confidential information always possess an imminent threat.
APPLICATION DESIGN:
Keeping in mind the need of various software based applications, it has to be understood that the traditional application process is different from cloud based application process. Hence, it should be of prime importance that all new applications must be designed in compliance with the basic cloud design premises.
LICENSING:
Existing software licensing models may not facilitate cloud deployment especially from the point of cloud service delivery.
LOCATION OF DATA:
Since, the data hosted on the cloud shall not be present in a traceable static location concerns over the ownership, accessibility, privacy and security of the data are of prime concern; which paves way for jurisdictional conflict.
LOSS OF CONTROL:
Loss of control may lead to resistance to change. As the need to maintain servers and other data centre infrastructure diminishes, the form of the IT function in government may change.
The following processes are seen as necessary steps for ensuring protection which using the cloud computing services:
UP FRONT DUE DILIGENCE:
One of the best ways to host a successful cloud computing platform experience is to perform appropriate due diligence on the potential vendors. Usually, multiple vendors are able to provide for the required cloud computing services.
NEGOTIATION:
There has to be absolute clarity between the service provider and the recipient customer who are going to operate and function on this model of cloud computing. All the liabilities, risks and management options should clearly be discussed and it shall be a mandate for both the parties, to keep track and change of any developments whatsoever.
AUDIT AFTER THE AGREEMENT:
After the contract is executed and the services have begun, it is still necessary to audit the service provider to ensure compliance with the terms of the agreement. Generally, in-person involvement in auditing helps expedite the process
DATA OWNERSHIP:
One of the primary concerns expressed by companies considering the use of cloud services is the issue of data ownership. Once data leaves the confines of the company's own computer system, questions immediately arise over who owns that data.
OWNERSHIP PROVISIONS IN A CONTRACT:
Although this issue is frequently discussed, it is rare that the issue becomes a significant issue in the decision to use cloud computing services. This is because vendors realize that they cannot claim ownership over their customers' data if they expect to survive in the marketplace. Customers need to request that their service contract include specific provisions that clearly spell out that the customer owns all of the data that is placed on the system, as well as any modifications that are made to that data.
CONFIDENTIALITY / NON-DISCLOSURE:
If the service provider must have access to the content of data, then it is extremely important that the agreement include some type of nondisclosure provision.
ACCESS AND CONTROL:
While potential customers of cloud services usually express concern about data ownership issues, frequently their concerns have more to do with access and control over the data.
DATA LOSS AND BACKUP:
While all potential customers of cloud services are concerned about data loss, in reality most reputable cloud service providers provide a more robust system for ensuring data against loss than almost any of their customers can provide. That does not however mean that losses don't occur.
CONCLUSION
Specific recommendations and outcomes related to complex cloud computing legal issues will be factspecific. In many cases it is unclear how the law will be applied, because the issues have yet to be considered by the courts. Nevertheless, cloud computing providers and users alike should at least be aware of the issues identified above when considering how to best protect their intellectual property and how to avoid potential infringement pitfalls. Keeping in mind the scenario of growth and chances for expansion, it should be considered that cloud computing is the next biggest quantum leap in the era of technology and the next biggest hurdle for legal agencies to device out a model for smooth functioning. Given the challenges mentioned above it should be of importance and consideration to the service-seeker to understand the bundle of risks and challenges associated with the services and prepare adequately for the same.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
