Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

6.2 Transfer of ownership of data within a cloud


6.2      Transfer of ownership of data within a cloud

Actors: cloud-subscriber-1, cloud-subscriber-2, cloud-provider

GoalsCloud-subscriber-1 transfers the ownership of some data objects from cloud-subscriber-1 to cloud-subscriber-2 in a cloud-provider.

Assumptions: Cloud-subscriber-1 owns a set of data objects stored with a cloud-provider

Success Scenario (transfer of ownership, IaaS):  Cloud-subscriber-1 sends a change-ownership request to the cloud-provider.  The change-ownership request identifies the objects to be affected, the identity of the cloud-subscriber to receive the ownership of the objects (cloud-subscriber-2), and the time the change should occur.  Either cloud-subscriber-1 or the cloud-provider sends a request to cloud-subscriber-2 offering the ownership.  Cloud-subscriber-2 accepts or declines the offer.  If cloud-subscriber-2 accepts the offer, immediately after the specified time, the cloud-provider changes the ownership metadata for the specified objects and fees associated these objects stop accruing to cloud-subscriber-1 and begin accruing to cloud-subscriber-2.

Failure Conditions: (1) Cloud-subscriber-1 is not authorized to change ownership; (2) cloud-subscriber-2 does not respond to the transfer of ownership request; (3) cloud-provider does not have access to the data objects. 

Failure Handling: Cloud-provider notifies cloud-subscriber-1 that the transfer of ownership request has failed and provides description of why the transfer failed.

Requirements File: The change of ownership request, acceptance or rejection, is logged by the cloud-provider. The change of ownership transaction is supported by cryptographic mechanisms that allow for mutual authentication and non-repudiation.

Credit: TBD

Created November 2, 2010, Updated March 23, 2018