6.2 Transfer of ownership of data within a cloud
Actors: cloud-subscriber-1, cloud-subscriber-2, cloud-provider
Goals: Cloud-subscriber-1 transfers the ownership of some data objects from cloud-subscriber-1 to cloud-subscriber-2 in a cloud-provider.
Assumptions: Cloud-subscriber-1 owns a set of data objects stored with a cloud-provider
Success Scenario (transfer of ownership, IaaS): Cloud-subscriber-1 sends a change-ownership request to the cloud-provider. The change-ownership request identifies the objects to be affected, the identity of the cloud-subscriber to receive the ownership of the objects (cloud-subscriber-2), and the time the change should occur. Either cloud-subscriber-1 or the cloud-provider sends a request to cloud-subscriber-2 offering the ownership. Cloud-subscriber-2 accepts or declines the offer. If cloud-subscriber-2 accepts the offer, immediately after the specified time, the cloud-provider changes the ownership metadata for the specified objects and fees associated these objects stop accruing to cloud-subscriber-1 and begin accruing to cloud-subscriber-2.
Failure Conditions: (1) Cloud-subscriber-1 is not authorized to change ownership; (2) cloud-subscriber-2 does not respond to the transfer of ownership request; (3) cloud-provider does not have access to the data objects.
Failure Handling: Cloud-provider notifies cloud-subscriber-1 that the transfer of ownership request has failed and provides description of why the transfer failed.
Requirements File: The change of ownership request, acceptance or rejection, is logged by the cloud-provider. The change of ownership transaction is supported by cryptographic mechanisms that allow for mutual authentication and non-repudiation.