On data sovereignty in cloud-based computation offloading for smart cities applications

Smart city applications are increasingly popular due to their potential to improve quality of life in an urbanized society, and such applications typically leverage on cloud computing for data and computation offloading from the sensing infrastructure. Despite the capability of achieving scalability and flexibility, the use of cloud computing imposes inherent security and privacy concerns regarding data analysis and exchange, as well as legal implications. For example, data in a smart city application being outsourced to the cloud and/or exchanged among sensing devices may be accessible to users located in a different jurisdiction or subsequently reside in a data center in a different jurisdiction. There may be conflicting privacy protection and disclosure laws among these jurisdictions/locations; thus, limiting the widespread adoption of smart city applications. Restricting the data flow for such applications is not viable since it may cause inefficiencies, although there are situations requiring to limit the data access to selected geographical locations. Therefore, we propose addressing this issue by using a location-dependent cryptographic approach, and we integrate such an approach within the context of cloud-based smart city applications.