Graf, SebastianEisele, JörgWaldvogel, MarcelStrittmatter, MarcMüller, PaulNeumair, BernhardReiser, HelmutRodosek, Gabi Dreo2018-11-142018-11-142012978-3-88579-297-0https://dl.gi.de/handle/20.500.12116/18180Public cloud infrastructures represent alluring storage platforms supporting easy and flexible, location-independent access to the hosted information without any hassle for maintaining own infrastructures. Already widely established and utilized by end-users as well as by institutions, the hosting of data on untrusted platforms, containing private and confidential information, generates concerns about the security. Technical measures establishing security rely thereby on the technical applicability. As a consequence, legal regulations must be applied to cover those measures even beyond this technical applicability. This paper provides an evaluation of technical measures combined with legal aspects representing a guideline for secure cloud storage for end-users as well as for institutions. Based upon current approaches providing secure data storage on a technical level, german laws are applied and discussed to give an overview about correct treatment of even confidential data stored securely in the cloud. As a result, a set of technical possibilities applied on fixed defined security requirements is presented and discussed. These technical measures are extended by legal aspects which must be provided from the side of the hosting Cloud Service Provider. The presented combination of the technical and the legal perspective on secure cloud storage enables end-users as well as hosting institutions to store their data securely in the cloud in an accountable and transparent way.enA legal and technical perspective on secure cloud storageText/Conference Paper1617-5468