Abstract
This master’s thesis examines the use of cloud technologies in military intelligence froma legal and security perspective. The central question is under what conditions the
storage of intelligence-relevant data in a public cloud is possible and what legal and
technical requirements must be considered.
First, a fundamental understanding of cloud computing is provided. This includes
an introduction to the different service models—Software-as-a-Service (SaaS), Platformas-a-Service (PaaS), and Infrastructure-as-a-Service (IaaS)—as well as the various deployment models such as public, private, hybrid, and community clouds. This overview
serves as the basis for understanding the opportunities and risks associated with cloud
usage in security-critical areas.
Subsequently, the legal framework for the storage and processing of sensitive information in military intelligence is analyzed. Particular focus is placed on the classification of intelligence-relevant data, which is categorized into different security levels
based on its sensitivity. At the international level, the legal regulations of the European
Union, NATO, and bilateral agreements between Austria and other countries are examined. This analysis highlights the legal and security policy requirements for protecting
intelligence-related information.
To provide practical insight, a specific case study on the use of a public cloud for
storing personal data is presented. Both the legal implications and the information security challenges are analyzed. The study demonstrates that despite existing encryption
mechanisms, significant risks persist, particularly regarding potential access by third
countries and intelligence agencies.
The findings of this thesis indicate that while the use of public cloud technology in
military intelligence is theoretically possible, it can only be implemented under strict
legal regulations and comprehensive security measures. The protection of sensitive data
requires a combination of technical safeguards, organizational controls, and a clear legal
framework.
Overall, this thesis makes a significant contribution to the academic discourse on
the secure and legally compliant use of cloud technologies in security-critical domains.
It provides a comprehensive analysis of current challenges and presents solutions for the
future development of secure cloud usage in military intelligence.
| Date of Award | 2025 |
|---|---|
| Original language | German (Austria) |
| Supervisor | Peter Burgstaller (Supervisor) |
Studyprogram
- Information Security Management