Jump to Navigation


Latest articles

A Language for the Composition of Privacy-Enforcement Techniques

Today's large-scale computations, for instance, in the cloud, are subject to a multitude of risks concerning the divulging and ownership of private data. Privacy risks are mainly addressed using encryption-based techniques. These make data private, but costly to operate. Furthermore, today's computations have to ensure privacy properties in the context of complex software compositions, however, no general support for the declarative definition and implementation of privacy-preserving applications has been put forward.

From Regulatory Obligations to Enforceable Accountability Policies in the Cloud

The widespread adoption of the cloud model for service delivery triggered several data protection issues. As a matter of fact, the proper delivery of these services typically involves sharing of personal/business data between the different parties involved in the service provisioning. In order to increase cloud consumer’s trust, there must be guarantees on the fair use of their data. Accountability provides the necessary assurance about the data governance practices to the different stakeholders involved in a cloud service chain.

Abstract Accountability Language: Translation, Compliance and Application

With the rise of the services-based economy and the democratization of on-line services, more and more users (individual and/or business) use on-line applications in their daily lives. Usually personal data transits between different actors involved in a service’s delivery chain (e.g. application/storage service providers) and thus might raise some privacy issues. Accountability, which is the property of an entity of being responsible for its acts, can help mitigate data privacy and data disclosures issues in such applications.

Checking Accountability with a Prover

Today on-line services are the cornerstone of on-line applications such as e-commerce, e-government and e-health applications. However, they raise several challenges about data privacy. Accountability, which is the property of an entity of being responsible for its acts, meets some of these challenges and hence increases user's trustworthiness in on-line applications. In this work, we propose an approach to assist the design of accountable applications.

Accountability for Data Protection

Guarantees on the fair-use of provided or collected personal data is central to consumers while using on-line services. Also, service providers have to provide such guarantees to be in-line with current legislation in data protection and to promote their offered services. In this paper, we introduce the concept of accountability as a solution to data protection.

Accountability for Abstract Component Design

The importance of the services-based market, 62.9% of the World gross domestic product (GDP) [1], triggered an increase in the use of software offered on-line as services (SaaS). The use of such software usually implies the flow of personal data on-line between several parties. This can make users reluctant to their use. In this work, we consider this issue at the design-time of the software and we propose some foundations for an accountable software design.

Cloud Accountability: Glossary of Terms and Definitions

The Glossary of Terms and Definitions captures a shared multidisciplinary understanding within the EU FP7 Cloud Accountability Project (A4Cloud). It consists of the key terms that have been identified by the A4Cloud’s Accountability Conceptual Framework. The definitions in the glossary have been drawn from relevant research literature, standards or domain specific references (e.g. data protection, cloud computing, information security, privacy, etc.).

Standards for Accountability in the Cloud

This paper examines the role of standards in the cloud with a particular focus on accountability, in the context of the A4Cloud Project (Accountability for the Cloud). To this end, we first provide a general overview of standards, what they are and how we can categorize them, as illustrated by a few cloud-specific examples. Next, we examine the intersection between standards and accountability, by highlighting how standards influence the A4Cloud Project and reciprocally how the A4Cloud Project aims to influence accountability related standards.

Legal Aspects of Cloud Accountability

This paper explores the legal aspects of Cloud accountability which are being examined in great detail in the Cloud Accountability Project. This paper first provides an overview of the basic legal framework of the US and the EU, addresses the lawmaking process, and the impact and enforcement of jurisdiction. The primary laws within the data protection framework are then further explored, as such regulations have the greatest impact on the Cloud, Cloud providers, Cloud customers, and, ultimate, Cloud users. This paper then explores the role of contracts in the Cloud.