Jump to Navigation

 

Latest articles

Towards Strong Accountability for Cloud Service Providers

In order to be an accountable organisation, Cloud Providers need to commit to being responsible stewards of other people's information. This implies demonstrating both willingness and capacity for such stewardship. This paper outlines the fundamental requirements that must be met by accountable organisations, and sketches what kind of tools, mechanisms and guidelines support this in practice. 

Read more in A4Cloud Publications.

COAT: Cloud Offerings Advisory Tool

There is a pressing need to make the differences between cloud offerings more transparent to cloud customers. Examples of properties that vary across cloud service providers (and that are reflected in cloud contracts) include subcontracting, location of data centres, use restriction, applicable law, data backup, encryption, remedies, storage period, monitoring/audits, breach notification, demonstration of compliance, dispute resolution, data portability, law enforcement access and data deletion from servers.

Accountable Health Care Service Provisioning in the Cloud

Cloud computing has received a great deal of attention during the past few years. However, processing data remotely in unknown systems creates a number of challenges related to data privacy and security, which may hinder the adoption of cloud technology in, for example, the health care domain. This paper presents results from the ongoing EU FP7 research project, which aims to provide mechanism and tools to enable organisations involved in cloud service delivery chains to act as responsible stewards for the personal data that they process.

A Cloud Adoption Risk Assessment Model

Cloud Adoption Risk Assessment Model is designed for cloud customers to assess the risks that they face by selecting a specific cloud service provider. It is an expert system to evaluate various background information obtained from cloud customers, cloud service providers and other public external sources, and to analyze various risk scenarios. This would facilitate cloud customers in making informed decision to select the cloud service provider with the most preferable risk profile. 

Healthcare Services in the Cloud – Obstacles to Adoption, and a Way Forward

Cloud computing has been receiving a great deal of attention during the past few years. A major feature of public cloud services is that data are processed remotely in unknown systems that the users do not own or operate. This context creates a number of challenges related to data privacy and security and may hinder the adoption of cloud technology in, for example, the healthcare domain. This paper presents results from a stakeholder elicitation activity, in which the participants identified a number of obstacles to the adoption of cloud computing for the processing of healthcare data.

Interoperability Analysis of Accountable Data Governance in the Cloud

Cloud computing has emerged as a promising technology to drive innovation and leverage business development in various sectorial applications. Large scale enterprises and SMEs take advantage of cloud computing in order to benefit from cost-effective technological deployments allowing flexibility and scalability, and to offer added value solutions to their customers.

A Cloud Accountability Policy Representation Framework

Nowadays we are witnessing the democratization of cloud services. As a result, more and more end-users (individuals and businesses) are using these services for achieving their electronic transactions (shopping, administrative procedures, B2B transactions, etc.). In such scenarios, personal data is generally flowed between several entities and end-users need (i) to be aware of the management, processing, storage and retention of personal data, and (ii) to have necessary means to hold service providers accountable for the usage of their data.

Enforcing Expressive Accountability Policies

Accountability policies for the enforcement of the responsible stewardship of personal data have to support the gathering of information at all levels of the service stack and across different policy domains, for instance, for the retrospective enforcement of transparency and remediation properties. Existing approaches to accountability, however, often do not meet these requirements and corresponding implementation support is lacking.

Towards a Model of Accountability for Cloud Computing Services

This paper presents a model of accountability for cloud computing services, based on ongoing work as part of the A4Cloud project. We define a three-layer model of accountability as a general concept for data governance, distinguishing between accountability attributes, accountability practices, and accountability mechanisms and tools.

Read more in A4Cloud Publications.

StealthGuard: Proofs of Retrievability with Hidden Watchdogs

This paper presents StealthGuard, an efficient and provably secure proof of retrievabillity (POR) scheme. StealthGuard makes use of a privacy-preserving word search (WS) algorithm to search, as part of a POR query, for randomly-valued blocks called watchdogs that are inserted in the file before outsourcing. Thanks to the privacy-preserving features of the WS, neither the cloud provider nor a third party intruder can guess which watchdog is queried in each POR query. Similarly, the responses to POR queries are also obfuscated.

Pages