Jump to Navigation

 

Latest articles

Configuration Schemes for Modelling and Simulation as a Service Federations

Two types of modeling and simulation as service configuration problems are formally defined and their complexities are analyzed. Optimization and heuristic solutions for these configuration problems are introduced. The important engineering parameters related to the schemes and their scalability are also investigated.

Read more in A4Cloud Publications.

Bringing Accountability to the Cloud: Addressing Emerging Threats and Legal Perspectives

This paper is concerned with accountability in cloud ecosystems. The separation between data and data subjects as well as the exchange of data between cloud consumers and providers increases the complexity of data governance in cloud ecosystems, a problem which is exacerbated by emerging threats and vulnerabilities. This paper discusses how accountability addresses emerging issues and legal perspectives in cloud ecosystems. In particular, it introduces an accountability model tailored to the cloud.

On the Relationship between the Different Methods to Address Privacy Issues in the Cloud

In conjunction with regulation, information security technology is expected to play a critical role in enforcing the right for privacy and data protection. The role of security in privacy by design is discussed in this paper, as well as the relationship of these to accountability. The focus within these discussions is on technological methods to support privacy and data protection in cloud scenarios.

Cloud Audits and Privacy Risks

In cloud computing users are giving up control over resources such as storage. Lacking transparency of cloud services (e.g. data access and data lifecycle reports) is an important trust issue, that hinders a more wide-spread adoption of cloud computing. Giving the customer of cloud services more information about data usage, compliance test reports and accordance to best-practices make the cloud more transparent. Reporting about such verifications is the main objective of cloud audits and is performed by third party auditors (TPAs).

Formal Definitions for Usable Access Control Rule Sets From Goals to Metrics

Access control policies describe high level requirements for access control systems. Access control rule sets ideally translate these policies into a coherent and manageable collection of Allow/Deny rules. Designing rule sets that reflect desired policies is a difficult and time-consuming task. The result is that rule sets are difficult to understand and manage. The goal of this paper is to provide means for obtaining usable access control rule sets, which we define as rule sets that (i) reflect the access control policy and (ii) are easy to understand and manage.

Flexible Aspect-Based Service Adaptation for Accountability Properties in the Cloud

Accountability properties, i.e., security and privacy properties for trustworthy data stewardship, are becoming increasingly important for Cloud applications. Frequently, they have to be enforced on large-scale service-based applications. In this paper we argue that real-world service infrastructures are best modeled in terms of three abstraction levels and that (partially invasive) adaptations involving all levels are needed to handle accountability properties. We motivate these issues for the case of secure logging, a basic accountability property of Cloud applications.

Privacy Management and Accountability in Global Organisations

Organisations that operate in a global environment can be subject to potentially diverse and complex regulatory requirements. This paper explains some of the key issues that corporate governance faces related to privacy and some mechanisms for addressing these. 

Read more in A4Cloud Publications.

A Cross-Disciplinary Review of the Concept of Accountability - A Survey of the Literature

In this paper we discuss previous definitions of the concept of accountability from the literature. Accountability is a multidimensional, context dependent concept that is gaining interest as a means of addressing a number of data protection problems, including global legal uncertainty and lack of trust.

Read more in A4Cloud Publications.

Crime and Punishment in the Cloud - Accountability, Transparency, and Privacy

The goal of this work is to reason on the complexity of the relationship between three non-functional requirements in cloud computing; privacy, accountability, and transparency. We provide insights on the complexity of this relationship from the perspectives of end-users, cloud service providers, and third parties, such as auditors. We shed light on the real and perceived conflicts between privacy, transparency, and accountability, using a formal definition of transparency and an analysis on how well a privacy-preserving transparency-enhancing tool may assist in achieving accountability.

Evidence for Accountable Cloud Computing Services

Evidence that allows assurance of accountability services, verification of compliance with the principles of accountability by service providers and attribution of responsibility for breaches within the chain of accountability is essential. This paper denes how evidence may be required and proposes suitable ways of treating key accountability concepts. It shows the importance of verication and assurance, monitoring and auditing, and challanges of evidence in cloud computing. A discussion of logging and evicence gathering points complete the paper.

Pages