5.3.2 Adoption Patterns
This section introduces the concept of the adoption patterns of the A4Cloud Reference Architecture for the different cloud service models and cloud computing and data protection roles. This approach is inspired by the IBM handbook on the Cloud Computing Reference Architecture (CCRA) version 4.0
[70]
. As reflected there, an adoption pattern is “a collection of commonly observed functions and features that customers desire in their solution, where a customer starts to solve a specific business problem, typically driven by the same business motivation”. In IBM CCRA 4.0, the adoption patterns are solely driven by the adopted cloud service model that a specific cloud provider wants to adopt. In A4Cloud, the adoption pattern takes the form of guidance for the different actors in the cloud service provisioning chain in order to follow the accountability lifecycle and be accountable to their collaborating providers.
- The Accountable Cloud Customer and Controller (ACCC) Adoption Pattern: this pattern refers to cloud customers, who act as data controllers and regulate the type of data to be collected from data holders and the purpose for doing so.
- The Accountable Cloud Provider and Controller (ACPC) Adoption Pattern: this pattern refers to cloud providers, who act as data controllers and regulate the type of data to be collected from data holders and the purpose for doing so.
- The Accountable Cloud Provider and Processor (ACPP) Adoption Pattern: this pattern refers to cloud providers, who act as data processors.
- The Accountable Cloud Customer and Processor (ACCP) Adoption Pattern; this pattern refers to cloud customers, who act as data processors.
- The Cloud Subject Enabling (CSE) Adoption Pattern: this pattern refers to a set of guidelines, through which the cloud subjects could be benefit from the mechanisms being implemented by the cloud providers and offered by the cloud customers with respect to how they could track the disclosure of their personal data in the cloud environments and respond to perceived and/or reported incidents about the way that this data is handled in the cloud.
Such adoption patterns aim to address the principal question for the cloud actors about “how am I going to be accountable to my customers?”, while providing informed guidance to the data owners on how they can take control over the results and the impact of the data processing procedures followed by the cloud providers to their data that has been disclosed in the cloud service provisioning chain. In general, the A4Cloud Adoption Patterns should provide a roadmap for the adoption of the Accountability Framework in all the respective lifecycle phases. Each pattern should, then, instantiate these general principles for the case of each target stakeholder, by detailing on the following items:
- The security and privacy requirements that drive the definition and the specification of the intended cloud-based business;
- The actors that are involved and how they relate with the primary actor of the adoption pattern;
- The accountability use cases and the respective accountability functions for this pattern;
- The roadmap to adopt the Accountability lifecycle;
- The instantiation of the A4Cloud RA, highlighting the intended use of each A4Cloud tool and any external tools that serve application specific functions, making references to target AMM;
- The realization of the operational model for the A4Cloud components and the external tools and the respective information models.
In case of the instantiation of the RA, the adoption patterns describe the association of the accountability support services and the involved artifacts with the implementation of certain tool support functionalities to be addressed from the specific cloud computing and data protection roles. Thus, in Table 25, we analyse which are these functionalities that should be operated by each role, considering the use of software tools that should be accessible by the indicated roles and software tools running in the background that need to be deployed on the specific role machine to implement the respective accountability support service. This table does provide an exhaustive mapping of all the roles, since we skip the cloud carriers and brokers, who mainly act as data processors (and in some case as controllers), since they are seen in the same situation as for cloud providers.
Required functions |
Expected usage of tools for Cloud Subjects |
Addressing Accountability Support Service |
Involved Accountability Artifact or relevant object |
Cloud Subject Enabling (CSE) Adoption Pattern |
|||
Track personal data |
Tools to control the disclosure of personal data in the cloud |
Validation |
List of data disclosures from providers |
Receive and manage incidents |
Tools to allow the collection of violations from the cloud, against agreed data handling processes, and managing their severity level |
Notification and Validation |
Notification Reports, Ranked incidents |
Manage remedies |
Tools to suggest remediation, such as to complete and submit complaints form to a DPA, enforce the selected remediation/ redress actions |
Remediation |
List of data disclosures, Claims |
Support data integrity |
Tools for secure communication with Data Controller |
Validation |
Any type of artifact |
Accountable Cloud Customer and Controller (ACCC) Adoption Pattern |
|||
Select a cloud provider |
Tools to get a guided selection of a cloud provider, according to functional, security and privacy requirements |
Policy Definition and Validation |
Capabilities, Social and Regulatory Norms, SLAs, PLAs, Contracts |
Perform a DPIA |
Tools to assess the impact of the cloud provider selection on the data protection aspects, and get the requirements to follow specific privacy, security and functional steps |
Policy Definition and Validation |
Capabilities, Social and Regulatory Norms, SLAs, PLAs, Contracts. Certificates and Assessments |
Match policies to capabilities |
Tools to perform policy matching between abstract policy statements and preferences |
Policy Definition and Validation |
Capabilities, machine readable Policies |
Run audits |
Tools to perform internal and external auditing |
Validation |
Audit Reports, Evidence Records |
Manage incidents |
Tools to assess the type of the perceived and/or reported incidents and generate notification alerts |
Incident Management and Notification |
Notification Reports |
Accountable Cloud Customer and Processor (ACCP) Adoption Pattern |
|||
Enforce policies |
Tools to enforce accountability policies for the management of personal data |
Policy Management and Enforcement |
Machine readable Policies (including the personal data under consideration) |
Produce logs |
Tools to generate logs on the data handling processes with respect to data access, retention and integrity properties for monitoring and auditing purposes |
Monitoring and Environment State Collection |
Machine-generated Logs |
Create evidence |
Tools to collect and create evidence |
Collection and Management of Evidence |
Machine-generated Logs, Evidence Records |
Run audits |
Tools to perform internal and external auditing |
Validation |
Audit Reports, Evidence Records |
Securely store evidence |
Tools to securely store logs and evidence records |
Collection and Management of Evidence |
Machine-generated Logs, Evidence Records, machine readable Policies |
Create incidents |
Tools to raise incidents on an abnormal behaviour of the environment |
Incident Management |
Notification Reports |
Manage incidents |
Tools to assess the type of the perceived and/or reported incidents and generate notification alerts |
Incident Management and Notification |
Notification Reports |
Accountable Cloud Provider and Controller (ACPC) Adoption Pattern |
|||
Select a cloud provider |
Tools to get a guided selection of a cloud provider, according to functional, security and privacy requirements |
Policy Definition and Validation
|
Capabilities, Social and Regulatory Norms, SLAs, PLAs, Contracts |
Perform a DPIA |
Tools to assess the impact of the cloud provider selection on the data protection aspects, and get the requirements to follow specific privacy, security and functional steps |
Policy Definition and Validation
|
Capabilities, Social and Regulatory Norms, SLAs, PLAs, Contracts. Certificates and Assessments |
Match policies to capabilities | Tools to perform policy matching between abstract policy statements and preferences
|
Policy Definition and Validation |
Capabilities, machine readable Policies |
Develop policies |
Tools to create accountability policies |
Policy Definition and Validation |
Capabilities, Social and Regulatory Norms, SLAs, PLAs, Contracts, machine readable Policies |
Enforce policies |
Tools to enforce accountability policies for the management of personal data |
Policy Management and Enforcement |
Machine readable Policies (including the personal data under consideration) |
Produce logs |
Tools to generate logs on the data handling processes with respect to data access, retention, transfer and integrity properties for monitoring and auditing purposes |
Monitoring and Environment State Collection |
Machine-generated Logs |
Collect evidence |
Tools to collect and create evidence |
Collection and Management of Evidence |
Machine-generated Logs, Evidence Records |
Run audits |
Tools to perform internal and external auditing |
Validation |
Audit Reports, Evidence Records |
Create incidents |
Tools to raise incidents on an abnormal behaviour of the environment |
Incident Management |
Notification Reports |
Manage incidents |
Tools to assess the type of the perceived and/or reported incidents and generate notification alerts |
Incident Management and Notification |
Notification Reports |
Securely store evidence |
Tools to securely store logs and evidence records |
Collection and Management of Evidence |
Machine-generated Logs, Evidence Records, machine readable Policies |
Support data integrity |
Tools for secure communication with Data Controller |
Validation |
Any type of artifact |
Validate functions |
Tools to validate the proper implementation of the accountability support services |
Validation |
Any type of artifact |
Accountable Cloud Provider and Processor (ACPP) Adoption Pattern |
|||
Enforce policies |
Tools to enforce accountability policies for the management of personal data |
Policy Management and Enforcement |
Machine readable Policies (including the personal data under consideration)
|
Produce logs
|
Tools to generate logs on the data handling processes with respect to data access, retention, transfer and integrity properties for monitoring and auditing purposes
|
Monitoring and Environment State Collection
|
Machine-generated Logs |
Collect evidence |
Tools to collect and create evidence |
Collection and Management of Evidence |
Machine-generated Logs, Evidence Records |
Run audits |
Tools to perform internal and external auditing |
Validation |
Audit Reports, Evidence Records |
Create incidents |
Tools to raise incidents on an abnormal behaviour of the environment |
Incident Management |
Notification Reports |
Manage incidents |
Tools to assess the type of the perceived and/or reported incidents and generate notification alerts |
Incident Management and Notification |
Notification Reports |
Securely store evidence |
Tools to securely store logs and evidence records |
Collection and Management of Evidence |
Machine-generated Logs, Evidence Records, machine readable Policies |
Validate functions |
Tools to validate the proper implementation of the accountability support services |
Validation |
Any type of artifact |
Table 25: An example depiction of the adoption patterns for the instantiation of the Cloud Accountability Reference Architecture.
The adoption of one of the patterns from a business actor strongly depends on the role that this actor plays in the context of a business scenario. The further analysis of the required functionalities and their implementation details through ICT tools is provided in a separate document, which describes the A4Cloud toolset.
Download the preliminary release of the Cloud Accountability Reference Architecture and the relevant A4Cloud Toolkit.