Jump to Navigation

 

7 References

 

[1]

S. Pearson, M. Felici and et al., WP-32 Conceptual Framework, A4Cloud project, 2014.

[2]

J. Luna and D. Cattedu, Report on A4Cloud contribution to standards, A4Cloud project, 2014.

[3]

A. Pannetrat and et al, The interoperability of A4Cloud Framework, A4cloud project, 2014.

[4]

ISO/IEC/IEEE, ISO/IEC/IEEE 29119 Software and systems engineering - Software testing, 2013.

[5]

F. Liu and et al, NIST Cloud Computing Reference Architecture, NIST Special Publication 500-292, 2011.

[6]

P. Mell and T. Grance, The NIST Definition of Cloud Computing, NIST Special Publication 800-145, 2011.

[7]

Cloud Security Alliance (CSA), CSA Security, Trust & Assurance Registry (STAR), [Online]. Available: https://cloudsecurityalliance.org/star/.

[8]

CIPL - Galway Project, Data Protection Accountability: The Essential Elements, 2009.

[9]

Office of the Information and Privacy Commissioner of Alberta; Office of the Privacy Commissioner of Canada; Office of the Information and Privacy Commissioner for British Colombia, Getting Accountability Right with a Privacy, 2012.

[10]

European Commission, Proposal for a regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), 2012.

[11]

CNIL, Recommendationds for companies planning to use cloud services, 2012.

[12]

Information Commissioner's Office, Guidance on the use of cloud computing, 2012.

[13]

Nymity Inc., Privacy Management Accountability Framework, 2014.

[14]

IT Governance Institute, COBIT: Control Objectives for Information and related Technology, 2000.

[15]

ISO/IEC, ISO/IEC 27001:2013: Information technology Security techniques Information security management systems Requirements, 2013.

[16]

J. De Clerq and et al, The HP Security Handbook, Hewlett Packard, 2008.

[17]

ISO/IEC, ISO/IEC 27001:2013: Information technology Security techniques Code of practice for information security controls, 2013.

[18]

Cloud Security Alliance (CSA), Cloud Controls Matrix, 2014.

[19]

H. Bergsteiner and G. Avery, “Responsibility And Accountability: Towards An Integrative Process Model,” 2011.

[20]

UK Information Commissioner's Office, Guidance on the use of cloud computing, 2012.

[21]

M. M.-G. S. R. Simon Dorst, Who is the King of SIAM?, AXELOS, 2015.

[22]

CIPL Paris Project, Demonstrating and measuring accountability: a discussion document, 2010.

[23]

C. Bennett, “Implementing privacy codes of practice,” Canadian Standards Association, 1995.

[24]

D. A. H. B.-L. T. F. J. H. J. &. S. G. Weitzner, Information accountability, Communications of ACM 51(6), no. June 2008, pp. 82-87, 2008.

[25]

C. Bennett, The Accountability Approach to Privacy and Data Protection: Assumptions and Caveats, in In Managing Privacy through Accountability, D. G. e. al., Ed., MacMillan, 2012, pp. 33-48.

[26]

European DG of Justice (Article 29 Working Party), Opinion 3/2010 on the Principle of Accountability (WP 173), 2010.

[27]

S. Bradshaw, C. Millard and I. Walden, Standard Contracts for Cloud, in Cloud Computing Law, C. Millard, Ed., Oxford OUP, p. 37-72.

[28]

K. W. Hon, C. Millard and I. Walden, Negotiated Contracts for Cloud, in Cloud Computing Law, C. Millard, Ed., Oxford OUP, 2013, pp. 73-107, 2013.

[29]

C. Raab, The Meaning of Accountability in the Information Privacy Context, in Managing Privacy through Accountability, D. e. a. Guagnin, Ed., MacMillan, 2012, pp. 15-32, 2012

[30]

Hunton & Williams LLP, Data Protection Accountability: The Essential Elements a Document for Discussion, 2009.

[31]

K. Bernsmed and e. al., D:B-3.2 Consolidated use case report, A4Cloud Project, 2014.

[32]

European DG of Justice (Article 29 Working Party), Binding Corporate Rules, [Online]. Available: http://ec.europa.eu/justice/data-protection/document/international-trans....

[33]

E. Kosta and e. al., MS:D-4.1 Internal report on legal analysis relating to redress mechanisms and remediation, A4Cloud Project, 2014.

[34]

European Commission, joint communication to the European Parliament, the council, the European Economic and Social Committee and the Committee of the Regions, Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace, Brussels, 7.2.2013.

[35]

European Commission, Proposal for a Directive Of The European Parliament and of the Council concerning measures to ensure a high common level of network and information security across the Union, Brussels, 7.2.2013.

[36]

European Parliament, Legislative resolution of 13 March 2014 on the proposal for a directive of the European Parliament and of the Council concerning measures to ensure a high common level of network and information security across the Union, 2013.

[37]

Software Engineering Institute (SEI), CMMI for development: Improving processes for developing products and services., 2010.

[38]

NIST Public RATAX WG, Cloud Computing: Cloud Service Metrics Description, 2014.

[39]

ISO/IEC, Information Technology Security techniques Information Security Management Measurement, 2009.

[40]

NIST, NIST Cloud Computing Security Reference Architecture, 2013.

[41]

A. Taha, R. Trapero, J. Luna and N. Suri, AHP-Based Quantitative Approach for Assessing and Comparing Cloud Security, in IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 2014.

[42]

J. Luna, R. Langenberg and N. Suri, Benchmarking Cloud Security Level Agreements Using Quantitative Policy Trees, in ACM Cloud Computing Security Workshop, 2012.

[43]

W. Benghabrit and et al, A cloud accountability policy representation framework, A4Cloud project, 2014.

[44]

W. Benghabrit and et al, Abstract Accountability Language, in 8th IFIP WG 11.11 International Conference on Trust Management, Singapore, 2014.

[45]

S. Trabelsi and et al, PPL: PrimeLife Privacy Policy Engine, in IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), Pisa, 2011.

[46]

M. Azraoui and et al, A-PPL: An Accountability Policy Language for Cloud Computing, in DPM / SETOP, Wroclaw (Poland), 2014.

[47]

T. Wlodarczyk and et al, D:C-8.1 Framework of Evidence, A4Cloud project, 2014.

[48]

OpenStack: Open source cloud computing software, [Online]. Available: https://www.openstack.org/.

[49]

K. Bernsmed and et al., MSB-3.1 Use Case Descriptions, A4Cloud project, 2014.

[50]

P. Krutchen, The Rational Unified Process: An Introduction, Reading : Addison-Wesley, 2000.

[51]

V. Tountopoulos and et al, Architecture guidelines and principles (internal report), A4Cloud project, 2013.

[52]

T. Pulls and et al, Distributed privacy-preserving transparency logging, in Proceedings of the 12th annual {ACM} Workshop on Privacy in the Electronic Society, Berlin, Germany, 2013.

[53]

European Commission, Proposed Directive on Network and Information Security frequently asked questions, Brussels, 7.2.2013.

[54]

Ponemon Institute LLC, 2011 Cost of Data Breach Study, March 2012.

[55]

PwC U.K., Information security breaches survey, 2012.

[56]

European Commission, EU Cybersecurity plan to protect open internet and online freedom and opportunity, Brussels, 2013.

[57]

Council of the European Union, Proposal for a Directive of the European Parliament and of the Council concerning measures to ensure a high common level of network and information security across the Union progress report, Brussels, 22.5.2014.

[58]

Council of the European Union, 3318th Council meeting. Transport, Telecommunications and Energy, Luxembourg, 5/6.6.2014.