Enhancing accountability in the cloud |
| |
| Institution: | 1. SINTEF ICT, NO-7465 Trondheim, Norway;2. HP Labs, Bristol, UK;3. Tilburg University, The Netherlands;1. GRIAGES, Catholic University of Central Africa, BP 11628 Yaoundé, Cameroon;2. Toulouse Business School, Dep. of Information, Operations and Management Sciences, 1 Place Alphonse Jourdain, 31068 Toulouse, France;1. School of Communication & Information, Nanyang Technological University, Republic of Singapore;2. UC Business School, University of Canterbury, Christchurch, New Zealand;1. UniSA STEM, University of South Australia, Australia;2. Experience Matters, Australia |
| |
| Abstract: | This article focuses on the role of accountability within information management, particularly in cloud computing contexts. Key to this notion is that an accountable Cloud Provider must demonstrate both willingness and capacity for being a responsible steward of other people's data. More generally, the notion of accountability is defined as it applies to the cloud, and a conceptual model is presented related to the provision of accountability of cloud services. This allows a consideration of accountability at various different levels of abstraction, including the operationalisation of accountability. It is underpinned by fundamental requirements for strong accountability, which in particular are aimed at avoiding risks in the provision and verification of accounts (that include different types of accountability evidence and notifications, that may need to be provided to other cloud actors including data subjects, cloud customers and regulators). In addition, the article sketches what kind of tools, mechanisms and guidelines support this in practice, and discusses these in the light of the upcoming European Data Protection Regulation. |
| |
| Keywords: | Cloud computing Accountability Security Privacy |
| 本文献已被 ScienceDirect 等数据库收录! |
|
