Graduate School and Research Center in Digital Sciences

A-PPL: An accountability policy language

Azraoui, Monir; Elkhiyaoui, Kaoutar; Önen, Melek; Bernsmed, Karin; Santana de Oliveira, Anderson; Sendor, Jakub

Research Report RR-14-294

The inherent lack of control of users over their data raises various security and privacy challenges in Cloud Computing. One approach to encourage customers to take advantage of the Cloud is the design of new accountability solutions which aid and enable customers to control and be informed on how their data is processed. In this paper, we focus on accountability policies and propose A-PPL, an accountability policy language that represents machinereadable accountability policies. A-PPL policies provide cloud customers and cloud end-users with a way to express accountable obligations in order to automate their enforcement. Our work also describes a use case where medical sensors collect personal data which are then stored and processed in the cloud. We define the accountability obligations related to this use case and translate them into A-PPL policies as a proof of concept of our proposal.

Document Bibtex

Title:A-PPL: An accountability policy language
Keywords:Cloud Computing, Accountability, Policy Language and Enforcement
Department:Digital Security
Eurecom ref:4372
Copyright: © EURECOM. Personal use of this material is permitted. The definitive version of this paper was published in Research Report RR-14-294 and is available at :
Bibtex: @techreport{EURECOM+4372, year = {2014}, title = {{A}-{PPL}: {A}n accountability policy language}, author = {{A}zraoui, {M}onir and {E}lkhiyaoui, {K}aoutar and {\"{O}}nen, {M}elek and {B}ernsmed, {K}arin and {S}antana de {O}liveira, {A}nderson and {S}endor, {J}akub}, number = {EURECOM+4372}, month = {08}, institution = {Eurecom}, url = {},, }
See also: