Ecole d'ingénieur et centre de recherche en Sciences du numérique

A-PPL: An accountability policy language

Azraoui, Monir; Elkhiyaoui, Kaoutar; Önen, Melek; Bernsmed, Karin; Santana De Oliveira, Anderson; Sendor, Jakub

DPM 2014, 9th International Workshop on Data Privacy Management, September 10, 2014, Wroclaw, Poland

Cloud Computing raises various security and privacy challenges due to the customers' inherent lack of control over their outsourced data. One approach to encourage customers to take advantage of the cloud is the design of new accountability solutions which improve the degree of transparency with respect to data processing. In this paper, we focus on accountability policies and propose A-PPL, an accountability policy language that represents machine-readable accountability policies. A-PPL extends the PPL language by allowing customers to define additional rules on data retention, data location, logging and notification. The use of A-PPL is illustrated with a use case where medical sensors collect personal data which are then stored and processed in the cloud. We define accountability obligations related to this use case and translate them into A-PPL policies as a proof of concept of our proposal.

Document Doi Bibtex

Titre:A-PPL: An accountability policy language
Type:Conférence
Langue:English
Ville:Wroclaw
Pays:POLOGNE
Date:
Département:Sécurité numérique
Eurecom ref:4381
Copyright: © Springer. Personal use of this material is permitted. The definitive version of this paper was published in DPM 2014, 9th International Workshop on Data Privacy Management, September 10, 2014, Wroclaw, Poland and is available at : http://dx.doi.org/10.1007/978-3-319-17016-9_21
Bibtex: @inproceedings{EURECOM+4381, doi = {http://dx.doi.org/10.1007/978-3-319-17016-9_21}, year = {2014}, title = {{A}-{PPL}: {A}n accountability policy language}, author = {{A}zraoui, {M}onir and {E}lkhiyaoui, {K}aoutar and {\"{O}}nen, {M}elek and {B}ernsmed, {K}arin and {S}antana {D}e {O}liveira, {A}nderson and {S}endor, {J}akub}, booktitle = {{DPM} 2014, 9th {I}nternational {W}orkshop on {D}ata {P}rivacy {M}anagement, {S}eptember 10, 2014, {W}roclaw, {P}oland }, address = {{W}roclaw, {POLOGNE}}, month = {09}, url = {http://www.eurecom.fr/publication/4381} }
Voir aussi: