Ecole d'ingénieur et centre de recherche en Sciences du numérique

From regulatory obligations to enforceable accountability policies in the Cloud

Benghabrit, Walid; Grall, Hervé; Royer, Jean-Claude; Sellami, Mohamed; Azraoui, Monir; Elkhiyaoui, Kaoutar; Önen, Melek; Oliveira de Anderson, Santana; Bernsmed, Karin

Book Chapter in "Cloud Computing and Services Sciences", Springer International Publishing Switzerland, 2015, ISBN: 978-3-319-25414-2 / Also published in International Conference and Services Sciences, CLOSER 2014, April 3-5, 2014, Barcelona, Spain

The widespread adoption of the cloud model for service delivery triggered several data protection issues. As a matter of fact, the proper delivery of these services typically involves sharing of personal/business data between the different parties involved in the service provisioning. In order to increase cloud consumer's trust, there must be guarantees on the fair use of their data. Accountability provides the necessary assurance about the data governance practices to the different stakeholders involved in a cloud service chain. In this context, we propose a framework for the representation of accountability policies. Such policies offer to end-users a clear view of the privacy and accountability clauses asserted by the entities they interact with, as well as means to represent their preferences. Our framework offers two accountability policy languages: (i) an abstract language called AAL devoted for the representation of preferences/clauses in an human readable fashion, and (ii) a concrete one for the implementation of enforceable policies.

Doi Hal Bibtex

Titre:From regulatory obligations to enforceable accountability policies in the Cloud
Type:Conférence / Ouvrage
Langue:English
Ville:
Date:
Département:Sécurité numérique
Eurecom ref:4719
Copyright: © Springer. Personal use of this material is permitted. The definitive version of this paper was published in Book Chapter in "Cloud Computing and Services Sciences", Springer International Publishing Switzerland, 2015, ISBN: 978-3-319-25414-2 / Also published in International Conference and Services Sciences, CLOSER 2014, April 3-5, 2014, Barcelona, Spain and is available at : http://dx.doi.org/10.1007/978-3-319-25414-2_9
Bibtex: @book{EURECOM+4719, doi = {http://dx.doi.org/10.1007/978-3-319-25414-2_9}, year = {2015}, title = {{F}rom regulatory obligations to enforceable accountability policies in the {C}loud }, author = {{B}enghabrit, {W}alid and {G}rall, {H}erv{\'e} and {R}oyer, {J}ean-{C}laude and {S}ellami, {M}ohamed and {A}zraoui, {M}onir and {E}lkhiyaoui, {K}aoutar and {\"{O}}nen, {M}elek and {O}liveira de {A}nderson, {S}antana and {B}ernsmed, {K}arin}, publisher = {{B}ook {C}hapter in "{C}loud {C}omputing and {S}ervices {S}ciences", {S}pringer {I}nternational {P}ublishing {S}witzerland, 2015, {ISBN}: 978-3-319-25414-2 / {A}lso published in {I}nternational {C}onference and {S}ervices {S}ciences, {CLOSER} 2014, {A}pril 3-5, 2014, {B}arcelona, {S}pain}, month = {12}, url = {http://www.eurecom.fr/publication/4719} }
Voir aussi: