Enhancing accountability in the cloud

M. Jaatun, S. Pearson, F. Gittler, Ronald Leenes, Maartje van der Zwet

Research output: Contribution to journalArticleScientificpeer-review

Abstract

This article focuses on the role of accountability within information management, particularly in cloud computing contexts. Key to this notion is that an accountable Cloud Provider must demonstrate both willingness and capacity for being a responsible steward of other people's data. More generally, the notion of accountability is defined as it applies to the cloud, and a conceptual model is presented related to the provision of accountability of cloud services. This allows a consideration of accountability at various different levels of abstraction, including the operationalisation of accountability. It is underpinned by fundamental requirements for strong accountability, which in particular are aimed at avoiding risks in the provision and verification of accounts (that include different types of accountability evidence and notifications, that may need to be provided to other cloud actors including data subjects, cloud customers and regulators). In addition, the article sketches what kind of tools, mechanisms and guidelines support this in practice, and discusses these in the light of the upcoming European Data Protection Regulation.
Original languageEnglish
Article number101498
JournalInternational Journal of Information Management
Volume53
Issue numberAugust 2020
DOIs
Publication statusPublished - 2020

Keywords

  • cloud computing
  • accountability
  • security
  • privacy

Fingerprint

Dive into the research topics of 'Enhancing accountability in the cloud'. Together they form a unique fingerprint.

Cite this