Enhancing accountability in the cloud

M. Jaatun, S. Pearson, F. Gittler, Ronald Leenes, Maartje van der Zwet

Research output: Contribution to journalArticleScientificpeer-review

Abstract

This article focuses on the role of accountability within information management, particularly in cloud computing contexts. Key to this notion is that an accountable Cloud Provider must demonstrate both willingness and capacity for being a responsible steward of other people's data. More generally, the notion of accountability is defined as it applies to the cloud, and a conceptual model is presented related to the provision of accountability of cloud services. This allows a consideration of accountability at various different levels of abstraction, including the operationalisation of accountability. It is underpinned by fundamental requirements for strong accountability, which in particular are aimed at avoiding risks in the provision and verification of accounts (that include different types of accountability evidence and notifications, that may need to be provided to other cloud actors including data subjects, cloud customers and regulators). In addition, the article sketches what kind of tools, mechanisms and guidelines support this in practice, and discusses these in the light of the upcoming European Data Protection Regulation.
Original languageEnglish
JournalInternational Journal of Information Management
DOIs
Publication statusE-pub ahead of print - 24 May 2016

Keywords

  • cloud computing
  • accountability
  • security
  • privacy

Fingerprint Dive into the research topics of 'Enhancing accountability in the cloud'. Together they form a unique fingerprint.

  • Cite this