Control as a Means towards Accountable Services in the Cloud
Accountability provides the necessary assurance to different stakeholders (customers, auditors, regulators) about the correct execution of the obligations of each party involved in a cloud service. It requires rigorous orchestration of several security mechanisms across services, such as authentication, authorisation, logging, etc. In this paper we advocate that providing control to cloud consumers mitigates a series of risks related to the correct data handling in the cloud. We focus on the specific case of privacy enforcement in cloud platform as a service, to illustrate how a future and more general approach for policy enforcement can provide better accountability in the cloud.
Lotz V., Santana de Oliveira A., Sendor J., “Control as a Means towards Accountable Services in the Cloud”, Special issue: 2nd International Symposium on Secure Virtual Infrastructures, International Journal of Computer Systems Science and Engineering, Volume 28 Number 6, November 2013.