Enhanced Assurance About Cloud Service Provision Promises

Abstract : It is envisaged that in future cloud service providers will increasingly be using a Privacy Level Agreement (PLA) to disclose their data protection practices. This is essentially a self-assessment relating to data protection compliance. Many cloud customers may wish for greater ease in comparing PLAs from different providers, as well as increased assurance about what is being claimed. We tackle this issue by proposing: a standardised representation for PLAs that can be used in a number of ways, including automated comparison by software tools; an ontological approach that can be used as a basis for such automated analysis; a way of expressing evidence that supports statements made in the PLA. Evidence plays a core role when obtaining assurance and building trust, so we also present an ontology for evidence and show how the linkage between evidence elements and data protection aspects in PLAs can be realised through an ontology-aware tool prototype we have developed.
Document type :
Book sections
David Aspinall; Jan Camenisch; Marit Hansen; Simone Fischer-Hübner; Charles Raab. Privacy and Identity Management. Time for a Revolution? : 10th IFIP WG 9.2, 9.5, 9.6/11.7, 11.4, 11.6/SIG 9.2.2 International Summer School, Edinburgh, UK, August 16-21, 2015, Revised Selected Papers, AICT-476, Springer International Publishing, pp.220-238, 2016, IFIP Advances in Information and Communication Technology, 978-3-319-41762-2. 〈10.1007/978-3-319-41763-9_15〉
Liste complète des métadonnées

Cited literature [16 references]  Display  Hide  Download

https://hal.inria.fr/hal-01619733
Contributor : Hal Ifip <>
Submitted on : Thursday, October 19, 2017 - 4:08:30 PM
Last modification on : Thursday, December 28, 2017 - 11:31:00 AM
Document(s) archivé(s) le : Saturday, January 20, 2018 - 1:13:45 PM

File

 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2019-01-01

Please log in to resquest access to the document

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Michela D’errico, Siani Pearson. Enhanced Assurance About Cloud Service Provision Promises. David Aspinall; Jan Camenisch; Marit Hansen; Simone Fischer-Hübner; Charles Raab. Privacy and Identity Management. Time for a Revolution? : 10th IFIP WG 9.2, 9.5, 9.6/11.7, 11.4, 11.6/SIG 9.2.2 International Summer School, Edinburgh, UK, August 16-21, 2015, Revised Selected Papers, AICT-476, Springer International Publishing, pp.220-238, 2016, IFIP Advances in Information and Communication Technology, 978-3-319-41762-2. 〈10.1007/978-3-319-41763-9_15〉. 〈hal-01619733〉

Share

Metrics

Record views

193