Abstract Accountability Language

Abstract : Usual preventive security mechanisms are not adequate for a world where personal data can be exchanged on-line between different parties and/or stored at multiple jurisdictions. Accountability becomes a necessary principle for future computer systems. This is specially critical for the cloud and Web applications that collect personal and sensitive data from end users. Accountability regards the responsibility and liability (including other attributes) for the data handling performed by a computer system on behalf of an organisation. In case of misconduct (e.g. security breaches, personal data leak, etc.), accountability should imply in remediation and redress actions, as in the real life. Contrary to data privacy, which is already supported by several concrete languages, there is currently no language supporting accountability obligations representation. In this work, we provide an abstract language for accountability obligations representation. We analyze two use cases to illustrate the efficiency of our approach in representing accountability obligations in realistic situations.
Type de document :
Communication dans un congrès
IFIPTM - 8th IFIP WG 11.11 International Conference on Trust Management, Jul 2014, Singapore, Singapore. 430, pp.229--236, 2014, Trust Management - 8th 11.11 International Conference
Liste complète des métadonnées

https://hal.inria.fr/hal-00973399
Contributeur : Walid Benghabrit <>
Soumis le : vendredi 4 avril 2014 - 10:52:17
Dernière modification le : vendredi 22 juin 2018 - 09:28:56

Identifiants

  • HAL Id : hal-00973399, version 1

Citation

Walid Benghabrit, Hervé Grall, Jean-Claude Royer, Mohamed Sellami, Karin Bernsmed, et al.. Abstract Accountability Language. IFIPTM - 8th IFIP WG 11.11 International Conference on Trust Management, Jul 2014, Singapore, Singapore. 430, pp.229--236, 2014, Trust Management - 8th 11.11 International Conference. 〈hal-00973399〉

Partager

Métriques

Consultations de la notice

351