Accountability for Cloud and other Future Internet Services



Similar documents
Accountability Model for Cloud Governance

The problem of cloud data governance

Accountability in Cloud Computing An Introduction to the Issues, Approaches, and Tools

Towards a Model of Accountability for Cloud Computing Services

Microsoft Pty Ltd. Australian Financial System Inquiry: Response to request for further submissions

Guidance notes and templates for Project Technical Review involving Independent Expert(s)

EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics

The NREN cloud strategy should be aligned with the European and national policies, but also with the strategies of the member institutions.

COMMISSION STAFF WORKING DOCUMENT. Report on the Implementation of the Communication 'Unleashing the Potential of Cloud Computing in Europe'

Business Plan

SCHEDULE 8 Generalist Project Services Framework 2015

EXECUTIVE SUMMARY. Cloud Pilot Project - Final Report

ARTEMIS-ED Guidance notes and templates for Project Technical Review involving independent expert(s)

Council of the European Union Brussels, 4 July 2014 (OR. en) Mr Uwe CORSEPIUS, Secretary-General of the Council of the European Union

PRIME Privacy and Identity Management for Europe Vision Objectives First Results

Procurement Transformation: Towards Sourcing & Procurement Excellence

COMMISSION OF THE EUROPEAN COMMUNITIES COMMISSION RECOMMENDATION

Information governance in the Department of Health and the NHS

Securing Information in an Outsourcing Environment (Guidance for Critical Infrastructure Providers) Executive Overview Supplement.

Operations. Group Standard. Business Operations process forms the core of all our business activities

Cloud Computing: Legal Risks and Best Practices

BANK OF RUSSIA RECOMMENDATIONS ON STANDARDISATION MAINTENANCE OF INFORMATION SECURITY OF THE RUSSIAN BANKING SYSTEM ORGANISATIONS

Deliverable A comprehensive and standardised e-infrastructure for analysing medical metabolic phenotype data

National Cyber Security Policy -2013

EXPLORING THE CAVERN OF DATA GOVERNANCE

Statement of Procurement Conduct

AN INSIDE VIEW FROM THE EU EXPERT GROUP ON CLOUD COMPUTING

COMMUNICATIONS ALLIANCE LTD

ISO/IEC Safeguarding Personal Information in the Cloud. Whitepaper

Microsoft appreciates the opportunity to respond to the Cloud Computing Consumer Protocol: ACS Discussion Paper July 2013 (the protocol).

The Cadence Partnership Service Definition

Corporate governance report and corporate governance declaration

RECOMMENDATIONS COMMISSION

ESKITP Manage IT service delivery performance metrics

Public consultation on the contractual public-private partnership on cybersecurity and possible accompanying measures

Supplier Assurance Framework Good Practice Guide

e-infrastructures in Horizon 2020 Vision, approach, drivers, policy background, challenges, WP structure INFODAY France Paris, 25 mars 2014

JA to support the ehealth Network

COMMISSION OF THE EUROPEAN COMMUNITIES COMMISSION RECOMMENDATION. of

Personal data and cloud computing, the cloud now has a standard. by Luca Bolognini

Privacy and Accountability in the Cloud Session 2

John A Manzoni Chief Executive of the Civil Service. chief.executive@cabinetoffice.gov.uk

RECORD AND INFORMATION MANAGEMENT FRAMEWORK FOR ONTARIO SCHOOL BOARDS/AUTHORITIES

Argyll and Bute Council. Information Management Strategy

Cloud computing Alessandro Galtieri Pavel Klimov Severin Loeffler

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS PRINCIPLES FOR THE CONDUCT OF INSURANCE BUSINESS

NSW Government Digital Information Security Policy

have adequate policies and practices for secure data disposal have not established a formal 22% risk management program

Towards Accountability in the Cloud

Network Rail Infrastructure Projects Joint Relationship Management Plan

Transition Guidelines: Managing legacy data and information. November 2013 v.1.0

Capabilities, Sample Use Cases, Case Studies

IT Professional Standards. Information Security Discipline. Sub-discipline 605 Information Security Testing and Information Assurance Methodologies

Deliverable 6.4 Future Internet Initiatives Year 1

OPEN INTERNATIONAL MARKETS INCREASE MARKET CONFIDENCE CREATE COMPETITIVE ADVANTAGE A PLATFORM FOR INNOVATION

Cloud Governance is more than Security. Cloud Law or Legal Cloud?

Cloud and surveillance

1 Executive Summary Physical deliverability of the plan Commercial deliverability 3. 2 Confidentiality note 6

The Case for Cloud Service Trustmarks and Assurance-as-a-Service

Guideline 1. Cloud Computing Decision Making. Public Record Office Victoria Cloud Computing Policy. Version Number: 1.0. Issue Date: 26/06/2013

The Winnipeg Foundation Privacy Policy

Governance and Assurance the Project Profession perspective

The Business Case for Information Security. White Paper

How To Reduce Cost Of A Project

RISK MANAGEMENT AND COMPLIANCE

Contract Management The Mavericks Won t Like This!

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 114 thereof,

Assist Members in developing their own national arrangements through being able to draw on and hence benefit from the experience of other members;

Rate Regulation Mechanisms for Cable and MMDS Television Operators

Information and technology for better care. Health and Social Care Information Centre Strategy

ESKITP Assist in the preparation of change management plans and assignments for IT enabled systems 1

Resolution on Consumer Protection in Cloud Computing

ESKITP Identify change management opportunities and options for IT enabled systems 1

Cloud Computing Security Considerations

Ceridian International Payroll Services Our KnowHow, Your Success. Ceridian Corporation. All rights reserved.

Silvia Grandi ADRION Managing Authority Start-up team Coordinator

Acquia Comments on EU Recommendations for Data Processing in the Cloud

Procurement Innovation for Cloud Services in Europe - PICSE

Information Governance Strategy & Policy

H2020-EUJ-2016: EU-Japan Joint Call. EUJ : IoT/Cloud/Big Data platforms in social application contexts

Scheduling and Review of Project Activities

REHABILITATION MANAGEMENT SYSTEM AUDIT TOOL

State Records Guideline No 25. Managing Information Risk

The Use of Cloud Computing for the Storing and Accessing of Client Information: Some Practical and Ethical Considerations

IT/ITES - hosting & managed services

Monitoring capital projects and addressing signs of trouble

Confident in our Future, Risk Management Policy Statement and Strategy

Cloud Security Trust Cisco to Protect Your Data

POSITION DESCRIPTION

FINRA Publishes its 2015 Report on Cybersecurity Practices

WFEO Model Code of Practice for Sustainable Development and Environmental Stewardship

Corporate Data Quality Policy

ICT 6: Cloud computing

Global Efforts to Secure Cloud Computing

(a) the kind of data and the harm that could result if any of those things should occur;

Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015

Cloud security: A matter of trust? Dr Mark Ian Williams CEO, Muon Consulting

Main Themes. Speakers Include: include. Event Agenda - Day One

Data Governance Implementation

ARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION.

Transcription:

Accountability for Cloud and other Future Internet Services The A4Cloud project Julie Grady Nick Wainwright

The Challenge

Drivers for an accountability-based approach Increase trust and assurance Allow more dynamism Decrease regulatory complexity Provide effective data governance and control in cloud-based IT Accountability-based approaches for trust and security

Defining Accountability Accountability consists of explaining one's actions, justifying those actions and remedying any failure to act properly Accountability concerns data stewardship regimes in which organizations that are entrusted with personal and confidential data are responsible and liable for processing, sharing, storing and otherwise using the data according to contractual and legal requirements from the time it is collected until when the data is destroyed (including onward transfer to and from third parties).

Increasing consumer and business confidence

The realm of accountability research Inter-disciplinary approach for co-designing Accountability

The Cloud Accountability Community Accountability Stakeholders

Our deliverables The Accountability Framework

Accountability Framework Input

Stimulating uptake and interest Demonstrating visible presence & leadership by partners Publishing requirements, concepts and approaches early in the project Targeting communities of interest and identifying early adopters Engaging in standardisation during the project lifetime Publishing guidelines and practices for cloud providers and users to use Reference implementations and pilot services

Make all stakeholders accountable for the use of data in the cloud Shift the balance of power in the relationship between providers and users of cloud services Scale of economics on bringing data intensive services to the market Uptake on new added value services Novel accountability services businesses on the way Raising societal and economic impact Independent initiative for accountability in cloud services

Realising the benefits For cloud service users Control and transparency over how their data is used Help in assessing trustworthiness of CSPs Support in obtaining redress For service providers Techniques to make services more trustworthy Ways to satisfy business policies and demonstrate compliance Allowing differentiation For regulators/auditors: Assurance about compliance with policies and regulations

Who we are Industry Partners Cloud Community & Standardisation Coordinated by: Research Institutes R&D in technical, legal and socio-economic aspects of Accountability

Project Details Collaborative Project under Call 8 of the 7th Framework Programme of the European Commission DG.CONNECT Unit H4: Trust & Security Project Start Date: 1st October, 2012 Project Duration: 42 months Stay tuned - www.a4cloud.eu

Thank You.

Protecting Personal Data Evidence Tracking and Policy auditing redress reports Monitoring and Data references analysis Actual Data Notifications Correction Detective mechanisms Corrective mechanisms

Respecting Confidential Information

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information