Information Flow Audit for Transparency and Compliance in the Handling of Personal Data
Accepted version
Peer-reviewed
Repository URI
Repository DOI
Change log
Authors
Pasquier, Thomas FJ-M
Eyers, David
Abstract
The adoption of cloud computing is increasing and its use is becoming widespread in many sectors. As the proportion of services provided using cloud computing increases, legal and regulatory issues are becoming more significant. In this paper we explore how an Information Flow Audit (IFA) mechanism, that provides key data regarding provenance, can be used to verify compliance with regulatory and contractual duty, and survey potential extensions. We explore the use of IFA for such a purpose through a smart electricity metering use case derived from a French Data Protection Agency recommendation.
Description
This is the author accepted manuscript. The final version is available from IEEE via http://dx.doi.org/10.1109/IC2EW.2016.29
Keywords
46 Information and Computing Sciences, 4604 Cybersecurity and Privacy
Journal Title
2016 IEEE International Conference on Cloud Engineering Workshop (IC2EW)
Conference Name
Journal ISSN
Volume Title
Publisher
IEEE
Publisher DOI
Rights
Sponsorship
This work was supported by UK Engineering and Physical Sciences Research Council grant EP/K011510 CloudSafetyNet: End-to-End Application Security in the Cloud. We acknowledge the support of Microsoft through the Microsoft Cloud Computing Research Centre.