Abstract Accountability Language
| Autor: | Mohamed Sellami, Jean-Claude Royer, Anderson Santana de Oliveira, Karin Bernsmed, Walid Benghabrit, Hervé Grall |
|---|---|
| Přispěvatelé: | Laboratoire d'Informatique de Nantes Atlantique (LINA), Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN), Aspect and composition languages (ASCOLA), Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Département informatique - EMN, Mines Nantes (Mines Nantes)-Inria Rennes – Bretagne Atlantique, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), Information and Communication Technology [Oslo] (SINTEF - ICT), Stiftelsen for INdustriell og TEknisk Forskning Digital [Trondheim] (SINTEF Digital), SAP Research [Sophia Antipolis], SAP Research, Mines Nantes (Mines Nantes), SAP Labs France, Jianying Zhou, Nurit Gal-Oz, Jie Zhang, Ehud Gudes, TC 11, WG 11.11, Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS), Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS)-Département informatique - EMN |
| Jazyk: | angličtina |
| Rok vydání: | 2014 |
| Předmět: |
Information privacy
Computer science business.industry End user Redress Access control 02 engineering and technology [INFO.INFO-SE]Computer Science [cs]/Software Engineering [cs.SE] Computer security computer.software_genre Semantics Misconduct 020204 information systems Accountability ACM: D.: Software/D.2: SOFTWARE ENGINEERING 0202 electrical engineering electronic engineering information engineering Web application [INFO]Computer Science [cs] 020201 artificial intelligence & image processing business computer |
| Zdroj: | IFIPTM-8th IFIP WG 11.11 International Conference on Trust Management IFIPTM-8th IFIP WG 11.11 International Conference on Trust Management, Jul 2014, Singapore, Singapore. pp.229--236 IFIP Advances in Information and Communication Technology ISBN: 9783662438121 IFIPTM IFIP Advances in Information and Communication Technology 8th IFIP International Conference on Trust Management (IFIPTM) 8th IFIP International Conference on Trust Management (IFIPTM), Jul 2014, Singapore, Singapore. pp.229-236, ⟨10.1007/978-3-662-43813-8_17⟩ |
| DOI: | 10.1007/978-3-662-43813-8_17⟩ |
| Popis: | International audience; Usual preventive security mechanisms are not adequate for a world where personal data can be exchanged on-line between different parties and/or stored at multiple jurisdictions. Accountability becomes a necessary principle for future computer systems. This is specially critical for the cloud and Web applications that collect personal and sensitive data from end users. Accountability regards the responsibility and liability (including other attributes) for the data handling performed by a computer system on behalf of an organisation. In case of misconduct (e.g. security breaches, personal data leak, etc.), accountability should imply in remediation and redress actions, as in the real life. Contrary to data privacy, which is already supported by several concrete languages, there is currently no language supporting accountability obligations representation. In this work, we provide an abstract language for accountability obligations representation. We analyze two use cases to illustrate the efficiency of our approach in representing accountability obligations in realistic situations. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|