accountability for the cloud
play

Accountability for the Cloud Walid Benghabrit, Ronan-Alexandre - PowerPoint PPT Presentation

Nov 12, 2023 •375 likes •779 views

Accountability for the Cloud Walid Benghabrit, Ronan-Alexandre Cherrueau , Jean-Claude Royer & Mario Sdholt Ascola team Inria, Mines Nantes, Lina Journe Cloud, Nantes France September 19, 2014 Accountability General Definition

  1. Accountability for the Cloud Walid Benghabrit, Ronan-Alexandre Cherrueau , Jean-Claude Royer & Mario Südholt Ascola team Inria, Mines Nantes, Lina Journée Cloud, Nantes France September 19, 2014

  2. Accountability General Definition “In ethics and governance, accountability is answerability, blameworthiness, liability, and the expectation of account-giving. In leadership roles, accountability is the acknowledgment and assumption of responsibility for actions, products, decisions, and policies including the administration, governance, and implementation within the scope of the obligation to report, explain and be answerable for resulting consequences.” 2

  3. Accountability General Definition – The good part! “In ethics and governance, accountability is answerability, blameworthiness, liability, and the expectation of account-giving In leadership roles, accountability is the acknowledgment and assumption of responsibility for actions, products, decisions, and policies including the obligation to report, explain and be answerable for resulting consequences.” 2 administration, governance, and implementation within the scope of the

  4. Accountability in Real Life Preventive accountability that avoids bank? Retrospective accountability that corrects and imposes consequences 3 • Two means: preventive & retrospective accountability • A real life example – The bank robbery ◦ Bank robber arrives hooded and armed ⇒ Bank security officer doesn’t let the robber enter ◦ Bank robber arrives with a hidden weapon ⇒ Bank security officer lets the robber enter ◦ It’s easy to enter in a bank for an holdup! Why everybody doesn’t rob a ⇒ Legal risks!

  5. Accountability in Real Life Preventive accountability that avoids bank? Retrospective accountability that corrects and imposes consequences 3 • Two means: preventive & retrospective accountability • A real life example – The bank robbery ◦ Bank robber arrives hooded and armed ⇒ Bank security officer doesn’t let the robber enter ◦ Bank robber arrives with a hidden weapon ⇒ Bank security officer lets the robber enter ◦ It’s easy to enter in a bank for an holdup! Why everybody doesn’t rob a ⇒ Legal risks!

  6. Accountability in Real Life Preventive accountability that avoids bank? Retrospective accountability that corrects and imposes consequences 3 • Two means: preventive & retrospective accountability • A real life example – The bank robbery ◦ Bank robber arrives hooded and armed ⇒ Bank security officer doesn’t let the robber enter ◦ Bank robber arrives with a hidden weapon ⇒ Bank security officer lets the robber enter ◦ It’s easy to enter in a bank for an holdup! Why everybody doesn’t rob a ⇒ Legal risks!

  7. Accountability in Real Life bank? Retrospective accountability that corrects and imposes consequences 3 • Two means: preventive & retrospective accountability • A real life example – The bank robbery ◦ Bank robber arrives hooded and armed ⇒ Bank security officer doesn’t let the robber enter ⇒ Preventive accountability that avoids ◦ Bank robber arrives with a hidden weapon ⇒ Bank security officer lets the robber enter ◦ It’s easy to enter in a bank for an holdup! Why everybody doesn’t rob a ⇒ Legal risks!

  8. Accountability in Real Life bank? Retrospective accountability that corrects and imposes consequences 3 • Two means: preventive & retrospective accountability • A real life example – The bank robbery ◦ Bank robber arrives hooded and armed ⇒ Bank security officer doesn’t let the robber enter ⇒ Preventive accountability that avoids ◦ Bank robber arrives with a hidden weapon ⇒ Bank security officer lets the robber enter ◦ It’s easy to enter in a bank for an holdup! Why everybody doesn’t rob a ⇒ Legal risks!

  9. Accountability in Real Life bank? Retrospective accountability that corrects and imposes consequences 3 • Two means: preventive & retrospective accountability • A real life example – The bank robbery ◦ Bank robber arrives hooded and armed ⇒ Bank security officer doesn’t let the robber enter ⇒ Preventive accountability that avoids ◦ Bank robber arrives with a hidden weapon ⇒ Bank security officer lets the robber enter ◦ It’s easy to enter in a bank for an holdup! Why everybody doesn’t rob a ⇒ Legal risks!

  10. Accountability in Real Life bank? Retrospective accountability that corrects and imposes consequences 3 • Two means: preventive & retrospective accountability • A real life example – The bank robbery ◦ Bank robber arrives hooded and armed ⇒ Bank security officer doesn’t let the robber enter ⇒ Preventive accountability that avoids ◦ Bank robber arrives with a hidden weapon ⇒ Bank security officer lets the robber enter ◦ It’s easy to enter in a bank for an holdup! Why everybody doesn’t rob a ⇒ Legal risks!

  11. Accountability in Real Life bank? 3 • Two means: preventive & retrospective accountability • A real life example – The bank robbery ◦ Bank robber arrives hooded and armed ⇒ Bank security officer doesn’t let the robber enter ⇒ Preventive accountability that avoids ◦ Bank robber arrives with a hidden weapon ⇒ Bank security officer lets the robber enter ◦ It’s easy to enter in a bank for an holdup! Why everybody doesn’t rob a ⇒ Legal risks! ⇒ Retrospective accountability that corrects and imposes consequences

  12. Accountability for the Cloud Why? [Sam01] 4 • General approaches are not sufficient • They are too restrictive • They are inadequate for a connected world How? [WABL + 08] • Preventive accountability policy: ◦ Prevent data from “escaping” when it’s applicable. • Retrospective accountability policy: ◦ Detective controls to identify risks. ◦ Corrective controls to correct undesired (past) outcomes.

  13. Fitness Tracker Example (Running Example) Policy Examples: 5 Fitness Tracker: StoreActivity activity Activity: Fitness 4. Compute#BurntCals - id: "Alice", Tracker [activity] - date: 2014-09-19, FT Alice 5. PrintImage chart 3. [activity] - duration: 45, Third - circuit: [GPS(...)], Application - bcals: 310 1. #BurntCals 2013 TA 2. GetActivities "Alice" 2013 • Alice only authorizes TA to get her activities, else … • Alice authorizes TA to only read id, date and bcals, else … • Alice requires FT to delete data a昁er 2 years, else …

  14. Fitness Tracker Example (Running Example) Policy Examples: ASCOLA Work 5 Fitness Tracker: StoreActivity activity Activity: Fitness 4. Compute#BurntCals - id: "Alice", Tracker [activity] - date: 2014-09-19, FT Alice 5. PrintImage chart 3. [activity] - duration: 45, Third - circuit: [GPS(...)], Application ⇒ Accountability representation framework - bcals: 310 1. #BurntCals 2013 2. GetActivities "Alice" 2013 TA ⇒ Accountability policies enforcement • Alice only authorizes TA to get her activities, else … • Alice authorizes TA to only read id, date and bcals, else … • Alice requires FT to delete data a昁er 2 years, else …

  15. Accountability Representation Framework 6

  16. 7 Accountability Representation Framework • Express accountability policies: ◦ Alice only authorizes TA to get her activities. ◦ Alice authorizes TA to only read id, data and bcals. ◦ Alice requires FT to delete data a昁er 2 years. • Readable language close to real obligations. • Help lawyers and designers to introduce accountability. • Current work [BGR + 14a]: ◦ Abstract Accountability Language ◦ Model-checking and logical proof

  17. Fitness Tracker Example: Representation Level TYPE Activity ATTRIBUTES(id, date, duration, circuit, bcals) CLAUSE cFT: ... AUDITING auditor.audit[TA FT]() EVERYDAY PERMIT alice.store[FT](aData) AND FORALL x:Agent DENY x.get[FT](aData) AND DENY x.store[FT](aData) CLAUSE cAlice: DATA aData TYPE(Activity) Subject Alice AGENT TA TYPE(DataProcessor) REQUIRED(get) PROVIDED(#burnt) AGENT FT TYPE(DataController) REQUIRED() PROVIDED(store get) AGENT Alice TYPE(Subject) REQUIRED(store #burnt) PROVIDED() 8 Fitness Tracker: StoreActivity activity Fitness * Alice only authorizes TA to get her activities. 4. Compute#BurntCals Tracker * Alice authorizes TA to only read id, date and bcals. [activity] FT * Alice requires FT to delete data after 2 years. Alice 3. [activity] 5. PrintImage chart Third Application 1. #BurntCals 2013 TA 2. GetActivities "Alice" 2013 PERMIT TA.get[FT](aData.id, aData.date, aData,bcals) AND PERMIT alice.#burnt[TA](aData) AND MUST (FT.delete[aData]() AFTER 2 YEARS) IF_VIOLATED_THEN auditor.sanction[FT](...)

Recommend

Trustworthiness, Accountability and Forensics in the Cloud (TAFC 2013) Sessions 1-4 reports

Trustworthiness, Accountability and Forensics in the Cloud (TAFC 2013) Sessions 1-4 reports

International Workshop on Trustworthiness, Accountability and Forensics in the Cloud (TAFC 2013) Sessions 1-4 reports Session 1: ACCOUNTABILITY Reported by: Lenore Zuck, University of Illinois at Chicago (UIC) Discussion points Panel Discussions

240 views • 5 slides
Crime and Punishment in the Cloud Accountability, Transparency, and Privacy Stefan Berthold ,

Crime and Punishment in the Cloud Accountability, Transparency, and Privacy Stefan Berthold ,

Crime and Punishment in the Cloud Accountability, Transparency, and Privacy Stefan Berthold , Simone Fischer-Hbner, Leonardo A. Martucci, and T obias Pulls Karlstad University Department of Mathematics and Computer Science 651 88 Karlstad,

250 views • 20 slides
A Blockchain-based Flight Data Recorder for Cloud Accountability G. DAngelo, S. Ferretti , M.

A Blockchain-based Flight Data Recorder for Cloud Accountability G. DAngelo, S. Ferretti , M.

A Blockchain-based Flight Data Recorder for Cloud Accountability G. DAngelo, S. Ferretti , M. Marzolla Dept. of Computer Science and Engineering s.ferretti@unibo.it Cloud Computing On-demand self service On-demand self service On-demand

567 views • 38 slides
Fine-grained Data Access Control Systems with User Accountability in Cloud Computing Jin Li 1 ,

Fine-grained Data Access Control Systems with User Accountability in Cloud Computing Jin Li 1 ,

Fine-grained Data Access Control Systems with User Accountability in Cloud Computing Jin Li 1 , Gansen Zhao 2 , and Xiaofeng Chen 3 Chunming Rong 4 , Yong Tang 2 1 Guangzhou University, China South China Normal University 2 3 Xidian University

784 views • 21 slides
Office of Accountability September 20, 2011 Office of Accountability Superintendent Office of

Office of Accountability September 20, 2011 Office of Accountability Superintendent Office of

Office of Accountability September 20, 2011 Office of Accountability Superintendent Office of Accountability 2011-2012 Organizational Chart Ron Rode Supervising Executive Director Administrative Assistant II Office of Accountability

724 views • 14 slides
Framework for a Next- Generation Accountability System 01 Accountability design components 02

Framework for a Next- Generation Accountability System 01 Accountability design components 02

Framework for a Next- Generation Accountability System 01 Accountability design components 02 Relative component accountability percentile 03 Criterion referenced component target AGENDA setting 04 Use of subgroup data for

557 views • 13 slides
Update for the new Accountability System Monica Daniels M.S., Accountability Assistant Executive

Update for the new Accountability System Monica Daniels M.S., Accountability Assistant Executive

Update for the new Accountability System Monica Daniels M.S., Accountability Assistant Executive Director Dr. Michael Tamborski, Accountability Executive Director Dr. Jeanene Barnett, Deputy Superintendent Assessment and Accountability Dr.

211 views • 19 slides
From No Accountability to Accountability. Now. Why Enhancing Public Financial Management Really

From No Accountability to Accountability. Now. Why Enhancing Public Financial Management Really

From No Accountability to Accountability. Now. Why Enhancing Public Financial Management Really Matters Vincent Tophoff IV Seminario Brasileiro de Contabilidade e Custos Aplicados ao Setor Publico Brasilia, October 4-6, 2017 Page 1 IFAC A

361 views • 23 slides
Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come from? Why Cloud? Cloud for small, medium, enterprise, and government Barriers to adoption Embracing Cloud Social Mobile Cloud

972 views • 45 slides
Accountability Circles Initiation and Youth Empowerment Evolution of the Accountability Circles

Accountability Circles Initiation and Youth Empowerment Evolution of the Accountability Circles

Accountability Circles Initiation and Youth Empowerment Evolution of the Accountability Circles The Accountability Circle Process Wisdom Confidence Courage Respect The Circle Space Check-in Conferences and Plans Necklaces

643 views • 8 slides
SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud

SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud

SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud Tour of the buzzwords, myths and realities Whats in store for me, the boss, the company, the industry? Your cloud, our cloud their

224 views • 19 slides
The Accountability Framework initiative Accelerating progress and improving accountability for

The Accountability Framework initiative Accelerating progress and improving accountability for

The Accountability Framework initiative Accelerating progress and improving accountability for ethical supply chain commitments Jeff Milder, Rainforest Alliance June 13, 2019 Companies have committed to eliminating deforestation and human

647 views • 9 slides
Accountability Standard Setting ANN-MICHELLE NEAL, ED.S ACCOUNTABILITY SPECIALIST UTAH STATE

Accountability Standard Setting ANN-MICHELLE NEAL, ED.S ACCOUNTABILITY SPECIALIST UTAH STATE

Utah School Accountability Standard Setting ANN-MICHELLE NEAL, ED.S ACCOUNTABILITY SPECIALIST UTAH STATE BOARD OF EDUCATION History of Accountability in Utah School Grading School Grading Accountability Accountability Accountability

614 views • 25 slides
Presentation September 24, 2019 Accountability Committee Accountability Updates: Notices of

Presentation September 24, 2019 Accountability Committee Accountability Updates: Notices of

Accountability Presentation September 24, 2019 Accountability Committee Accountability Updates: Notices of Non-Compliance Notices of Non-Compliance, Level 2 Better Choice Foundation, Mary D. Coghill Charter School Notice of

164 views • 14 slides
CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

Cornell CS5412 Cloud Computing (Spring 2015) 1 CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is cheaper! The cloud business model is growing at an unparalleled pace without any limit in sight

632 views • 45 slides
CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

1 CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is cheaper The cloud business model is growing at an unparalleled pace without any limit in sight In the future everything will be on the cloud

945 views • 65 slides
in the Cloud (TAFC 2013) Agenda 6 th June 2013 8:45 - 9:00 Welcome and Overview Jim Clarke,

in the Cloud (TAFC 2013) Agenda 6 th June 2013 8:45 - 9:00 Welcome and Overview Jim Clarke,

International Workshop on Trustworthiness, Accountability and Forensics in the Cloud (TAFC 2013) Agenda 6 th June 2013 8:45 - 9:00 Welcome and Overview Jim Clarke, Waterford Institute of Technology and Rebecca Wright, Rutgers University

192 views • 4 slides
ASSURANCE AND ACCOUNTABILITY ASSURANCE AND ACCOUNTABILITY GENERAL INFO / ANNOUNCEMENTS

ASSURANCE AND ACCOUNTABILITY ASSURANCE AND ACCOUNTABILITY GENERAL INFO / ANNOUNCEMENTS

ADVANCED COMPUTER SECURITY ASSURANCE AND ACCOUNTABILITY ASSURANCE AND ACCOUNTABILITY GENERAL INFO / ANNOUNCEMENTS Reminder : read and post response to Enforceable Security Policies by tomorrow afternoon. Please send me your talk

524 views • 41 slides
The Cloud Is Big! The Cloud Is Hot! IT industry Constitutes about 2% of total US energy

The Cloud Is Big! The Cloud Is Hot! IT industry Constitutes about 2% of total US energy

The Data Furnace: Heating Up with Cloud Computing Jie Liu , Michel Goraczko, Jiakang Lu Sean James, Christian Belady Kamin Whitehouse Microsoft University of Virginia The Cloud Is Big! The Cloud Is Hot! IT industry Constitutes about 2%

551 views • 16 slides
Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing Understanding: Distributed Application Design Resource Management Automation Virtualized Computing Environments High-performance Computing

1.02k views • 49 slides
Accountability Literacy Project Accountable leadership: Mechanisms for empowering all

Accountability Literacy Project Accountable leadership: Mechanisms for empowering all

Accountability Literacy Project Accountable leadership: Mechanisms for empowering all stakeholders in health responses About AAI Define Accountability 1 2 minutes Working alone please write a definition of accountability in your own words

305 views • 15 slides
Accountability Commission January 2016 Agenda Objec&ves

Accountability Commission January 2016 Agenda Objec&ves

Accountability Commission January 2016 Agenda Objec&ves Purpose of Accountability Louisianas Accountability System: - Establish goals and report

600 views • 21 slides
NVIDIA GPUs in the Cloud 4 EVOLVING CLOUD REQUIREMENTS On Off Hybrid Cloud premises premises

NVIDIA GPUs in the Cloud 4 EVOLVING CLOUD REQUIREMENTS On Off Hybrid Cloud premises premises

NVIDIA GPUs in the Cloud 4 EVOLVING CLOUD REQUIREMENTS On Off Hybrid Cloud premises premises Connecting clouds New workloads Components to disrupt SOFTLAYER CAPABILITIES OVERVIEW 5 GLOBAL CLOUD PLATFORM Unified architecture enabled by

390 views • 17 slides
github.com/18F/cg-workshop I Want You to use cloud.gov : Focus on mission " :

github.com/18F/cg-workshop I Want You to use cloud.gov : Focus on mission " :

09:00 Welcome Shashank Khandelwal 09:10 cloud.gov Overview 09:40 cloud.gov Hands-on I 10:20 Break 10:30 Federalist Will Slack 10:40 cloud.gov Hands-on II 11:30 Q & A github.com/18F/cg-workshop I Want You to use cloud.gov

461 views • 34 slides

More recommend