Abstract
Accountability in the Cloud is a key concept that is determined by the accountability attributes. For assessing how accountable an organisation is we should be able to assess or provide techniques for measuring the attributes that influence on accountability. How much or to what extent they should be measured is a key issue. One of the goals of the A4Cloud project is, therefore, to develop a collection of metrics for performing meaningful measures on the attributes that influence accountability. This paper sets up the foundations towards the elicitation of metrics for accountability attributes. We describe here a metamodel for metrics for accountability attributes, which constitutes the basis for the process of elicitation of metrics for accountability. This metamodel is intended to serve as a language for describing accountability attributes and sub-attributes and for identifying the elements involved in their evaluation. One of the key components of the metamodel is the type of evidence the attribute use.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
New Oxford American Dictionary
The Cloud Accountability Project. http://www.a4cloud.eu/
ISO/IEC 15939:2007 – Systems and software engineering – Measurement process (2007)
NIST SP 800-55 – Performance measurement guide for information security. National Institute of Standards and Technology (2008)
ISO/IEC 27004:2009 – Information Technology – Security techniques – Information Security Management – Measurement (2009)
Implementing accountability in the marketplace – a discussion document. accountability phase iii – the madrid project. Centre for Information Policy Leadership (CIPL), November 2011
Abran, A.: Software Metrics and Software Metrology. Wiley, New York (2010)
ENISA. Procure secure – a guide to monitoring of security service levels in cloud contracts (2012)
EU Parliament and EU Council. Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data
EU Parliament and EU Council. Proposal for a regulation of the european parliament and of the council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (general data protection regulation) (2012)
Herrmann, D.S.: Complete Guide to Security and Privacy Metrics: Measuring Regulatory Compliance, Operational Resilience, and ROI. CRC Press, Boca Raton (2007)
Hood, C., Heald, D. (eds.): Transparency: The Key to Better Governance?, vol. 135. Oxford University Press, Oxford (2006)
Innerhofer-Oberperfler, F., Breu, R.: An empirically derived loss taxonomy based on publicly known security incidents. In: International Conference on Availability, Reliability and Security, ARES 2009, pp. 66–73. IEEE (2009)
Nuñez, D., Fernandez-Gago, C., Pearson, S., Felici, M.: A metamodel for measuring accountability attributes in the cloud. In: 2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom), vol. 1, pp. 355–362. IEEE (2013)
Pfitzmann, A., Hansen, M.: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management–A Consolidated Proposal for Terminology. Version v0.31 (2008)
A4Cloud project. MS:C-2.2 - Initial framework description report, February 2013
Stevens, S.S.: On the theory of scales of measurement. Science 103(2684), 677–680 (1946)
Zhang, Y., Juels, A., Reiter, M.K., Ristenpart, T.: Cross-vm side channels and their use to extract private keys. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 305–316. ACM (2012)
Acknowledgements
This work has been partially funded by the European Commission through the FP7/2007–2013 project A4Cloud under grant agreement number 317550. The first author is funded by a FPI fellowship from the Junta de Andalucía through the project PISCIS (P10-TIC-06334).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Fernández-Gago, C., Nuñez, D. (2015). Metrics for Accountability in the Cloud. In: Felici, M., Fernández-Gago, C. (eds) Accountability and Security in the Cloud. A4Cloud 2014. Lecture Notes in Computer Science(), vol 8937. Springer, Cham. https://doi.org/10.1007/978-3-319-17199-9_6
Download citation
DOI: https://doi.org/10.1007/978-3-319-17199-9_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-17198-2
Online ISBN: 978-3-319-17199-9
eBook Packages: Computer ScienceComputer Science (R0)