论文信息 - A Metamodel for Measuring Accountability Attributes in the Cloud

A Metamodel for Measuring Accountability Attributes in the Cloud

Cloud governance, and in particular data governance in the cloud, relies on different technical and organizational practices and procedures, such as policy enforcement, risk management, incident management and remediation. The concept of accountability encompasses such practices, and is essential for enhancing security and trustworthiness in the cloud. Besides this, proper measurement of cloud services, both at a technical and governance level, is a distinctive aspect of the cloud computing model. Hence, a natural problem that arises is how to measure the impact on accountability of the procedures held in practice by organizations that participate in the cloud ecosystem. In this paper, we describe a metamodel for addressing the problem of measuring accountability properties for cloud computing, as discussed and defined by the Cloud Accountability Project (A4Cloud). The goal of this metamodel is to act as a language for describing: (i) accountability properties in terms of actions between entities, and (ii) metrics for measuring the fulfillment of such properties. It also allows the recursive decomposition of properties and metrics, from a high-level and abstract world to a tangible and measurable one. Finally, we illustrate our proposal of the metamodel by modelling the transparency property, and define some metrics for it.

[1] Andrea Maurino,et al. A Meta-model for Non-functional Property Descriptions of Web Services , 2008, 2008 IEEE International Conference on Web Services.

[2] P. Mell,et al. The NIST Definition of Cloud Computing , 2011 .

[3] S S Stevens,et al. On the Theory of Scales of Measurement. , 1946, Science.

[4] S. Shott,et al. Nonparametric Statistics , 2018, The Encyclopedia of Archaeological Sciences.

[5] Barry P. Mulcahy,et al. Trust-terms ontology for defining security requirements and metrics , 2010, ECSA '10.

[6] W. W. Daniel. Applied Nonparametric Statistics , 1979 .

[7] Sadie Creese,et al. Data Protection-Aware Design for Cloud Services , 2009, CloudCom.

[8] Antonello Calabrò,et al. Yet another meta-model to specify non-functional properties , 2011, QASBA '11.

[9] Siani Pearson,et al. Towards a model of accountability for cloud computing services , 2013 .

[10] Arthur H. M. ter Hofstede,et al. Formal description of non-functional service properties , 2005 .

[11] Dear Mr Sotiropoulos. ARTICLE 29 Data Protection Working Party , 2013 .

[12] Parastoo Mohagheghi,et al. A Metamodel for Specifying Quality Models in Model-Driven Engineering , 2008 .

[13] Norbert Siegmund,et al. Measuring and predicting non-functional properties of customizable programs , 2012 .