Cloud privacy and security issues beyond technology: championing the cause of accountability

Cloud computing provides IT service providers increased efficiency of resource utilization while enabling consumers to benefit from innovative advantages like access to up-to-date IT resources and low upfront investment. A significant hindrance to adoption of cloud computing is the lack of trust arising from worries over privacy and security when data resources of cloud service consumers are handled by third parties. A key factor in fostering cloud privacy and security is accountability, which increases trust by obligating an entity to be answerable for its actions. This paper uses a hermeneutic literature review to investigate (i) the prevailing methods and strategies of fostering privacy and security through accountability, (ii) the key actors in championing cloud accountability and (iii) the key barriers to cloud accountability. This literature review provides insight into current practices associated with championing cloud accountability and contributes to cloud service provider awareness of ways to improve cloud computing trustworthiness.

[1]  Dubravka Cecez-Kecmanovic,et al.  Review and critique of the information systems development project failure literature: An argument for exploring information systems development project distress , 2019, Journal of Information Technology.

[2]  Christopher Millard,et al.  Banking in the cloud: Part 3 - contractual issues , 2018, Comput. Law Secur. Rev..

[3]  Martin Gilje Jaatun,et al.  Accountability Requirements in the Cloud Provider Chain , 2018, Symmetry.

[4]  Trisha Greenhalgh,et al.  Time to challenge the spurious hierarchy of systematic over narrative reviews? , 2018, European journal of clinical investigation.

[5]  Niam Yaraghi,et al.  The Role of HIPAA Omnibus Rules in Reducing the Frequency of Medical Data Breaches: Insights From an Empirical Study , 2018, The Milbank quarterly.

[6]  Mehrbakhsh Nilashi,et al.  Customers perspectives on adoption of cloud computing in banking sector , 2016, Information Technology and Management.

[7]  J. McLeod,et al.  Using the cloud for records storage: issues of trust , 2017 .

[8]  Luigi Coppolino,et al.  Cloud security: Emerging threats and current solutions , 2017, Comput. Electr. Eng..

[9]  Dhiren R. Patel,et al.  Accountability in Cloud Computing by Means of Chain of Trust , 2017, Int. J. Netw. Secur..

[10]  Martin Dick,et al.  Core elements in information security accountability in the cloud , 2017 .

[11]  Michael Diener,et al.  Tackling the Cloud Adoption Dilemma - A User Centric Concept to Control Cloud Migration Processes by Using Machine Learning Technologies , 2016, 2016 11th International Conference on Availability, Reliability and Security (ARES).

[12]  Ian Storey,et al.  A Conceptual Framework for Accountability in Cloud Computing Service Provision , 2016, ACIS.

[13]  Hafid Barka,et al.  The Cloud Computing: the impact of regulation on adoption , 2016 .

[14]  Paul De Hert,et al.  The cloud computing standard ISO/IEC 27018 through the lens of the EU legislation on data protection , 2016, Comput. Law Secur. Rev..

[15]  Fang-Fang Chua,et al.  An adaptive monitoring framework for ensuring accountability and quality of services in cloud computing , 2016, 2016 International Conference on Information Networking (ICOIN).

[16]  Adil Al-Yasiri,et al.  Identifying Cloud Security Threats to Strengthen Cloud Computing Adoption Framework , 2016, FNC/MobiSPC.

[17]  Knut Blind,et al.  Regulation and standardization of data protection in cloud computing , 2015, 2015 ITU Kaleidoscope: Trust in the Information Society (K-2015).

[18]  Athanasios V. Vasilakos,et al.  Security in cloud computing: Opportunities and challenges , 2015, Inf. Sci..

[19]  Linlin You,et al.  Service level agreement (SLA) in Public Cloud environments: A Survey on the current enterprises adoption , 2015, 2015 5th International Conference on Information Science and Technology (ICIST).

[20]  Christopher Millard Forced Localization of Cloud Services: Is Privacy the Real Driver? , 2015, IEEE Cloud Computing.

[21]  J. Adjei Explaining the role of trust in cloud computing services , 2015 .

[22]  Jungwoo Ryoo,et al.  Cloud Security Auditing: Challenges and Emerging Approaches , 2014, IEEE Security & Privacy.

[23]  Siani Pearson,et al.  Accountability, Risk, and Trust in Cloud Services: Towards an Accountability-Based Approach to Risk and Trust Governance , 2014, 2014 IEEE World Congress on Services.

[24]  Zahir Tari,et al.  Security and Privacy in Cloud Computing , 2014, IEEE Cloud Computing.

[25]  Sebastian K. Boell,et al.  A Hermeneutic Approach for Conducting Literature Reviews and Literature Searches , 2014, Commun. Assoc. Inf. Syst..

[26]  Ryan K. L. Ko,et al.  Data Accountability in Cloud Systems , 2014 .

[27]  Mário M. Freire,et al.  Security issues in cloud environments: a survey , 2014, International Journal of Information Security.

[28]  Wendy L. Currie,et al.  Cloud computing and trans-border health data: Unpacking U.S. and EU healthcare regulation and compliance , 2013 .

[29]  Mark Ryan,et al.  Cloud computing security: The scientific challenge, and a survey of solutions , 2013, J. Syst. Softw..

[30]  E. Kosta,et al.  Bringing Accountability to the Cloud: Addressing Emerging Threats and Legal Perspectives , 2013 .

[31]  Siani Pearson,et al.  An interdisciplinary approach to accountability for future internet service provision , 2013, Int. J. Trust. Manag. Comput. Commun..

[32]  Abdallah AbuOliem,et al.  Cloud computing regulation : an attempt to protect personal data transmission to cross-border cloud computing storage services , 2013 .

[33]  J. Hoover,et al.  Compliance in the Ether: Cloud Computing, Data Security and Business Regulation , 2013 .

[34]  Stefan Berthold,et al.  Crime and Punishment in the Cloud Accountability, Transparency, and Privacy , 2013 .

[35]  Heiko Gewald,et al.  Cloud-Computing in Banking Influential Factors, Benefits and Risks from a Decision Maker's Perspective , 2013, AMCIS.

[36]  Y. Tony Yang,et al.  Regulatory Privacy Protection for Biomedical Cloud Computing , 2012 .

[37]  Martin Gilje Jaatun,et al.  Accountability for cloud and other future Internet services , 2012, 4th IEEE International Conference on Cloud Computing Technology and Science Proceedings.

[38]  Max Mühlhäuser,et al.  Trust as a facilitator in cloud computing: a survey , 2012, Journal of Cloud Computing: Advances, Systems and Applications.

[39]  V. T. Raja,et al.  Protecting the privacy and security of sensitive customer data in the cloud , 2012, Comput. Law Secur. Rev..

[40]  C. A. Klein,et al.  Cloudy confidentiality: clinical and legal implications of cloud computing in health care. , 2011, The journal of the American Academy of Psychiatry and the Law.

[41]  Bu-Sung Lee,et al.  Towards Achieving Accountability, Auditability and Trust in Cloud Computing , 2011, ACC.

[42]  Siani Pearson,et al.  Toward Accountability in the Cloud , 2011, IEEE Internet Computing.

[43]  Subhajyoti Bandyopadhyay,et al.  Cloud Computing - The Business Perspective , 2011, 2011 44th Hawaii International Conference on System Sciences.

[44]  Siani Pearson,et al.  Privacy, Security and Trust Issues Arising from Cloud Computing , 2010, 2010 IEEE Second International Conference on Cloud Computing Technology and Science.

[45]  Gail-Joon Ahn,et al.  Security and Privacy Challenges in Cloud Computing Environments , 2010, IEEE Security & Privacy.

[46]  Andrew Charlesworth,et al.  Accountability as a Way Forward for Privacy Protection in the Cloud , 2009, CloudCom.

[47]  M. Bovens Analysing and Assessing Accountability: A Conceptual Framework , 2007 .