Supporting Accountability in Cloud Ecosystems

Accountability for an organisation consists of accepting responsibility for data with which it is entrusted in a cloud ecosystem. It is also concerned with the use of the data from the time it is collected until when the data is destroyed (including onward transfer to and from third parties). It involves the commitment to norms, explaining and demonstrating compliance to stakeholders and remedying any failure to act properly. This demo will show how accountability mechanisms (in particular, tools) enable organisations in being accountable in cloud ecosystems. The demo will emphasise how the combination of different tools support accountability through a demonstration in a realistic cloud supply chain. The demo will point out the use of the tools for accountability from the viewpoints of different stakeholders in a cloud ecosystem.


The presenters


Vasilis Tountopoulos is the Deputy Head and responsible for the Technical Implementation in the ATC Innovation Lab. He received the diploma in Electrical and Computer Engineering from the University of Patras in 2000, and the PhD degree in Electrical and Computer Engineering from the National Technical University of Athens (NTUA) in 2005. He has been involved in EU R&D and National funded projects in ATC and, previously, as a research associate, in the Telecommunications Systems and Computer Networks Laboratories of the ICCS/NTUA. His research interests include semantic Web, interoperability, cross-sector cloud applications and information security. Vasilis is a member of the Technical Chamber of Greece.

Massimo Felici is a Research Engineer in the Security and Manageability Lab at Hewlett Packard Enterprise. He received a PhD in Informatics from the University of Edinburgh. His main research interests are concerned with accountability, security, privacy, trust, risk and assurance aspects of cloud computing infrastructures. Before joining Hewlett Packard Las, he has been a research and teaching fellow in software engineering at the University of Edinburgh, and worked as research consultant for Deep Blue, an Italian SME specialised in human factors, safety and validation consultancy. More recently, he has co-edited a volume on Accountability and Security in the Cloud (published by Springer in the series LNCS), the proceedings of the Cyber Security and Privacy Forum (published by Springer in the series CCIS) and a special issue on the economics of cybersecurity published by the IEEE Security & Privacy magazine.