9,408 research outputs found
The case for cloud service trustmarks and assurance-as-a-service
Cloud computing represents a significant economic opportunity for Europe. However, this growth is threatened by adoption barriers largely related to trust. This position paper examines trust and confidence issues in cloud computing and advances a case for addressing them through the implementation of a novel trustmark scheme for cloud service providers. The proposed trustmark would be both active and dynamic featuring multi-modal information about the performance of the underlying cloud service. The trustmarks would be informed by live performance data from the cloud service provider, or ideally an independent third-party accountability and assurance service that would communicate up-to-date information relating to service performance and dependability. By combining assurance measures with a remediation scheme, cloud service providers could both signal dependability to customers and the wider marketplace and provide customers, auditors and regulators with a mechanism for determining accountability in the event of failure or non-compliance. As a result, the trustmarks would convey to consumers of cloud services and other stakeholders that strong assurance and accountability measures are in place for the service in question and thereby address trust and confidence issues in cloud computing
D:A4.1 Socio-economic impact assessment
The executive summary ends with six concise recommendations for facilitating more accountability for data management in cloud ecosystems: 1. Provide a stronger legal base for and enforcement of data protection and accountable behavior; 2. Facilitate independent auditing of responsible data stewardship; 3. Increase public awareness of the need for accountability; 4. Balance existing information asymmetries via partnerships; 5. Focus on larger enterprises working in the public sector first, as these can serve as an example for other types of businesses; 6. Demonstrate how A4Cloud tools and mechanisms can be turned into a business model in order to encourage greater uptake and use
Towards a Data Governance Framework for Third Generation Platforms
The fourth industrial revolution considers data as a business asset and therefore this is placed as a central element of the software architecture (data as a service) that will support the horizontal and vertical digitalization of industrial processes. The large volume of data that the environment generates, its heterogeneity and complexity, as well as its reuse for later processes (e.g. analytics, IA) requires the adoption of policies, directives and standards for its right governance. Furthermore, the issues related to the use of resources in the cloud computing must be taken into account with the aim of meeting the requirements of performance and security of the different processes. This article, in the absence of frameworks adapted to this new architecture, proposes an initial schema for developing an effective data governance programme for third generation platforms, that means, a conceptual tool which guides organizations to define, design, develop and deploy services aligned with its vision and business goals in I4.0 era.This work is partially funded by Spanish Government through the research project TIN2017-86520-C3-3-R
Design Challenges for GDPR RegTech
The Accountability Principle of the GDPR requires that an organisation can
demonstrate compliance with the regulations. A survey of GDPR compliance
software solutions shows significant gaps in their ability to demonstrate
compliance. In contrast, RegTech has recently brought great success to
financial compliance, resulting in reduced risk, cost saving and enhanced
financial regulatory compliance. It is shown that many GDPR solutions lack
interoperability features such as standard APIs, meta-data or reports and they
are not supported by published methodologies or evidence to support their
validity or even utility. A proof of concept prototype was explored using a
regulator based self-assessment checklist to establish if RegTech best practice
could improve the demonstration of GDPR compliance. The application of a
RegTech approach provides opportunities for demonstrable and validated GDPR
compliance, notwithstanding the risk reductions and cost savings that RegTech
can deliver. This paper demonstrates a RegTech approach to GDPR compliance can
facilitate an organisation meeting its accountability obligations
Technology, governance, and a sustainability model for small and medium-sized towns in Europe
New and cutting-edge technologies causing deep changes in societies, playing the role
of game modifiers, and having a significant impact on global markets in small and medium-sized
towns in Europe (SMSTEs) are the focus of this research. In this context, an analysis was carried
out to identify the main dimensions of a model for promoting innovation in SMSTEs. The literature
review on the main dimensions boosting the innovation in SMSTEs and the methodological approach
was the application of a survey directed to experts on this issue. The findings from the literature
review reflect that technologies, governance, and sustainability dimensions are enablers of SMSTEs’
innovation, and based on the results of the survey, a model was implemented to boost innovation,
being this the major add-on of this research.info:eu-repo/semantics/publishedVersio
- …