CamFlow: Managed Data-sharing for Cloud Services

A model of cloud services is emerging whereby a few trusted providers manage the underlying hardware and communications whereas many companies build on this infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS applications. From the start, strong isolation between cloud tenants was seen to be of paramount importance, provided first by virtual machines (VM) and later by containers, which share the operating system (OS) kernel. Increasingly it is the case that applications also require facilities to effect isolation and protection of data managed by those applications. They also require flexible data sharing with other applications, often across the traditional cloud-isolation boundaries; for example, when government provides many related services for its citizens on a common platform. Similar considerations apply to the end-users of applications. But in particular, the incorporation of cloud services within `Internet of Things' architectures is driving the requirements for both protection and cross-application data sharing. These concerns relate to the management of data. Traditional access control is application and principal/role specific, applied at policy enforcement points, after which there is no subsequent control over where data flows; a crucial issue once data has left its owner's control by cloud-hosted applications and within cloud-services. Information Flow Control (IFC), in addition, offers system-wide, end-to-end, flow control based on the properties of the data. We discuss the potential of cloud-deployed IFC for enforcing owners' dataflow policy with regard to protection and sharing, as well as safeguarding against malicious or buggy software. In addition, the audit log associated with IFC provides transparency, giving configurable system-wide visibility over data flows. [...]Comment: 14 pages, 8 figure

The Whalers of Honfleur in the Seventeenth Century

The Honfleur admiralty archives have a remarkable collection of reports made by captains returning from their voyages, among which have been found the accounts of 31 whalers and one other which did not return to Honfleur. These archives also contain some lists of crews, equipment, and provisions on board. We have at our disposal therefore a very interesting collection of documents about 32 French whalers between 1668 and 1688. ... The first part of this paper deals with the ships, their owners and crews; the second part describes the practice of whaling

Les stratégies des organisations publiques pour éviter l'accès à l'information

Les lois sur l'accès à l'information contraignent les gouvernements et les administrations publiques à la transparence et ainsi à divulguer l'information dont ils disposent. Pourtant, si ces lois ont permis d'accroître l'information des citoyens, on constate que de nombreuses organisations publiques cherchent toujours à dissimuler de l'information alors qu'aucun intérêt public ou privé prépondérant ne justifie ce comportement. Cet article établit une typologie de ces comportements, les décrit et les illustre au travers de nombreux exemples

Le Tactilo : au coeur du débat sur la régulation des jeux de hasard et d'argent

Dans plusieurs pays (Suisse, France, États-Unis, Royaume-Uni), le cadre de régulation des jeux de hasard et d'argent est différencié selon la nature et la forme des jeux. Ainsi, le système suisse est régulé différemment suivant qu'il s'agit de loteries et de paris ou de casinos. Dans chacun de ces deux cas, un cadre juridique et de régulation diffèrent s'applique. Le système devient complexe lorsque certains jeux ou opérations ne peuvent pas être clairement attribués à un système de régulation ou à un autre ou lorsque des conflits de compétence interviennent entre les autorités de régulation. C'est le cas du Tactilo. Ce working paper présente de manière synthétique les différents aspects de la régulation de ce nouveau mode de distribution des jeux que sont les automates de type Tactilo et discute les développements légaux et les implications financières entourant ce débat. Ces éléments permettent de comprendre le débat actuel et de mieux comprendre les enjeux de la décision attendue du Tribunal fédéral dans ce dossier. Le Tactilo, un jeu de loterie ou un jeu de casino...

Access to information in Switzerland : From secrecy to transparency

Access to information legislations are now present in over 50 countries world-wide. Lagging behind some of its own Cantons, the Swiss Federal government was until recently one of the few hold outs in Europe. But, in December 2004, the Confederation voted the 'Loi sur la Transparence de l'administration' or Law on Transparency (LTrans) a Law that came into effect in July 2006. This paper presents an overview of the new Law and underlines the main institutional challenges to its introduction in Switzerland

Transparence et accès à l'information : typologie des comportements organisationnels des administrations publiques visant à limiter l'accès à l'information

La transparence de l'action gouvernementale et des administrations publiques est devenue une exigence démocratique inscrite dans de nombreux pays dans des lois sur l'accès à l'information. Or, si ces lois ont permis d'accroître l'information des citoyens, on constate toujours que de nombreuses organisations publiques cherchent à dissimuler de l'information alors qu'aucun intérêt public ou privé prépondérant ne justifie ce comportement. Ce working paper établit une typologie de ces comportements et les décrit avec notamment de nombreux exemples tirés des expériences faites aux USA, au Canada et en Suisse

Seeing through the clouds: Managing data flow and compliance in cloud computing

As cloud computing becomes an increasingly dominant means of providing computing resources, the legal and regulatory issues associated with data in the cloud become more pronounced. These issues derive primarily from four areas: contract, data protection, law enforcement, and regulatory and common law protections for particularly sensitive domains such as health, finance, fiduciary relations, and intellectual property assets. From a technical perspective, these legal requirements all impose information management obligations on data sharing and transmission within cloud-hosted applications and services. They might restrict how, when, where, and by whom data may flow and be accessed. These issues must be managed not only between applications, but also through the entire, potentially global, cloud supply chain.Those of us from the Computer Laboratory are supported through the UK EPSRC (grant EP/K0l1510), and the Microsoft Cloud Computing Research Centre.This is the author accepted manuscript. The final version is available from IEEE via http://dx.doi.org/10.1109/MCC.2015.6