Visible to the public Biblio

Filters: Keyword is Self-protection  [Clear All Filters]
2021-03-22
Vimercati, S. de Capitani di, Foresti, S., Paraboschi, S., Samarati, P..  2020.  Enforcing Corporate Governance's Internal Controls and Audit in the Cloud. 2020 IEEE 13th International Conference on Cloud Computing (CLOUD). :453–461.
More and more organizations are today using the cloud for their business as a quite convenient alternative to in-house solutions for storing, processing, and managing data. Cloud-based solutions are then permeating almost all aspects of business organizations, resulting appealing also for functions that, already in-house, may result sensitive or security critical, and whose enforcement in the cloud requires then particular care. In this paper, we provide an approach for securely relying on cloud-based services for the enforcement of Internal Controls and Audit (ICA) functions for corporate governance. Our approach is based on the use of selective encryption and of tags to provide a level of self-protection to data and for enabling only authorized parties to access data and perform operations on them, providing privacy and integrity guarantees, as well as accountability and non-repudiation.