Related papers: Hawk: DevOps-driven Transparency and Accountabilit…
Cloud native information systems engineering enables scalable and resilient service infrastructures for all major online offerings. These are built following agile development practices. At the same time, a growing demand for…
Cloud native systems are processing large amounts of personal data through numerous and possibly multi-paradigmatic data stores (e.g., relational and non-relational databases). From a privacy engineering perspective, a core challenge is to…
Ever-increasingly complex business processes are enabled by loosely coupled cloud-native systems. In such fast-paced development environments, data controllers face the challenge of capturing and updating all personal data processing…
Transparency - the provision of information about what personal data is collected for which purposes, how long it is stored, or to which parties it is transferred - is one of the core privacy principles underlying regulations such as the…
Transparency and accountability are indispensable principles for modern data protection, from both, legal and technical viewpoints. Regulations such as the GDPR, therefore, require specific transparency information to be provided including,…
As cloud services become central in an increasing number of applications, they process and store more personal and business-critical data. At the same time, privacy and compliance regulations such as GDPR, the EU ePrivacy regulation, PCI,…
Transparency regarding the processing of personal data in online services is a necessary precondition for informed decisions on whether or not to share personal data. In this paper, we argue that privacy interfaces shall incorporate the…
DevOps is a quite effective approach for managing software development and operation, as confirmed by plenty of success stories in real applications and case studies. DevOps is now becoming the main-stream solution adopted by the software…
Integrating on-chain and off-chain data storage for decentralised and distributed information systems, such as blockchain, presents specific challenges for providing transparency of data governance and ensuring data integrity through…
The proliferation of SQL for data processing has often occurred without the rigor of traditional software development, leading to siloed efforts, logic replication, and increased risk. This ad-hoc approach hampers data governance and makes…
In todays increasingly digital world, data has become one of the most valuable assets for organizations. With the rise in cyberattacks, data breaches, and the stringent regulatory environment, it is imperative to adopt robust data…
DevOps has become a dominant paradigm in modern software engineering, while low-code development platforms (LCDPs) are increasingly adopted to streamline software development. The integration of these approaches promises efficiency gains…
Cloud computing is revolutionizing many ecosystems by providing organizations with computing resources featuring easy deployment, connectivity, configuration, automation and scalability. This paradigm shift raises a broad range of security…
The recent approval of the General Data Protection Regulation (GDPR) imposes new data protection requirements on data controllers and processors with respect to the processing of European Union (EU) residents' data. These requirements…
Employee data can be used to facilitate work, but their misusage may pose risks for individuals. Inverse transparency therefore aims to track all usages of personal data, allowing individuals to monitor them to ensure accountability for…
Individuals lack oversight over systems that process their data. This can lead to discrimination and hidden biases that are hard to uncover. Recent data protection legislation tries to tackle these issues, but it is inadequate. It does not…
Accountability is widely understood as a goal for well governed computer systems, and is a sought-after value in many governance contexts. But how can it be achieved? Recent work on standards for governable artificial intelligence systems…
In data-driven predictive cloud control tasks, the privacy of data stored and used in cloud services could be leaked to malicious attackers or curious eavesdroppers. Homomorphic encryption technique could be used to protect data privacy…
Data is the foundation of any scientific, industrial or commercial process. Its journey typically flows from collection to transport, storage, management and processing. While best practices and regulations guide data management and…
The increasing adoption of Cloud-based data processing and storage poses a number of privacy issues. Users wish to preserve full control over their sensitive data and cannot accept it to be fully accessible to an external storage provider.…