| Title | Enforcing Corporate Governance's Internal Controls and Audit in the Cloud |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Vimercati, S. de Capitani di, Foresti, S., Paraboschi, S., Samarati, P. |
| Conference Name | 2020 IEEE 13th International Conference on Cloud Computing (CLOUD) |
| Date Published | oct |
| Keywords | auditing, business data processing, business organizations, cloud computing, cloud-based services, cloud-based solutions, compositionality, corporate governance, cryptography, data access, data privacy, data protection, Encryption, encryption audits, ICA functions, integrity guarantee, Internal Controls and Audit functions, internal controls and audit process, organizational aspects, Organizations, outsourcing, Predictive Metrics, privacy guarantee, process control, pubcrawl, Resiliency, security, security of data, Selective Encryption, Self-protection |
| Abstract | More and more organizations are today using the cloud for their business as a quite convenient alternative to in-house solutions for storing, processing, and managing data. Cloud-based solutions are then permeating almost all aspects of business organizations, resulting appealing also for functions that, already in-house, may result sensitive or security critical, and whose enforcement in the cloud requires then particular care. In this paper, we provide an approach for securely relying on cloud-based services for the enforcement of Internal Controls and Audit (ICA) functions for corporate governance. Our approach is based on the use of selective encryption and of tags to provide a level of self-protection to data and for enabling only authorized parties to access data and perform operations on them, providing privacy and integrity guarantees, as well as accountability and non-repudiation. |
| DOI | 10.1109/CLOUD49709.2020.00067 |
| Citation Key | vimercati_enforcing_2020 |
Enforcing Corporate Governance's Internal Controls and Audit in the Cloud