Accountability and Security in the Cloud

Volume 8937 of the series Lecture Notes in Computer Science pp 81-113


HCI Requirements for Transparency and Accountability Tools for Cloud Service Chains

  • Simone Fischer-HübnerAffiliated withKarlstad University Email author 
  • , John Sören PetterssonAffiliated withKarlstad University
  • , Julio AnguloAffiliated withKarlstad University

* Final gross prices may vary according to local VAT.

Get Access


This paper elaborates HCI (Human-Computer Interaction) requirements for making cloud data protection tools comprehensible and trustworthy. The requirements and corresponding user interface design principles are derived from our research and review work conducted to address in particular the following HCI challenges: How can the users be guided to better comprehend the flow and traces of data on the Internet and in the cloud? How can individual end users be supported to do better informed decisions on how their data can be used by cloud providers or others? How can the legal privacy principle of transparency and accountability be enforced by the user interfaces of cloud inspection tools? How can the user interfaces help users to reassess their trust/distrust in services? The research methods that we have used comprise stakeholder workshops, focus groups, controlled experiments, usability tests as well as literature and law reviews. The derived requirements and principles are grouped into the following functional categories: (1) ex-ante transparency, (2) exercising data subject rights, (3) obtaining consent, (4) privacy preference management, (5) privacy policy management, (6) ex-post transparency, (7) audit configuration, (8) access control management, and (9) privacy risk assessment. This broad categorization makes our results accessible and applicable for any developer within the field of usable privacy and transparency-enhancing technologies for cloud service chains.


Usable privacy HCI requirements Cloud service Transparency Accountability