Abstract
Data-accountability encompasses responsibility for data and the traceability of data flows. This is becoming increasingly important for Socio-Technical Systems (STS). Determining root causes for unwanted events after their occurrence is often not possible, e.g. because of missing logs. A better traceability of root causes can be supported by the integration of accountability mechanisms at design time.
We contribute a structured method for designing an accountability architecture for STS at design time. Therefore, we propose the elicitation of accountability goals to answer why an unwanted event happened and who is responsible for it. We also identify four different interaction types in STS. Additionally, we derive accountability graphs from a generic accountability model for STS that serve as a baseline for designing accountability mechanisms for all relevant entities in an STS. The resulting architecture is adjusted to legal requirements, regulations and contracts. We demonstrate the applicability of our approach with an eHealth case study.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Network of Excellence on Engineering Secure Future Internet Software Services and Systems (NESSoS), http://www.nessos-project.eu, last access on 03/23/2016.
- 2.
Note: We will address the inclusion of further laws and resolving conflicts between them in the future and focus in this paper exclusively on the BDSG.
References
Trist, E.L.: The evolution of socio-technical systems : a conceptual framework and an action research program. Ontario Quality of Working Life Centre On cover: Issues in the quality of working life : a series of occasional papers, no. 2 (1981)
Bonazzi, R., Hussami, L., Pigneur, Y.: Compliance management is becoming a major issue in is design. In: Information Systems: People, Organizations, Institutions, and Technologies: ItAIS: The Italian Association for Information Systems, pp. 391–398. Physica-Verlag HD, Heidelberg (2010)
Feigenbaum, J., Jaggard, A.D., Wright, R.N.: Towards a formal model of accountability. In: Proceedings of the 2011 Workshop on New Security Paradigms Workshop, NSPW 2011, pp. 45–56. ACM, New York (2011)
Weitzner, D.J., Abelson, H., Berners-Lee, T., Feigenbaum, J., Hendler, J., Sussman, G.J.: Information accountability. Commun. ACM 51(6), 82–87 (2008)
Banks, D.L.: The health insurance portability and accountability act: does it live up to the promise? J. Med. Syst. 30(1), 45–50 (2006)
Weill, P., Ross, J.: IT Governance: How Top Performers Manage IT Decision Rights for Superior Results. Harvard Business School Press, Boston (2004)
Khatri, V., Brown, C.V.: Designing data governance. Commun. ACM 53(1), 148–152 (2010)
Buneman, P., Khanna, S., Tan, W.-C.: Why and where: a characterization of data provenance. In: Van den Bussche, J., Vianu, V. (eds.) ICDT 2001. LNCS, vol. 1973, pp. 316–330. Springer, Heidelberg (2000)
Bechtold, S., Perrig, A.: Accountability in future internet architectures. Commun. ACM 57(9), 21–23 (2014)
Gössler, G., Le Métayer, D.: A general trace-based framework of logical causality. In: Fiadeiro, J.L., Liu, Z., Xue, J. (eds.) FACS 2013. LNCS, vol. 8348, pp. 157–173. Springer, Heidelberg (2014)
Halpern, J.Y., Pearl, J.: Causes and explanations: a structural-model approach – part 1: Causes. CoRR abs/1301.2275 (2013)
Eriksén, S.: Designing for accountability. In: NordiCHI 2002: Proceedings of the Second Nordic Conference on Human-Computer Interaction, pp. 177–186. ACM, New York (2002)
Gajanayake, R., Iannella, R., Sahama, T.: Sharing with care: an information accountability perspective. IEEE Internet Comput. 15(4), 31–38 (2011)
Gajanayake, R., Sahama, T., Iannella, R.: Principles of information accountability: an ehealth perspective. Int. J. E-Health Med. Commun. 5(3), 40–57 (2014)
Lankhorst, M.: Enterprise Architecture at Work: Modelling, Communication, and Analysis, 1st edn. Springer-Verlag New York Inc., New York (2005)
Jonkers, H., Lankhorst, M., Buuren, R.V., Bonsangue, M., Torre, L.V.D.: Concepts for modeling enterprise architectures. Int. J. Coop. Inf. Syst. 13, 257–287 (2004)
Waltl, B., Reschenhofer, T., Matthes, F.: Data governance on ea information assets: logical reasoning for derived data. In: Persson, A., Stirna, J. (eds.) CAiSE 2015 Workshops. LNBIP, vol. 215, pp. 401–412. Springer, Heidelberg (2015)
Acknowledgments
This work is part of TUM Living Lab Connected Mobility (TUM LLCM) project and has been funded by the Bayerisches Staatsministerium für Wirtschaft und Medien, Energie und Technologie (StMWi).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Beckers, K., Landthaler, J., Matthes, F., Pretschner, A., Waltl, B. (2016). Data Accountability in Socio-Technical Systems. In: Schmidt, R., Guédria, W., Bider, I., Guerreiro, S. (eds) Enterprise, Business-Process and Information Systems Modeling. BPMDS EMMSAD 2016 2016. Lecture Notes in Business Information Processing, vol 248. Springer, Cham. https://doi.org/10.1007/978-3-319-39429-9_21
Download citation
DOI: https://doi.org/10.1007/978-3-319-39429-9_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-39428-2
Online ISBN: 978-3-319-39429-9
eBook Packages: Business and ManagementBusiness and Management (R0)