Towards a formal model of accountability

Authors:
Joan Feigenbaum;Aaron D. Jaggard;Rebecca N. Wright
Affiliations:
Yale University, New Haven, CT, USA;Colgate University & Rutgers University, Hamilton, NY, USA;Rutgers University, New Brunswick, NJ, USA
Venue:
Proceedings of the 2011 workshop on New security paradigms workshop
Year:
2011

Citing 10
Cited 2

An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation

EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Accountability protocols: Formalized and verified

ACM Transactions on Information and System Security (TISSEC)
Endorsed E-Cash

SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Blacklistable anonymous credentials: blocking misbehaving users without ttps

Proceedings of the 14th ACM conference on Computer and communications security
Information accountability

Communications of the ACM - Organic user interfaces
Accountable internet protocol (aip)

Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Privacy and security: Usable security: how to get it

Communications of the ACM - Scratch Programming for All
Towards a theory of accountability and audit

ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Dissent: accountable anonymous group messaging

Proceedings of the 17th ACM conference on Computer and communications security
Accountability: definition and relationship to verifiability

Proceedings of the 17th ACM conference on Computer and communications security

Privacy, Anonymity, and Accountability in Ad-Supported Services

LICS '12 Proceedings of the 2012 27th Annual IEEE/ACM Symposium on Logic in Computer Science
Modelling legitimate expectations

JSAI-isAI'12 Proceedings of the 2012 international conference on New Frontiers in Artificial Intelligence

Quantified Score

Hi-index	0.00

Visualization

Abstract

We propose a focus on accountability as a mechanism for ensuring security in information systems. To that end, we present a formal definition of it accountability in information systems. Our definition is more general and potentially more widely applicable than the accountability notions that have previously appeared in the security literature. In particular, we treat in a unified manner scenarios in which accountability is enforced automatically and those in which enforcement must be mediated by an authority; similarly, our formalism includes scenarios in which the parties who are held accountable can remain anonymous and those in which they must be identified by the authorities to whom they are accountable. Essential elements of our formalism include event traces and it utility functions and the use of these to define punishment and related notions.