Abstract
Security protocols usually describe how honest agents behave, and one proves some security goals to hold even in the presence of an intruder who just does whatever he is capable of where cryptography alone does not provide sufficient protection, accountability can help as a deterrent for the intruder, because his actions may be detected and he could be punished. The novelty of this work is to model actually all three branches of government that are relevant here. First, instead of protocols we have a legal system that defines which actions are legal. Second, we have the police that may detect some crimes and collect evidence. Third, we have a justice system that evaluates evidence, can subpoena participants, and finally may convict players. The broad definition of a legal system allows us to avoid defining all protocols that honest participants may engage in. Rather we describe players (no matter if honest or dishonest) who may do anything that is legal and who can do anything except breaking the cryptography.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
In fact, for properties \(\phi \) one must choose a language with a formal semantics, in particular formalizing implication from \(\phi '\) to \(\phi \), and this implication must be efficiently decidable. An simple example could be attribute value pairs with selective disclosure and comparison of attributes, e.g. “at least 66.6 years of age”.
- 2.
One could make additional clauses that define it to be illegal, if A does not know \(\mathsf {inv}( PK ')\), but it would put a legal requirement on A never to lose old keys (and if A is using here a key that is already legally bound to somebody else, then A is already punishable according to §2). Further one could define it as illegal if A here asks for a \(\phi \) that is not implied by \(\phi '\). However, since every broker is obliged by §6 to check that, this is not necessary. In fact, one may argue that it could be counter-productive if it were illegal to ask for attestation of properties one does not have; a server could rely on the fact they are “off the hook” once a user asks for a wrong property.
- 3.
In general, one could model transactions that represent the behavior of more than one player performed collaboratively. This then needs to be decoupled according to the choices each player makes.
- 4.
Note that our legal system does not even regulate how the exchange between a player and a broker to obtain a credential is organized: this may be transmitted over a TLS channel or even clear text, either way can be done in a legal way.
References
Alhadeff, J., Van Alsenoy, B., Dumortier, J.: The accountability principle in data protection regulation: origin, development and future directions. In: Guagnin, D., Hempel, L., Ilten, C., Kroener, I., Neyland, D., Postigo, H. (eds.) Managing Privacy through Accountability, pp. 49–82. Palgrave Macmillan UK, London (2012). https://doi.org/10.1057/9781137032225_4
Basin, D., Caronni, G., Ereth, S., Harvan, M., Klaedtke, F., Mantel, H.: Scalable offline monitoring. In: Bonakdarpour, B., Smolka, S.A. (eds.) RV 2014. LNCS, vol. 8734, pp. 31–47. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11164-3_4
Bella, G., Paulson, L.C.: Accountability protocols: formalized and verified. ACM Trans. Inf. Syst. Secur. (TISSEC) 9(2), 138–161 (2006)
Bruni, A., Giustolisi, R., Schürmann, C.: Automated analysis of accountability. In: Nguyen, P.Q., Zhou, J. (eds.) ISC 2017. vol. 10599, pp. 417–434. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69659-1_23
Cavoukian, A., Taylor, S., Abrams, M.E.: Privacy by design: essential for organizational accountability and strong business practices. Identity Inf. Soc. 3(2), 405–413 (2010)
Cederquist, J., Conn, R., Dekker, M., Etalle, S., Den Hartog, J.: An audit logic for accountability. In: Sixth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2005), pp. 34–43. IEEE (2005)
Corin, R., Etalle, S., den Hartog, J., Lenzini, G., Staicu, I.: A logic for auditing accountability in decentralized systems. In: Dimitrakos, T., Martinelli, F. (eds.) Formal Aspects in Security and Trust. IIFIP, vol. 173, pp. 187–201. Springer, Boston (2005). https://doi.org/10.1007/0-387-24098-5_14
Falcone, Y., Krstić, S., Reger, G., Traytel, D.: A taxonomy for classifying runtime verification tools. Int. J. Softw. Tools Technol. Transfer 23(2), 255–284 (2021). https://doi.org/10.1007/s10009-021-00609-z
Feigenbaum, J., Jaggard, A.D., Wright, R.N.: Towards a formal model of accountability. In: Proceedings of the 2011 New security paradigms workshop, pp. 45–56 (2011)
Graf, M., Küsters, R., Rausch, D.: Accountability in a permissioned blockchain: Formal analysis of hyperledger fabric. In: EuroS&P, IEEE (2020)
Kanovich, M., Kirigin, T.B., Nigam, V., Scedrov, A., Talcott, C., Perovic, R.: A rewriting framework and logic for activities subject to regulations. Math. Struct. Comput. Sci. 27(3), 332–375 (2017)
Künnemann, R., Garg, D., Backes, M.: Accountability in the decentralised-adversary setting. In: 2021 IEEE 34th Computer Security Foundations Symposium (CSF), pp. 95–110. IEEE Computer Society (2021)
Küsters, R., Truderung, T., Vogt, A.: Accountability: definition and relationship to verifiability. In: Proceedings of the 17th ACM conference on Computer and Communications Security, pp. 526–535 (2010)
Lampson, B.: Privacy and security usable security: how to get it. Commun. ACM 52(11), 25–27 (2009)
Popp, W.: Workflow-aware access control and accountability in IoT workflows, master Thesis, Uni Passau (2020)
Schneider, J., Basin, D., Brix, F., Krstić, S., Traytel, D.: Scalable online first-order monitoring. Int. J. Softw. Tools Technol. Transfer 23(2), 185–208 (2021). https://doi.org/10.1007/s10009-021-00607-1
Weitzner, D.J., Abelson, H., Berners-Lee, T., Feigenbaum, J., Hendler, J., Sussman, G.J.: Information accountability. Commun. ACM 51(6), 82–87 (2008)
Acknowledgements
This paper was inspired by discussions with Omar Almousa, Bud Brügger, and Max Tuengerthal. This work has been supported by the EU H2020-SU-ICT-03-2018 Project No. 830929 CyberSec4Europe (https://www.cybersec4europe.eu).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Mödersheim, S., Cuellar, J. (2021). Three Branches of Accountability. In: Dougherty, D., Meseguer, J., Mödersheim, S.A., Rowe, P. (eds) Protocols, Strands, and Logic. Lecture Notes in Computer Science(), vol 13066. Springer, Cham. https://doi.org/10.1007/978-3-030-91631-2_16
Download citation
DOI: https://doi.org/10.1007/978-3-030-91631-2_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-91630-5
Online ISBN: 978-3-030-91631-2
eBook Packages: Computer ScienceComputer Science (R0)