Skip to main content
Springer Nature Link
Log in

Inferring Accountability from Trust Perceptions

  • Conference paper
Information Systems Security (ICISS 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8880))

Included in the following conference series:

  • 1269 Accesses

Abstract

Opaque communications between groups of data processors leave individuals out of touch with the circulation and use of their personal information. Empowering individuals in this regard requires supplying them — or auditors on their behalf — with clear data handling guarantees. We introduce an inference model providing individuals with global (organization-wide) accountability guarantees which take into account user expectations and varying levels of usage evidence, such as data handling logs. Our model is implemented in the IDP knowledge base system and demonstrated with the scenario of a surveillance infrastructure used by a railroad company. We show that it is flexible enough to be adapted to any use case involving communicating stakeholders for which a trust hierarchy is defined. Via auditors acting for them, individuals can obtain global accountability guarantees, providing them with a trust-dependent synthesis of declared and proven data handling practices for an entire organization.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. PrivAcy pReserving Infrastructure for Surveillance (PARIS), http://www.paris-project.org

  2. Bella, G., Paulson, L.C.: Accountability Protocols: Formalized and Verified. ACM Trans. Inf. Syst. Secur. 9(2), 138–161 (2006)

    Article  Google Scholar 

  3. Bellare, M., Yee, B.S.: Forward Integrity for Secure Audit Logs. Tech. rep., University of California at San Diego (1997)

    Google Scholar 

  4. Butin, D., Chicote, M., Le Métayer, D.: Log Design for Accountability. In: 2013 IEEE Security & Privacy Workshop on Data Usage Management, pp. 1–7. IEEE Computer Society (2013)

    Google Scholar 

  5. Butin, D., Le Métayer, D.: Log Analysis for Data Protection Accountability. In: Jones, C., Pihlajasaari, P., Sun, J. (eds.) FM 2014. LNCS, vol. 8442, pp. 163–178. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  6. Bennett, C.J.: Implementing Privacy Codes of Practice. Canadian Standards Association (1995)

    Google Scholar 

  7. De Hert, P.: Accountability and System Responsibility: New Concepts in Data Protection Law and Human Rights Law. In: Managing Privacy through Accountability, pp. 193–232. Palgrave Macmillan (2012)

    Google Scholar 

  8. De Pooter, S., Wittocx, J., Denecker, M.: A Prototype of a Knowledge-based Programming Environment. In: Proceedings of the 19th International Conference on Applications of Declarative Programming and Knowledge Management (INAP 2011), pp. 191–196 (2011)

    Google Scholar 

  9. Decroix, K., Lapon, J., De Decker, B., Naessens, V.: A Formal Approach for Inspecting Privacy and Trust in Advanced Electronic Services. In: Jürjens, J., Livshits, B., Scandariato, R. (eds.) ESSoS 2013. LNCS, vol. 7781, pp. 155–170. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  10. Decroix, K., Lapon, J., De Decker, B., Naessens, V.: A Framework for Formal Reasoning about Privacy Properties Based on Trust Relationships in Complex Electronic Services. In: Bagchi, A., Ray, I. (eds.) ICISS 2013. LNCS, vol. 8303, pp. 106–120. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  11. Denecker, M.: A Knowledge Base System Project for FO(.). In: Hill, P.M., Warren, D.S. (eds.) ICLP 2009. LNCS, vol. 5649, p. 22. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  12. European Commission: Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), inofficial consolidated version after LIBE committee vote (2013)

    Google Scholar 

  13. Gebser, M., Kaufmann, B., Schaub, T.: Conflict-Driven Answer Set Solving: From Theory to Practice. Artif. Intell. 187, 52–89 (2012)

    Article  MathSciNet  Google Scholar 

  14. Guagnin, D., Hempel, L., Ilten, C.: Managing Privacy Through Accountability. Palgrave Macmillan (2012)

    Google Scholar 

  15. Haeberlen, A.: A Case for the Accountable Cloud. Operating Systems Review 44(2), 52–57 (2010)

    Article  Google Scholar 

  16. The IDP system (2014), http://dtai.cs.kuleuven.be/krr/idp

  17. KRR Software: IDP examples (2014), http://dtai.cs.kuleuven.be/krr/software/idp-examples

  18. Ierusalimschy, R., de Figueiredo, L.H., Celes, W.: Lua – an extensible extension language. Software: Practice and Experience 26(6), 635–652 (1996)

    Google Scholar 

  19. Jackson, D.: Alloy: A Lightweight Object Modelling Notation. ACM Transactions on Software Engineering and Methodology (TOSEM 2002) 11(2), 256–290 (2002)

    Article  Google Scholar 

  20. Jackson, D.: Alloy: a language & tool for relational models (2012), http://alloy.mit.edu/alloy/

  21. Lee, L., Grimson, W.E.L.: Gait Analysis for Recognition and Classification. In: IEEE International Conference on Automatic Face and Gesture Recognition, pp. 148–155 (2002)

    Google Scholar 

  22. Leone, N., Pfeifer, G., Faber, W., Eiter, T., Gottlob, G., Perri, S., Scarcello, F.: The DLV system for knowledge representation and reasoning. ACM Trans. Comput. Log. 7(3), 499–562 (2006)

    Article  MathSciNet  Google Scholar 

  23. Mecocci, A., Pannozzo, M., Fumarola, A.: Automatic detection of anomalous behavioural events for advanced real-time video surveillance. In: IEEE International Symposium on Computational Intelligence for Measurement Systems and Applications (CIMSA 2003), pp. 187–192 (2003)

    Google Scholar 

  24. Organisation for Economic Co-operation and Development: OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (1980)

    Google Scholar 

  25. Raab, C.: The Meaning of ‘Accountability’ in the Information Privacy Context. In: Managing Privacy through Accountability, pp. 15–32. Palgrave Macmillan (2012)

    Google Scholar 

  26. Van Gelder, A., Ross, K.A., Schlipf, J.S.: The Well-Founded Semantics for General Logic Programs. Journal of the ACM 38(3), 620–650 (1991)

    Article  MATH  MathSciNet  Google Scholar 

  27. Viola, P., Jones, M.: Robust Real-Time Face Detection. International Journal of Computer Vision 57(2), 137–154 (2004)

    Article  Google Scholar 

  28. Weitzner, D.J., Abelson, H., Berners-Lee, T., Feigenbaum, J., Hendler, J., Sussman, G.J.: Information accountability. Commun. ACM 51(6), 82–87 (2008)

    Article  Google Scholar 

  29. Wittocx, J., Mariën, M., Denecker, M.: The IDP system: A model expansion system for an extension of classical logic. In: Denecker, M. (ed.) Proceedings of the 2nd Workshop on Logic and Search, Logic and Search, pp. 153–165. ACCO (2008)

    Google Scholar 

  30. Wright, D., de Hert, P.: Introduction to Privacy Impact Assessment. In: Wright, D., Hert, P. (eds.) Privacy Impact Assessment, pp. 3–32. Springer (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Technology Campus Ghent, Department of Computer Science, KU Leuven, Gebroeders Desmetstraat 1, 9000, Ghent, Belgium

    Koen Decroix & Vincent Naessens

  2. Inria, Université de Lyon, France

    Denis Butin

  3. Department of Computer Science, KU Leuven, Belgium

    Joachim Jansen

Authors
  1. Koen Decroix
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Denis Butin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Joachim Jansen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Vincent Naessens
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of EECS, University of Michigan, 48109-2121, Ann Arbor, MI, USA

    Atul Prakash

  2. Faculty of Technology and Computer Science, Tata Institute of Fundamental Research, Homi Bhabha Road, 400005, Mumbai, India

    Rudrapatna Shyamasundar

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Decroix, K., Butin, D., Jansen, J., Naessens, V. (2014). Inferring Accountability from Trust Perceptions. In: Prakash, A., Shyamasundar, R. (eds) Information Systems Security. ICISS 2014. Lecture Notes in Computer Science, vol 8880. Springer, Cham. https://doi.org/10.1007/978-3-319-13841-1_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-13841-1_5

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-13840-4

  • Online ISBN: 978-3-319-13841-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics