Towards a theory of accountability and audit

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 5789 LNCS, Issue , 2009, Pages 152-167

  Jagadeesan, Radha ^a   Jeffrey, Alan ^b   Pitcher, Corin ^a   Riely, James ^a  

^a DEPAUL UNIVERSITY   (United States)

^b LUCENT TECHNOLOGIES   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ACCOUNTABILITY SYSTEMS; AFTER-THE-FACT; AUDIT PROTOCOL; AUTHORIZATION POLICY; COMMUNICATION INFRASTRUCTURE; DISTRIBUTED SYSTEMS; FORMAL FOUNDATION; OPERATIONAL MODEL;

SECURITY SYSTEMS;

EID: 70350381139     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-04444-1_10     Document Type: Conference Paper

References (30)

1. Abadi, M., Birrell, A., Wobber, T.: Access control in a world of software diversity. In: Proc. of the Tenth workshop on Hot Topics in Operating Systems (2005), http://www.usenix.org/events/hotos05/
2. Alur, R., Henzinger, T., Kupferman, O.: Alternating time temporal logic. Journal of ACM 49, 672-713 (2002)
3. Anagnostopoulos, A., Goodrich, M.T., Tamassia, R.: Persistent authenticated dictionaries and their applications. In: Davida, G.I., Frankel, Y. (eds.) ISC 2001. LNCS, vol. 2200, pp. 379-393. Springer, Heidelberg (2001)
4. Andersen, D.G., Balakrishnan, H., Feamster, N., Koponen, T., Moon, D., Shenker, S.: Accountable Internet Protocol (AIP). In: SIGCOMM, pp. 339-350. ACM Press, New York (2008)
5. Argyraki, K., Maniatis, P., Irzak, O., Shenker, S.: An accountability interface for the Internet. In: Proceedings of the 14th IEEE International Conference on Network Protocols (2007)
6. Barth, A., Mitchell, J.C., Datta, A., Sundaram, S.: Privacy and utility in business processes. In: CSF, pp. 279-294. IEEE Computer Society, Los Alamitos (2007)
7. Brookes, S.D., Hoare, C.A.R., Roscoe, A.W.: A theory of communicating sequential processes. J. ACM 31(3), 560-599 (1984)
8. Buldas, A., Laud, P., Lipmaa, H.: Accountable certificate management using undeniable attestations. In: ACM Conference on Computer and Communications Security, pp. 9-17 (2000)
9. Calandrino, J.A., Halderman, J.A., Felten, E.W.: Machine-assisted election auditing. In: EVT 2007: Proceedings of the USENIXWorkshop on Accurate Electronic Voting Technology, p. 9. USENIX Association (2007)
10. Cederquist, J.G., Corin, R., Dekker, M.A.C., Etalle, S., den Hartog, J.I.: An audit logic for accountability. In: POLICY, pp. 34-43. IEEE Computer Society Press, Los Alamitos (2005)
11. Cederquist, J.G., Corin, R., Dekker, M.A.C., Etalle, S., den Hartog, J.I., Lenzini, G.: Audit-based compliance control. Int. J. Inf. Sec. 6(2-3), 133-151 (2007)
12. Cirillo, A., Jagadeesan, R., Pitcher, C., Riely, J.: TAPIDO: Trust and authorization via provenance and integrity in distributed objects (extended abstract). In: Drossopoulou, S. (ed.) ESOP 2008. LNCS, vol. 4960, pp. 208-223. Springer, Heidelberg (2008)
13. Eriksén, S.: Designing for accountability. In: Proceedings of the second Nordic conference on Human-computer interaction, pp. 177-186 (2002)
14. Etalle, S.,Winsborough, W.H.: A posteriori compliance control. In: SACMAT, pp. 11-20. ACM, New York (2007)
15. Ferraiolo, D.F., Kuhn, D.R., Chandramouli, R.: Role-Based Access Control. Computer Security Series. Artech House (2003)
16. Fournet, C., Gordon, A.D., Maffeis, S.: A type discipline for authorization policies. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 141-156. Springer, Heidelberg (2005)
17. Fournet, C., Guts, N., Nardelli, F.Z.: A formal implementation of value commitment. In: Drossopoulou, S. (ed.) ESOP 2008. LNCS, vol. 4960, pp. 383-397. Springer, Heidelberg (2008)
18. Friedman, B., Grudin, J.: Trust and accountability: preserving human values in interactional experience. In: CHI 1998: CHI 1998 conference summary on Human factors in computing systems, p. 213. ACM, New York (1998)
19. Haeberlen, A., Kouznetsov, P., Druschel, P.: PeerReview: practical accountability for distributed systems. In: Proceedings of 21st ACM SIGOPS symposium on Operating systems principles, pp. 175-188. ACM, New York (2007)
20. Halpern, J.Y.,Weissman, V.: Using first-order logic to reason about policies. In: CSFW, pp. 118-130 (2003)
21. Hennessy, M., Regan, T.: A process algebra for timed systems. Inf. Comput. 117(2), 221-239 (1995)
22. Lampson, B.W.: Computer security in the real world. IEEE Computer 37(6), 37-46 (2004)
23. Li, N., Mitchell, J.C.: A role-based trust-management framework. In: DISCEX (1), p. 201. IEEE Computer Society Press, Los Alamitos (2003)
24. Lynch, N.A.: Input/output automata: Basic, timed, hybrid, probabilistic, dynamic,.. In: Amadio, R.M., Lugiez, D. (eds.) CONCUR 2003. LNCS, vol. 2761, pp. 187-188. Springer, Heidelberg (2003)
25. Maniatis, P., Baker, M.: Secure history preservation through timeline entanglement. In: USENIX Security Symposium, pp. 297-312. USENIX (2002)
26. Schneider, F.B.: Enforceable security policies. Information and System Security 3(1), 30-50 (2000)
27. Vaughan, J.A., Jia, L., Mazurak, K., Zdancewic, S.: Evidence-based audit. In: CSF, pp. 177-191. IEEE Computer Society, Los Alamitos (2008)
28. Weitzner, D.J., Abelson, H., Berners-Lee, T., Feigenbaum, J., Hendler, J., Sussman, G.J.: Information accountability. Technical Report MIT-CSAIL-TR-2007-034, MIT (June 2007), http://hdl.handle.net/1721.1/37600
29. Yumerefendi, A.R., Chase, J.S.: Trust but verify: accountability for network services. In: EW11: Proceedings of the 11th workshop on ACM SIGOPS European workshop, p. 37. ACM, New York (2004)
30. Yumerefendi, A.R., Chase, J.S.: Strong accountability for network storage. Trans. Storage 3(3), 11 (2007)