Computer Security – ESORICS 2009

Volume 5789 of the series Lecture Notes in Computer Science pp 168-183

Reliable Evidence: Auditability by Typing

  • Nataliya GutsAffiliated withLancaster UniversityMSR-INRIA Joint Centre
  • , Cédric FournetAffiliated withLancaster UniversityMSR-INRIA Joint CentreMicrosoft Research
  • , Francesco Zappa NardelliAffiliated withLancaster UniversityCarnegie Mellon UniversityMSR-INRIA Joint CentreINRIA

* Final gross prices may vary according to local VAT.

Get Access


Many protocols rely on audit trails to allow an impartial judge to verify a posteriori some property of a protocol run. However, in current practice the choice of what data to log is left to the programmer’s intuition, and there is no guarantee that it constitutes enough evidence. We give a precise definition of auditability and we show how typechecking can be used to statically verify that a protocol always logs enough evidence. We apply our approach to several examples, including a full-scale auction-like protocol programmed in ML.