Skip to main content

Inferring Accountability from Trust Perceptions

  • Conference paper
  • 1117 Accesses

Part of the Lecture Notes in Computer Science book series (LNSC,volume 8880)

Abstract

Opaque communications between groups of data processors leave individuals out of touch with the circulation and use of their personal information. Empowering individuals in this regard requires supplying them — or auditors on their behalf — with clear data handling guarantees. We introduce an inference model providing individuals with global (organization-wide) accountability guarantees which take into account user expectations and varying levels of usage evidence, such as data handling logs. Our model is implemented in the IDP knowledge base system and demonstrated with the scenario of a surveillance infrastructure used by a railroad company. We show that it is flexible enough to be adapted to any use case involving communicating stakeholders for which a trust hierarchy is defined. Via auditors acting for them, individuals can obtain global accountability guarantees, providing them with a trust-dependent synthesis of declared and proven data handling practices for an entire organization.

Keywords

  • Accountability
  • IDP
  • Trust
  • Privacy
  • Surveillance

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-13841-1_5
  • Chapter length: 20 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   69.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-13841-1
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   89.99
Price excludes VAT (USA)

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. PrivAcy pReserving Infrastructure for Surveillance (PARIS), http://www.paris-project.org

  2. Bella, G., Paulson, L.C.: Accountability Protocols: Formalized and Verified. ACM Trans. Inf. Syst. Secur. 9(2), 138–161 (2006)

    CrossRef  Google Scholar 

  3. Bellare, M., Yee, B.S.: Forward Integrity for Secure Audit Logs. Tech. rep., University of California at San Diego (1997)

    Google Scholar 

  4. Butin, D., Chicote, M., Le Métayer, D.: Log Design for Accountability. In: 2013 IEEE Security & Privacy Workshop on Data Usage Management, pp. 1–7. IEEE Computer Society (2013)

    Google Scholar 

  5. Butin, D., Le Métayer, D.: Log Analysis for Data Protection Accountability. In: Jones, C., Pihlajasaari, P., Sun, J. (eds.) FM 2014. LNCS, vol. 8442, pp. 163–178. Springer, Heidelberg (2014)

    CrossRef  Google Scholar 

  6. Bennett, C.J.: Implementing Privacy Codes of Practice. Canadian Standards Association (1995)

    Google Scholar 

  7. De Hert, P.: Accountability and System Responsibility: New Concepts in Data Protection Law and Human Rights Law. In: Managing Privacy through Accountability, pp. 193–232. Palgrave Macmillan (2012)

    Google Scholar 

  8. De Pooter, S., Wittocx, J., Denecker, M.: A Prototype of a Knowledge-based Programming Environment. In: Proceedings of the 19th International Conference on Applications of Declarative Programming and Knowledge Management (INAP 2011), pp. 191–196 (2011)

    Google Scholar 

  9. Decroix, K., Lapon, J., De Decker, B., Naessens, V.: A Formal Approach for Inspecting Privacy and Trust in Advanced Electronic Services. In: Jürjens, J., Livshits, B., Scandariato, R. (eds.) ESSoS 2013. LNCS, vol. 7781, pp. 155–170. Springer, Heidelberg (2013)

    CrossRef  Google Scholar 

  10. Decroix, K., Lapon, J., De Decker, B., Naessens, V.: A Framework for Formal Reasoning about Privacy Properties Based on Trust Relationships in Complex Electronic Services. In: Bagchi, A., Ray, I. (eds.) ICISS 2013. LNCS, vol. 8303, pp. 106–120. Springer, Heidelberg (2013)

    CrossRef  Google Scholar 

  11. Denecker, M.: A Knowledge Base System Project for FO(.). In: Hill, P.M., Warren, D.S. (eds.) ICLP 2009. LNCS, vol. 5649, p. 22. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  12. European Commission: Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), inofficial consolidated version after LIBE committee vote (2013)

    Google Scholar 

  13. Gebser, M., Kaufmann, B., Schaub, T.: Conflict-Driven Answer Set Solving: From Theory to Practice. Artif. Intell. 187, 52–89 (2012)

    CrossRef  MathSciNet  Google Scholar 

  14. Guagnin, D., Hempel, L., Ilten, C.: Managing Privacy Through Accountability. Palgrave Macmillan (2012)

    Google Scholar 

  15. Haeberlen, A.: A Case for the Accountable Cloud. Operating Systems Review 44(2), 52–57 (2010)

    CrossRef  Google Scholar 

  16. The IDP system (2014), http://dtai.cs.kuleuven.be/krr/idp

  17. KRR Software: IDP examples (2014), http://dtai.cs.kuleuven.be/krr/software/idp-examples

  18. Ierusalimschy, R., de Figueiredo, L.H., Celes, W.: Lua – an extensible extension language. Software: Practice and Experience 26(6), 635–652 (1996)

    Google Scholar 

  19. Jackson, D.: Alloy: A Lightweight Object Modelling Notation. ACM Transactions on Software Engineering and Methodology (TOSEM 2002) 11(2), 256–290 (2002)

    CrossRef  Google Scholar 

  20. Jackson, D.: Alloy: a language & tool for relational models (2012), http://alloy.mit.edu/alloy/

  21. Lee, L., Grimson, W.E.L.: Gait Analysis for Recognition and Classification. In: IEEE International Conference on Automatic Face and Gesture Recognition, pp. 148–155 (2002)

    Google Scholar 

  22. Leone, N., Pfeifer, G., Faber, W., Eiter, T., Gottlob, G., Perri, S., Scarcello, F.: The DLV system for knowledge representation and reasoning. ACM Trans. Comput. Log. 7(3), 499–562 (2006)

    CrossRef  MathSciNet  Google Scholar 

  23. Mecocci, A., Pannozzo, M., Fumarola, A.: Automatic detection of anomalous behavioural events for advanced real-time video surveillance. In: IEEE International Symposium on Computational Intelligence for Measurement Systems and Applications (CIMSA 2003), pp. 187–192 (2003)

    Google Scholar 

  24. Organisation for Economic Co-operation and Development: OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (1980)

    Google Scholar 

  25. Raab, C.: The Meaning of ‘Accountability’ in the Information Privacy Context. In: Managing Privacy through Accountability, pp. 15–32. Palgrave Macmillan (2012)

    Google Scholar 

  26. Van Gelder, A., Ross, K.A., Schlipf, J.S.: The Well-Founded Semantics for General Logic Programs. Journal of the ACM 38(3), 620–650 (1991)

    CrossRef  MATH  MathSciNet  Google Scholar 

  27. Viola, P., Jones, M.: Robust Real-Time Face Detection. International Journal of Computer Vision 57(2), 137–154 (2004)

    CrossRef  Google Scholar 

  28. Weitzner, D.J., Abelson, H., Berners-Lee, T., Feigenbaum, J., Hendler, J., Sussman, G.J.: Information accountability. Commun. ACM 51(6), 82–87 (2008)

    CrossRef  Google Scholar 

  29. Wittocx, J., Mariën, M., Denecker, M.: The IDP system: A model expansion system for an extension of classical logic. In: Denecker, M. (ed.) Proceedings of the 2nd Workshop on Logic and Search, Logic and Search, pp. 153–165. ACCO (2008)

    Google Scholar 

  30. Wright, D., de Hert, P.: Introduction to Privacy Impact Assessment. In: Wright, D., Hert, P. (eds.) Privacy Impact Assessment, pp. 3–32. Springer (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Decroix, K., Butin, D., Jansen, J., Naessens, V. (2014). Inferring Accountability from Trust Perceptions. In: Prakash, A., Shyamasundar, R. (eds) Information Systems Security. ICISS 2014. Lecture Notes in Computer Science, vol 8880. Springer, Cham. https://doi.org/10.1007/978-3-319-13841-1_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-13841-1_5

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-13840-4

  • Online ISBN: 978-3-319-13841-1

  • eBook Packages: Computer ScienceComputer Science (R0)